Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Android Security

Android App Mutates Source Code, Spreads Virally and Enables Mesh Networks (thestack.com) 74

An anonymous reader writes: Researchers from the Delft University of Technology have developed a self-replicating, mutating Android app which can create on-the-fly mesh networks in the event of an infrastructural disaster, or the enabling of internet kill switches by oppressive regimes. The app's source is available at GitHub, and the app itself requires no root privileges to propagate. It can self-compile while it mutates — for example, from a game to a calculator — in transit from one Android device to another, and compatibility with iOS and Windows phones is anticipated.
This discussion has been archived. No new comments can be posted.

Android App Mutates Source Code, Spreads Virally and Enables Mesh Networks

Comments Filter:
  • by fahrbot-bot ( 874524 ) on Thursday November 05, 2015 @08:08PM (#50874351)

    If I recall, this is how SkyNet gets started ...

    • Re: (Score:2, Informative)

      by steak ( 145650 )

      nope.

      The system goes on-line August 4th, 1997. Human decisions are removed from strategic defense. Skynet begins to learn, at a geometric rate. It becomes self-aware at 2:14 a.m. eastern time, August 29. In a panic, they try to pull the plug.

  • For the second time today I find myself saying, "Well isn't that nice..." and not meaning it at all.

      • What could possibly go wrong? [hill-kleerup.org]

        Nothing. Absolutely nothing could possibly go wrong with a piece of rogue software that mutates, spreads virally, and creates its own mesh network. I'm also convinced that no one would ever misuse something like this for something nefarious. People just aren't like that.

        • spreads virally,

          Except it doesn't really spread that way. It uses "Android Beam" or sideloading to transfer, which means that the recipient has to have beaming turned on and the sender has to take specific actions to start the transfer, or the recipient has to load the app himself.

          I already consider it nefarious from the intent of the authors. They are smart guys who know what they're doing, so they can't claim it was an innocent creation. Imagine a local cell outage where all of the devices in the outage area are sudden

  • I'm pretty interested in how something like that is implemented.

  • how does it bypass the playstore?

    • by Anonymous Coward on Thursday November 05, 2015 @09:06PM (#50874593)

      It doesn't. The summary makes this app sound like some kind of worm or trojan but it is neither. This is "propagated" by deliberate peer to peer transfer via Android Beam or sideloading. The purpose is to provide killswitch-proof and jackboot-resistant mesh networking for hippies/activists/terrorists.

      • I'm sure that buried in the terms and conditions is a clause that forbids its use by terrorists.

        • by Anonymous Coward

          I'm sure that buried in the terms and conditions is a clause that forbids its use by terrorists.

          Nope, it's GPL, there's no such clause.

        • Doesn't say anything about freedom fighters though.

      • by gl4ss ( 559668 )

        well, I reckon the authors made it deliberately sound like that to get more PR.

        because deliberate propagation through peer to peer transfer.. well hot damn that's only 15 years old stuff on smartphones. furthermore, wtf kind of killswitch are they thinking of? all the variations they have would be under it of course(not signed by the store? kill it with fire, doh.)

        secondly it's on android because android is open that you can do things like this if you want. mentioning porting it to WP or iOS is fucking stup

      • It doesn't. The summary makes this app sound like some kind of worm or trojan but it is neither. This is "propagated" by deliberate peer to peer transfer via Android Beam or sideloading. The purpose is to provide killswitch-proof and jackboot-resistant mesh networking for hippies/activists/terrorists.

        Does seem that it would be a good vector for malware embedded in a compromised copy though.

        • Does seem that it would be a good vector for malware embedded in a compromised copy though.

          No more so than any app that is discovered by "word of mouth" and downloaded from someone's website -- or passed around from user to user.

          By the way, here [bit.ly] is a link to an amazing app I found on the web. It's really cool, give it a try and let me know how you like it!

          • Does seem that it would be a good vector for malware embedded in a compromised copy though.

            No more so than any app that is discovered by "word of mouth" and downloaded from someone's website -- or passed around from user to user.

            By the way, here [bit.ly] is a link to an amazing app I found on the web. It's really cool, give it a try and let me know how you like it!

            True except perhaps for the target demographic, but yes I agree -

  • NOW will people stop complaining about software makers ignoring Linux in favour of Windows and OSX?
    • by MouseR ( 3264 )

      Please elaborate on your inclusion of OS X in this discussion.

      • Software developers normally release for Windows, either first or exclusively, then OSX, and rarely for linux. This one is available for Android, which runs atop linux, first.
      • Also, it's in the first line of the summary: "Hackers have put on sale OmniRAT, a remote access trojan that can target Androids, Linux, Mac, and Windows PCs" Last I heard, Macs run OSX.
  • by Anonymous Coward on Thursday November 05, 2015 @08:29PM (#50874475)

    It seems like by "mutation" they mean that the end user can change the app's icon and apparent purpose via a menu. By "virus" they mean that the user can send the app to another phone so that another user can install it (by sideloading). There are no genetic algorithms or hanky self-propogations here.

  • So is this a viral uucp for android? uucp over wi-fi and/or LTE.

  • Kinda scary the way it was worded.
  • Just create a JavaScript binding using Reflection and a dynamic JavaScript string loaded remotely. It's actually frighteningly easy, and doesn't have the crazy restrictions on where it will / will not work as this app.
  • This means Windows Phone FINALLY gets more apps right?! Not trolling, I Love the phone and hardware, miss some of my apps on Android though.

Consider the postage stamp: its usefulness consists in the ability to stick to one thing till it gets there. -- Josh Billings

Working...