Prototype Clickjacking Rootkit Developed For Android

ShipLives writes "Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. As part of an effort to identify potential weaknesses in smartphone platforms, the team was able to develop a proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel."

Re:And worse

[bmo]

>And most reasons software does that isn't because of malware.

The most significant symptom of malware infection to Joe User is "my computer is slow." Basically because once you have *one* malware infection, others soon follow, because you haven't kept up with updates, install software from random untrusted sites, or are the victim of a leveraged vulnerability or all three. All these bits of malware fight over the same resources and kill the device's usability.

I have personally seen machines with hundreds of infections. This is typical. The user will muddle along until a certain frustration level is met or the computer simply refuses to finish booting, because the virus load is too much for the poor machine to handle.

"My Computer is Slow" is likely a sign that your system has been compromised for quite a while and there is no malware removal tool that can fix it - a wipe and reinstall of the OS is in order.

--
BMO

Re:And worse

[Xenx]

It's not security model difference between iOS and Android, it's a design philosophy difference. Android isn't designed to keep you in the walled garden. As such, iOS will always be more secure. Giving users a choice invariably leads to some of them making the wrong choice. That isn't a fault of Android, it's a fault in the rest of society.

Multiple trusted repositories

[tepples]

Both Google Play Store and Amazon Appstore tend to be trusted by Android users, as do several lesser-known repositories. Do you plan to explain whether or not each deserves that trust and why?