SMS Trojan Steals From Android Owners 168
siliconbits writes "A Trojan posing as a media player for Android smartphones automatically sends text messages to premium rate numbers, according to Kaspersky Lab. Company officials say the Trojan, dubbed Trojan-SMS.AndroidOS.FakePlayer.a, is the first of its kind for the Android platform, even though SMS Trojans are currently the most widespread type of malware on mobile phones."
Is this really a trojan? (Score:4, Informative)
Or does it tell you what it's gonna do beforehand?
If you install something that says "THIS WILL COST YOU MONEY", and it sends SMS that costs you money, how exactly is that a "trojan"?
Re:Is this really a trojan? (Score:5, Insightful)
Yes, the user must approve giving the 'Trojan' access to sending text messages, which is included under a big banner that says "Things that can cost you money". Of course, after the 40th or 50th app installed, no one reads them anymore and just clicks the OK button, but Android does notify you of what it's capable of, and even that requires you to check the install apps from other sources button.
Re: (Score:2)
I'm sure this CAN be done, but has it been? I like a free app as much as the next person, but if you're not going to take the time to read what the program is capable of and paid apps are safer - then why not just purchase the full version of something similar?
Re: (Score:3, Insightful)
Why not just take the literally 20 seconds to read what parts of the phone an app wants access to? Or at least the 5 seconds to make sure that there's nothing under the 'will cost you money' heading, unless it's an app where that makes sense (I think the only apps I have with entries under those headings are Google maps and Google voice, and both because they're allowed to initiate phone calls).
Re: (Score:3, Informative)
Re: (Score:2)
What if you want to install a music tool that sends SMS?
It would tell you it's going to send SMS, not that they will cost you money. SO while it's sending SMS info of the songs you listening to share playlists, it also sens SMS to places that charge?
I have never used SMS to do anything financial. I had it turned off after I got a bogus charge for ringtones. For th record, I create and put all my personalized ringtone directly on the phone. So for me, I was able to easily detect that charge.
In fact, that's a
Re: (Score:3, Insightful)
It would tell you it's going to send SMS, not that they will cost you money. SO while it's sending SMS info of the songs you listening to share playlists, it also sens SMS to places that charge?
On my phone, the category in the manifest is "Services that cost you money" (in big bold letters) and then under that, as an explanation, it says "directly call phone numbers, send SMS messages."
An application which has the ability to send SMS has the ability to cost you money because it could send SMS to premium-rate numbers or out of the country. Many people wouldn't think about this, and there's probably no easy way for Android to differentiate between regular SMS and premium-rate SMS.
Re: (Score:2)
there's probably no easy way for Android to differentiate between regular SMS and premium-rate SMS.
How about an option to only send SMS messages to numbers in your address book? Or an option to require approval for each new number that the app is allowed to send messages to? Or even just a restriction based on area codes? I'm not sure how it works in the USA, but in the UK you can easily tell from a phone number whether it's a premium rate number or and overseas number...
Re: (Score:2)
Sounds a lot like UAC, though. Good in theory, but might turn into people just approving messages to get on with whatever they were doing.
Re: (Score:2)
Or even just a restriction based on area codes?
In this era of number portability, an area code can no-longer be trusted to tell you where you are calling.
Re: (Score:2)
Re: (Score:2)
I have seen ads to text 90999 with the word Haiti in the body to donate the the Red Cross for example. I never have actually used one of those donation methods, but the "phone number," if you will, is only 5 digits rather than a full 10 (for North America). And the program could potentially send that message (if embedded into is programming) without additional user i
Re: (Score:2)
Exactly. The permissions system isn't some sort of panacea.
I mean, you could download an app that legitimately purports to send SMS or email messages as one of its functions. Like, say, a "social" RSS newsreader that exists to notify family and friends of interesting articles or stories.
You then approve it, give it access to your contacts and email and SMS, only to find out later on that it sends special "paid" messages like the one in the article.
