Prototype Clickjacking Rootkit Developed For Android

ShipLives writes "Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. As part of an effort to identify potential weaknesses in smartphone platforms, the team was able to develop a proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel."

Re:

[Anonymous Coward]

That's awesome. Windows 8 is the best.. it's like GNOME 3 but from Microsoft.

Re:

[iiiears]

Agressive pricing frightens slashdotters newly accustomed to Linux's increased market share.

Like every other slashdotter I'll buy a copy for photoshop, mixcraft and games. (Windows is for ralaxation - lol)

Re:

[bmo]

>There has to be a balance between free/open and secure.
>implying that closed source is more secure
>implying

No.

>Apple almost nailed it right on

No, no they didn't. They are anti-FOSS. The only thing they got right was taking the software repository idea from the FOSS world and calling it a store. Where they failed is that they don't allow other stores/repositories in spite of the fact that the FOSS world has been living with multiple trusted repositories for many, many years now.

--
BMO

Re:

[imamac]

I wasn't talking about source code.

Re:

[MobileTatsu-NJG]

Where they failed is that they don't allow other stores/repositories in spite of the fact that the FOSS world has been living with multiple trusted repositories for many, many years now.

Heh. It's just Android that hasn't.

Multiple trusted repositories

[tepples]

Both Google Play Store and Amazon Appstore tend to be trusted by Android users, as do several lesser-known repositories. Do you plan to explain whether or not each deserves that trust and why?

Re:

[Anonymous Coward]

Apps banned from Play for being mal-ware end up on other stores where they continue to enjoy life. Apple's approach has actually proven to be better.

Most Android malware is actually distributed ...

[Anonymous Coward]

via Google's Play Store. This is a KNOWN FACT, not bs.

The official repository IS the problem main. Haven't heard about a single malware being distributed on the Amazon App Store.

Re:

[MobileTatsu-NJG]

http://it.slashdot.org/story/11/06/15/183209/more-malware-infected-apps-found-in-android-market [slashdot.org]

I realize this is anecdotal, but every Android malware story I've seen also mentioned the Marketplace is where they get it. I doubt users 'trust' it so much as they hope there is safety in numbers.

Re:

[bmo]

http://www.penny-arcade.com/comic/2004/03/19/ [penny-arcade.com]

--
BMO

Re:

[alexgieg]

No, no they didn't. They are anti-FOSS.

Not quite. What Apple really is against is "open hardware", or, more precisely, "open OS", at least when it comes to the one (hardware and OS) they themselves sell. As for individual pieces of software, they don't care whether it's FOSS or not. On the other hand, if your FOSS license of choice happens to prevent others from uploading it to their app store, see VLC for iOS, killed, if I remember correctly, by the VLC folks themselves, what guilt do they objectively have? When an open source project selects a

Re:

[Goaway]

No, no they didn't. They are anti-FOSS.

And they release so many large and widely used open source projects because... they hate it so much?

Re:

[the_B0fh]

Exactly! I know I can trust you because you write everything from the bootloader and firmware upwards! After all, Google wouldn't be doing anything to invade your privacy, like the did with iPhone.

Re:And worse

[Xenx]

It's not security model difference between iOS and Android, it's a design philosophy difference. Android isn't designed to keep you in the walled garden. As such, iOS will always be more secure. Giving users a choice invariably leads to some of them making the wrong choice. That isn't a fault of Android, it's a fault in the rest of society.

Re:

[imamac]

[quote]It's not security model difference between iOS and Android[/quote] Seems to me that's exactly what it is. Part of it is design philosophy, too, of course.

Re:

[Xenx]

My point is that it was a design choice to allow a freedom to install apps. It isn't a situation where you can compare security models and just say iOS is better. You can make arguments about which method is preferred, but not which is better.

Re:

[imamac]

Okay, I'll buy that. A lot of this debate does come down to personal choice. I have much more confidence in Apple's walled garden (which is a massive garden, btw) as opposed to the chaos that seems to plague Android.

Re:

[Xenx]

There isn't as much chaos on the Android side as people like to think, but it is there. Anyone that takes the time to actually learn and understand the devices they buy, is usually fine on Android. iPhones, however, require less effort for entry level use. This isn't meant as a slight, just an observation. I would much rather support people on an iPhone than an Android because they likely don't have a clue either way and iOS is iOS... I can walk through the settings in my sleep.

Re:

[bmo]

>That isn't a fault of Android, it's a fault in the rest of society.

This.

The rest of society wants its purple gorillas in spite of the fact that it's badware.

--
BMO

Re:

[recoiledsnake]

I love it how this fact only comes up when it's Slashdot's darling OS, but the same fact is projected as a failure of Microsoft when it comes to Windows malware in countless +5 insightful comments over the years. Hypocrisy to the core.

Re:

[Xenx]

Some people might feel that way, I do not. I wouldn't take all blame away from MS for some of the things about their OS. But, the blame for installing crap software lies on the user.. regardless of the OS.

Re:

[Billly Gates]

I got his by 3 pieces of malware over the years. None of them were installed by choice but were drivebyes.

As a result I stopped using Firefox which does not have sandboxing, I switched to a decent AV package as I was one of those users who felt I didn't need AV as I never click on things and get infected so kept old AVG etc. I only have flash on Chrome which is sandboxed by default. I keep it UPDATED as no one updated flash prior to 2011. I manually disabled Java in all my browsers as I still use Eclipse et

Re:

[Xenx]

No OS is without fault, no program is without fault, and no user is without fault. You need to base your decisions upon what you feel you can handle with your level of competence. Use AV. Use a more secure browser. But, the biggest security hole in any system is the user. If you can't figure out that you shouldn't be installing every app you see, go with iOS. If you choose something else, accept that you open yourself to potential risk.