Or spammed your entire contact list.
By approving the legitim
Re:Is this really a trojan? (Score:4, Insightful)
It's amazing how far folks are falling over themselves to defend this type of activity on the Android platform ("well it's their own fault" and "they should have read the warning"). I hate to break it to everyone, but most Android users are not geeks, nerds, or techies. They will do just as windows users have been doing for decades and click 'OK' when prompted. Such behavior should be expected and accounted for, or provisions made to protect end users in spite of themselves.
The difference here? There is no virus scan or malware blocker to save them.
Re: (Score:2)
Is it possible for an app to request access to the filesystem, then modify another existing app with a payload that makes it do all the dirty work? For example, take a legitimate and popular alternate phone/SMS app and modify it to call/SMS rogue numbers.
Re:Is this really a trojan? (Score:5, Informative)
No. Each Android app runs as a separate Linux userid [android.com]. Even if you give the app filesystem access, it can't write to files that belong to other apps, let alone rewrite the apps themselves.
Re: (Score:2)
No. Each Android app runs as a separate Linux userid [android.com]. Even if you give the app filesystem access, it can't write to files that belong to other apps, let alone rewrite the apps themselves.
That would all be fine and dandy if there were no SD cards formatted with FAT32 with no filesystem security, and things like "move apps to SD card" features on top of that. These are simply bad choices for security.
Re: (Score:2)
NO NO NO (Score:2)
FAT32 is still the logical choice, despite its security issues
Bill gates? Is that you?
Because at this point we all have seen when you design from the start for convenience OF THE DEVELOPER instead of security. The Windows world has been living with the consequences of that choice for decades now.
So now at the brink of a whole new wave of OS's, is not the time to repeat the mistakes of our virtual forefathers. Android could move apps into a smaller embedded filesystem in a file, but in no way should it o
Re: (Score:2)
Because at this point we all have seen when you design from the start for convenience OF THE DEVELOPER instead of security.
It's rather the convenience of the user, but as he is the one who actually has to buy a gadget this might be the right thing to do, even as you're right with the consequences.
Re: (Score:2)
My point, which I thought was pretty clear and even though it pains me greatly to say so, was that there isn't another file system that is as widely supported out of the box as FAT32. UFS? Nope. Ext2/3/4? Nope. ReiserFS? Nope. NTFS? Nope. ZFS? Nope. There is a *reason* FAT32 is the standard for removable mass storage, even though it really sucks (especi
Re: (Score:2)
Android could move apps into a smaller embedded filesystem in a file
This could have been an arguable compromise solution. The other part - where your data on FAT32 is still wide open (pics/video/logs/whatever apps store on it) - would remain. But at least this way you could have some apps (depending on sensitivity of their info) store their data on such encrypted partition-in-a-file.
Other advantages would be:
- you could grow/shrink partition and filesystem as needed automatically by OS or manually
- you could just copy one file from one SD card to another and have it automat
To the user it's the same (Score:2)
It's rather the convenience of the user
That's not so.
Because I already described how you would have the same exact functionality with an embedded file system in one large file on the DOS partition, where apps would go. That would be mounted and have proper security.
To the user everything works as it does now, it's just that underneath you can't have apps stored on an external partition infected by another app nearly as easily.
If you wanted to let users drag apps onto the removable storage you could still l
Read my post again, there is a solution (Score:2)
Yes, I read your sig. Which is why being willing to repeat the same mistakes really made me do a double-take.
There is a *reason* FAT32 is the standard for removable mass storage
Yes, I totally agree with that. It's utterly unreasonable at this point (probably forever sadly) for removable media to be anything but FAST 32.
I am saying apps don't have to sit naked upon that.
Perhaps I was not clear enough but I was envisioning a binary blob in the FAT 32 system, that was an EXt4 (or whatever) disk image. The sy
Re: (Score:2)
Perhaps I was not clear enough but I was envisioning a binary blob in the FAT 32 system, that was an EXt4 (or whatever) disk image.
Steve Jobs, is that you ;)
Seriously, that sounds like the reason why I can't just drag MP3s to an ipod from any OS without apple software. Its all about security, right? Personally I would take the risk and retain the hack-ability.
Read my post AGAIN (Score:2)
Seriously, that sounds like the reason why I can't just drag MP3s to an ipod from any OS without apple software. Its all about security, right? Personally I would take the risk and retain the hack-ability.
I'm not saying you place all files in there, just application binaries.
Even application writable directories could be on FAT; music would certainly stay there.
There's no reason you can't leave the SD card generally writable and useful, but still prevent applications from being hacked from within.
And the re
Yes, thank you (Score:2)
Finally someone that understands what I am proposing. The only tricky part would be mounting that virtual partition, that would probably require some serious coding somewhere in the Android filesystem to make that work...
Another cool thing is then you could use this support elsewhere - like a small encrypted data bundle for an application that only it could decode. So it would provide fringe benefits.
Re: (Score:2)
So I assume their navigators will in future use ext2/3 instead of FAT.
This option is open to any developer.
Re: (Score:2)
Re: (Score:2)
The drivers for the EXT3 partition could simply be on the SD card itself, in a FAT32 partition. Easy enough.
But there's other reasons to keep FAT32 around: It's supported by bloody almost every hardware device with a USB port. I keep some videos and MP3s on my Droid, and it's dead simple to plug it into the car stereo or the PS3 and play whatever it is that's on there, or straight into a modern TV to do the same sort of thing. These devices don't support EXT2/3.
And my friends don't want me fucking aroun
Re: (Score:3, Informative)
They dont. No MSC functionality what so ever. All communication with an Iphone is done through Itunes.
Android already uses a newer file system. The / is YAFFS2. Only /SDCARD is VFAT and this can be reformatted to
Re: (Score:2)
Do apps say that? I think an installed app would tell you what it access. Blue tooth, wifi, gps, music, sms. I dont' think it tells you it will secretly send SMSs to place that cost you money.
Re: (Score:3, Informative)
The manifest says, in big bold letters, that the app may cost you money by placing phone calls and sending SMS.
Re: (Score:2)
* GPS Location (fine)
* Network access
I also want to make it switch off during phone calls, and maybe keep the phone from sleeping:
* System tools
* Phone state and identity
Finally, wouldn't it be neato if it could save the overlays to the f
Re: (Score:2)
Speaking of which, on Android why does the very popular app "The Weather Channel" need "Services that cost you money: directly call phone numbers" because I sure don't see that functionality anywhere.
Re: (Score:2)
Re: (Score:2)
The culture of minimizing permissions hasn't really taken hold yet
I think this is the real answer ... how to foster a culture of scepticism and caution among users that will make apps declaring unnecessary permissions get shunned in the market place. I would start, if I was Google, by putting an incentive into the market itself: "safer" apps should receive a special marking. Perhaps even appear first in search results. It should be possible to lock the phone to only access "safe" apps (sort of parental control type feature). Not big things, but enough to persuade
Re:Is this really a trojan? (Score:4, Informative)
In all honesty, the way Android reports what an application uses is way too weak and not granular enough. Basically, you require access to 1 URL, your application needs "Full Internet Access". Want to access the GPS data? Your application needs "Location access", "Services that may cost money", etc.
The way an application declares its "needs" is through an element in the Android Manifest file. However, the choices are really limited to the existing Android services, and most of them have a 1 to 1 relation with the services they relate to, and nothing more granular such as "Requires GPS access using only satellites (costs nothing)", "Requires GPS access using cell towers", "Requires GPS access through paying services".
In the end, the user downloading an app sees warning that are mostly meaningless, and which appear in many other applications. It's close to impossible to spot a possibly-offensive application such as this Trojan.