Does this excuse the manufacturer, or Google, from all responsibility

Re:

[bmo]

>I love it how this fact only comes up when it's Slashdot's darling OS

That the there is a problem that sits in the chair that confuses the part in the seat with the part looking at the screen has been brought up time and again with other OSes. I have actually come out and said that encryption and all the security in the world doesn't effin' matter if you can get the user to trade the key for a candy bar, which has actually happened.

You just have selective hearing, which means you are an asshole.

--
BMO

Re:

[recoiledsnake]

It has been brought up yes, but if you've missed the overwhelming support and hundreds of posts on Slashdot for the notion that Windows is not as secure as Unix based OSes, then you're blind and have selective vision, which means you're a blind asshole.

Now that we know how malware-free a popular Unix based OS is, out comes blaming the user instead of the OS.

Re:

[Anonymous Coward]

You seem to be suggesting that it's impossible for it to be simultaneously true that users are lax about security AND the OS is insecure. But why would there be any conflict between those two claims? It's perfectly possible that many Windows users have poor security practices and Windows itself is less secure than other OSes.

Re:

[the_B0fh]

wish I have modpoints. Don't understand why people don't understand this point.

Re:

[ThatsMyNick]

It all makes sense, when you realize Slashdot is made of more than one person. There are people on slashdot who are not happy with malware on Windows and advocate more of a walled garden, and then there are people who believe in freedom to install malware if they wanted to. So you have more than one set of people, moderating at different points of time, carrying different opinions at different strengths. And thus you have, what you call, hypocrisy in slashdot, when all individuals are perfectly non-hypocrit

Re:

[Billly Gates]

It all makes sense, when you realize Slashdot is made of more than one person. There are people on slashdot who are not happy with malware on Windows and advocate more of a walled garden, and then there are people who believe in freedom to install malware if they wanted to. So you have more than one set of people, moderating at different points of time, carrying different opinions at different strengths. And thus you have, what you call, hypocrisy in slashdot, when all individuals are perfectly non-hypocritical.

Yeah no kidding I was modded down to 0 because I said there is a problem with AV software not having the access in the walled garden to clean up a rootkit infection. Sigh moderators

There needs to be a balance though. Yes security is important but that does not mean banning all javascript except for the OS browser that came with it IE 10, Chrome, Safari, and no one else. Also at least with things like SecureBoot MS is nice enough to have an API for AV scanners to detect and remove rootkits.

I think AV softwar

Re:

[Jello B.]

It's not like malware exists just to make things run slower and crash. And most reasons software does that isn't because of malware.

Re:And worse

[bmo]

>And most reasons software does that isn't because of malware.

The most significant symptom of malware infection to Joe User is "my computer is slow." Basically because once you have *one* malware infection, others soon follow, because you haven't kept up with updates, install software from random untrusted sites, or are the victim of a leveraged vulnerability or all three. All these bits of malware fight over the same resources and kill the device's usability.

I have personally seen machines with hundreds of infections. This is typical. The user will muddle along until a certain frustration level is met or the computer simply refuses to finish booting, because the virus load is too much for the poor machine to handle.

"My Computer is Slow" is likely a sign that your system has been compromised for quite a while and there is no malware removal tool that can fix it - a wipe and reinstall of the OS is in order.

--
BMO

Re:

[djl4570]

Opera for Tablets works a lot better than the default browser on my Galaxy Tab 10.1. Now I need to learn how to diagnose malware.

Dumbphone

[tepples]

You could always buy a dumbphone from Virgin Mobile or your country's counterpart. Sure, those are technically also computers, but it takes a computer to modulate and demodulate voice signals on a digital network. Depending on how many calls you need to make away from home, and whether you have an unmetered land line available to make long calls, a dumbphone might cost you $7 per month or less, and unused minutes roll over as long as you keep paying the minimum every 90 days.

Re:

[Xenx]

Feature phones are still widely available, everywhere I've seen. So, either you aren't looking.. or just want to bitch about a problem that doesn't exist yet.

Re:

[PuZZleDucK]

Just as on a PC: The only way to guarantee an infection is gone (without hours of work) is a full OS install from scratch... Pull yourself out of the kiddy pool, root your device and flash a brand new rom that will probably run _faster_ than the original phone. You could then also run a good firewall if you wanted :]

uhmm....

[Anonymous Coward]

Thanks?

Re:

[ThatsMyNick]

You only had to look at the link to know this very much legitimate research.
 
  Even if it was not, for Gods sake dont try to redefine the word. I hope some journalist does not pick this up and start using it as definition of 'researchers'. Just call them researchers, and you can use an adjective to describe them as what ever kind of researchers you think they are.

Re:

[Exrio]

I do think proprietary software sucks just because it's proprietary. I've never claimed it to have anything to do with security, I'm sure the Linux desktop will get malware too if it ever has it's year, just as OS X has now. Anything with a large enough (end-)user base and no totalitarian walled garden will - making security-wise perfect code is really hard and comes with tradeoffs many aren't willing to make especially in consumer software. I still wouldn't touch a totalitarian walled garden OS with a 6.09