Re: (Score:2, Informative)
In all honesty, the way Android reports what an application uses is way too weak and not granular enough. Basically, you require access to 1 URL, your application needs "Full Internet Access". Want to access the GPS data? Your application needs "Location access", "Services that may cost money", etc.
Do you use Android? It is more granular than that. Location access can specify coarse (cell location) and fine (GPS). "Services that may cost money" can specify SMS or phone calls. Many apps use a "Phone" permission that's called "Read phone state" so that it can know when you're receiving a call. Apps like Google Voice that use the "Phone" permissions also include things like "Make outgoing calls" and "Intercept calls".
Your fine-grained permissions are right there.
Re: (Score:2)
It still needs to be finer, in my opinion. One thing I would really value is a sandboxed internet access that includes restrictions on the domains it can access and the amount of data it can send. I'm quite happy for an app to talk to it's own server for a cloud based service. I see no reason that the same permission should let it blindly send unlimited amounts of my phone SD card data (possibly at great expense) to a mysterious web site in China. Unfortunately the same permission covers both.
Re: (Score:2)
Agreed. Also, access to the SD card should be limited to an app-specific directory by default.
Well, once you let an app talk to the developer's servers they can do whatever they want with the data from there. The advantage of whitelisting specific URLs is wh
Re: (Score:3, Funny)
Personally, I'd like to see an OS driven prompt to have access to things like contacts, messaging and phone access.
If your app needs a contact to send a message, it would have to pass that message to the OS and the OS would prompt the user for the contact to send it to. This way, no apps need access to contacts to send messages for some reason. The same applies to phone numbers, etc.
Re: (Score:2)
When I tried the Droid Incredible for a month, I was appalled to see A)How vague Android was about the type of permissions apps asked for, and B)How it Android didn't offer the same once, never or forever options as my feature phone
Re: (Score:2)
Yes, the user must approve giving the 'Trojan' access to sending text messages, which is included under a big banner that says "Things that can cost you money". Of course, after the 40th or 50th app installed, no one reads them anymore and just clicks the OK button, but Android does notify you of what it's capable of, and even that requires you to check the install apps from other sources button.
Fortunately, owning a G1, with limited memory storage available, I have yet to reach my 40th or 50th app install, and thus still read that stuff before I install. I figure I have about 20 more apps to go before I start skipping that section and just install without reading...
;-)
Re: (Score:2)
"Kaspersky officials suggest that Android users pay close attention to the services requested by an application at the time of installation"
So yeah. But it hardly makes it not a trojan; by definition trojans masquerade as legitimate apps and this one seems to be no exception. But it doesn't spread or install automatically or give itself privileges the user doesn't grant it, so it's not a big concern. Just another example of users installing that app they MUST have no matter how loudly their anti-virus sc
Re: (Score:2)
Re: (Score:2)
So yeah. But it hardly makes it not a trojan;
Of course it makes it not a trojan!
by definition trojans masquerade as legitimate apps
By that definition, all malware are trojans.
A trojan is something that has hidden and malicious functionality. You know, like the Trojan Horse.
As this is not hidden, it's not a trojan.
Re: (Score:2)
As an end user, I'd like to see an app store where liability insurance is mandatory to cover damages that users may experience from misleading or malicious closed-source apps. The insurance companies should still require source. For totally open source apps, the store should indicate if/what independent volunteer group (or one funded by a small per-app fee) has reviewed the app.
I think that OS / software vendors that take the entire burden of security debugging on themselves by failing to provide source c
Re: (Score:2)
As an end user, I'd like to see an app store where liability insurance is mandatory to cover damages that users may experience from misleading or malicious closed-source apps. The insurance companies should still require source. For totally open source apps, the store should indicate if/what independent volunteer group (or one funded by a small per-app fee) has reviewed the app.
All you'd really get out of that is a false sense of security and a scapegoat to shake your finger at.
Re: (Score:2)
This is an app which is not installed via the Android Market. You have to first enable the installation of apps from outside the Market (an option in system settings). Once you've made that change, neither Google nor any other entity controls what you install on your phone any longer.
Also, you still have to go through a screen which warns that this application requires special permissions; the ability to send SMS's is listed under a big bold heading along the lines of "Things which may cost you money."
Re: (Score:2)
If you install something that says "THIS WILL COST YOU MONEY", and it sends SMS that costs you money, how exactly is that a "trojan"?
Because it says it does one things and actually does another. That's what a trojan is.
The fact that the installation tells you it can cost you money and people still install it means people are idiots. This is like anti-virus popping up and saying, application has been detected to do something which doesn't correspond to the type of application you are installing. Wish to continue? The fact this is news worthy implies headline, "User willingly and knowingly accepts virus - anti-virus and Windows is to blame
Hahaha (Score:5, Funny)
Hahaha! Good thing I have an iPhon.....*signal lost*
What Signal? (Score:2)
(Must have one of those Vulcan pinch phone holders...)
Re: (Score:3, Informative)
Re: (Score:2)
Read the TFA? (Score:5, Insightful)
Why bother? I read it, and I still don't know silly details like what the name of this app is, or whether it's been pulled from the Android Market. Actually, now that I think about it, I don't even know *if* it was in the Android Market, or if it's a side-load app. For all I know, Kaspersky "discovered" a proof-of-concept app that they developed themselves. Yeah, that last bit is pretty unlikely, but reading TFA is no help at all in ruling it out.....
Content fail for TFA.
Re: (Score:3, Informative)
Found the original announcement [kaspersky.com]. No name of an app there either.
While there could definitely be such an app, the article definitely sounds like an advertisement for their product rather than a security notification.
Re: (Score:2)
While there could definitely be such an app, the article definitely sounds like an advertisement for their product rather than a security notification.
It seems like its gotten to the point that anything that comes out of Kapersky, Sophos, Symantec, et al, is just a bunch of far-fetched hype for some product or service they are hawking. These guys have become so transparent that I have concluded that they are just a higher grade of spammers.
Re: (Score:2)
This was the same problem with the screen saver app that also did something malicious. Couldn't find the name of the app just said that it was out there. This is starting to bother me; tell me what the app, where it was installed from is and who the developer is.
Re: (Score:2)
Re: (Score:2)
I really can't agree there. I'd still be inclined to categorize it as a trojan since it's disguised as a music player (even a flawed disguise is still a disguise). In any case, I don't think there's any argument to be made that it isn't malware, and I'd still like to know what name it's being distributed under and who it's coming from....
Also, since we don't really know anything about the app, it's entirely possible that its description explains the SMS access away as having the ability to text your frien
The question is when to agree... (Score:2)
However we don't need to know any of that because it's clear that the application asks for permission to send SMS, the user accepts and then the app does exactly what it said it was going to do.
This is where I'm not sure the Android security model is doing you many favors.
You download a media player, go to install it, and you get a list of things it wants to do - access media library, perhaps access contacts for sharing, and so on... and way down at the end, a little notice about accessing SMS. You might n
Re: (Score:2)
The ability for an app to place phone calls or send SMSes are listed under big bold text reading something to the effect of "Things which may cost you money" on the permissions screen.
If you look at the screen at all, you can't miss it.
Sure, but who cares (or knows to care) THEN? (Score:2)
If you look at the screen at all, you can't miss it.
Even though saying a user "can't miss" something in a list of other things seems wrong to me from direct experience, I'm willing to concede that point.
Because it does not matter.
That screen is telling the user that at some theoretical point in the future, the app may want to SMS someone. Well who cares then? The user doesn't know what the app really does yet, perhaps (in the movie player case) it lets them SMS URL's of cool movies. The user has no way a
Re: (Score:2)
If you read the screen you can't miss it. If you missed it, then you haven't read the screen.
Your only other choice is to prohibit software from doing things which might not be desirable to the user, including the legitimate uses of software in areas where there is also room for illegitimate uses.
Personally I prefer to have a choice in what my software can d
Re: (Score:2)
If you read the screen you can't miss it. If you missed it, then you haven't read the screen.
Already stated I conceded the point they saw it, and did not care (or could not evaluate).
Your only other choice is to prohibit software from doing things which might not be desirable to the user
Wrong. your OTHER choice is to ask the user at the time the app is trying to do the thing in question the app would like to get permission for - so it would ask when the app tried to send an SMS.
You wouldn't have to keep as
Prosecution? (Score:4, Insightful)
So this should lead to police activity quickly enough, right? One can't (at this time) prove where the trojan came from, but it's easy enough to see who benefits and what accounts the money gets paid into. That should all get frozen, cops should kick down some doors, machines should get confiscated?
Will this happen?
Re: (Score:3, Insightful)
> Will this happen?
It could. It is quite possible that some mules will find themselves in serious trouble.
Re: (Score:2)
" but it's easy enough to see who benefits and what accounts the money gets paid into. "
maybe not.
The person who owns the account might be a legitimate business and just claim he doesn't know what the write chose him. Or the writer just picked something and random to cause random, confusion and to make a point.
Lets say you sold personalize adult SMS message for 5 bucks a pop. You're business really starts to rise. How are you to know that someone chose you at random for a PoC of malware? Or a rival isn't se
In addition to the usual cross-border problems... (Score:2)
If someone you don't like makes money off of SMS messages, write a Trojan that sends them stuff, get people to download it, and viola! The SMS guys get raided!
Re: (Score:2)
Absolutely. The Nigerian police are ever vigilant.
Bad summary (Score:5, Informative)
http://www.readwriteweb.com/archives/first_trojan_for_android_phones_goes_wild.php [readwriteweb.com]
Re:Bad summary (Score:4, Informative)
Re: (Score:2)
Given the number of jailbroken iPhones with OpenSSH installed, that's not a limitation at all. Turns out people are sheep, and if you give them instructions on how to install your SuperNewCoolAndroidApp.apk file, they'll do it. They'll blithely check that box, click OK on the permissions dialog, etc. Make it into a YouTube video and they'll just do it like a
Re: (Score:2)
Re: (Score:2)
Here's some more info [securelist.com]. Still no link/name/source of the app. They could have paid someone to write a proof of concept/hypothetical app that did that, so they could do a press release and plug in their upcoming product.
Re: (Score:2)
Bad summary? I'd say bogus story perhaps even FUD. Given that they haven't told us the name of the app, and that it has to be installed from a source other than the market (which surprise, surprise, wasn't in ANY of the stories I read about this today)... I'd say this story is bullcrap.
Protection (Score:3, Funny)
With Trojan-SMS.AndroidOS.FakePlayer.a, you can now have two different trojans in your pocket to offer the ladies.
Re: (Score:2)
That sounds like just as much work as a real girl! NO THANKS
Phone companies' response? (Score:2)
Will they;
a) just charge the user for the messages saying that they are SOL
b) void the charges
There is still no substitute for common sense (Score:2)
Those installing applications from questionable sources get what they deserve.
Re: (Score:2)
Do women who walk down dark alleys at 3 in the morning get what they deserve?
Stop blaming the victim.
Re: (Score:2)
What is clearly needed here is insurance against this type of loss. Then nobody will be a victim anymore ... well, as long as they have insurance.
The problem is that we started out giving hammers to 6 year-old boys without any instruction. This was the DOS command line in 1982. The result was predictable and painful for some but for the most part it is possible to use a PC now, 25 years later. But we still have huge volumes of phishing and botnet emails because people do fall for this stuff.
With Android
Re: (Score:2)
The comparison is grossly unfair. Better one: If having unprotected sex with various partners gives you a STD, then you share a large part of the blame.
Downloading some software from somewhere and then running it is a high-risk activity. Walking down an alley at 3 in the morning does (at least here) not come with any significant risk of getting raped.
People that did not bother to find out the risk-level for an activity or knowingly did high-risk things, always share the responsibility for a bad outcome.
Re: (Score:2)
My apologies to your survivors (or congratulations, their decision) but you neglected to wear body armor capable of withstanding an anti-materiel round. You got what you deserved for being so careless.
Re: (Score:2)
hmmm (Score:2)
A company that makes money selling anti-virus software claims there is a Trojan that there android release will fix.
Ok, I'm willing, for the moment, to say that
s true and has happened.
The article doesn't give any information. Was this spread through the market, or did some select the option to install apps from anywhere and then get hit?
OTOH, this does follow my belief that online and smart phone financial transactions will end. The sheer number and easy or scamming people can't be stopped.
I hope I am wrong
Suggestions for Quick audit app? (Score:2)
I'm thinking that it would list in table form all the installed applications (the rows) with all the security access types (columns) with all the cells checked or unchecked. This would allow an "at a glance" review of all the apps without having to navigate into the management of each one.
CNET ( I know) has this report... external app. (Score:2)
CNET reports here [cnet.com] that this is an app external to the Android Market, and you had to get it from a maliscious (I assume) website.
I saw one report from a phone user claiming they saw it as a 13kb download that they didn't think they asked for, and deleted it. No idea if that is credible.
So it does appear, at least for now, that this is not a Market app.
Seems like a lot of fun (Score:2)
No trojan would spread all that rapidly unless it was spread via the marketplace, and anyone submitting anything to the marketplace (even free stuff) has to go through a credit background check. Not to mention Google has the ability (and has used it) to remotely wipe programs installed from the marketplace.
Mark of a good virus is its ability to spread ;).
What freaking app are we talking about?! (Score:2)
There is something that I miss in all of the reports I've read about this "trojan", they fail to actually name the app that's supposedly causing all this. Seriously, was the application called "fakeplayer" or something?
It's useful information to know what app is malicious, don't you think? So that you can avoid installing it, or to remove it from your phone before it causes more damage.
Re: (Score:2)
At a guess, either because you are not looking in the right places or because you are not offering enough money. What have you tried so far?
Right. After all, it's working so well in the Middle East, and
Re:So... (Score:5, Informative)
"Oh and why do you capitalize the 'middle east'? Is it a country now, worthy of promotion to a proper noun?"
Doesn't need to be a country. Region names are capitalized when they stand alone and are widely understood to designate a specific geographic (or geopolitical) area. e.g. Southern California, the Bay Area, the Middle East.
http://www.utexas.edu/visualguidelines/capitalization.html [utexas.edu]
Re: (Score:2)
You're the one that attempted to deflect his argument with a personal attack. If you're going to accuse someone else of ignorance, try not to expose your own in the process.
Re: (Score:2)
"We" includes you. In this case it most certainly does not include me. But, no, I didn't tell you that the mercenaries were yours: you said that you were having trouble hiring any. I offered some suggestions.
While the details are secret (well, until recently...) according to news reports totals run to 200,000 or so in the Middle East recently (mostly civilians,
Re: (Score:2)
"Violence is the last refuge of the incompetent". - Salvor Hardin [wikipedia.org]
Re: (Score:2)
Sounds about right. And it's not just bad reporting as usual- the press release [kaspersky.com] had few details on the application, not including a name.
I found it strange it said they can "fix" the problem with a security system which hasn't been released yet.
Re: (Score:2)
Re: (Score:2)
<sarcasm>
Well duh - for security purposes, they're not gonna tell you. If you don't know what it's called, you can't go looking for it to install it!
</sarcasm>
Seriously - it's an antivirus company. If they told you what it was called, you wouldn't need to buy their services.
Re: (Score:2)