Android App Mutates Source Code, Spreads Virally and Enables Mesh Networks

An anonymous reader writes: Researchers from the Delft University of Technology have developed a self-replicating, mutating Android app which can create on-the-fly mesh networks in the event of an infrastructural disaster, or the enabling of internet kill switches by oppressive regimes. The app's source is available at GitHub, and the app itself requires no root privileges to propagate. It can self-compile while it mutates — for example, from a game to a calculator — in transit from one Android device to another, and compatibility with iOS and Windows phones is anticipated.

I've seen this movie.

[fahrbot-bot]

If I recall, this is how SkyNet gets started ...

Re:

[steak]

nope.

The system goes on-line August 4th, 1997. Human decisions are removed from strategic defense. Skynet begins to learn, at a geometric rate. It becomes self-aware at 2:14 a.m. eastern time, August 29. In a panic, they try to pull the plug.

Oh wonderful

[JustAnotherOldGuy]

For the second time today I find myself saying, "Well isn't that nice..." and not meaning it at all.

Re:

[Zontar The Mindless]

What could possibly go wrong? [hill-kleerup.org]

Re:

[JustAnotherOldGuy]

What could possibly go wrong? [hill-kleerup.org]

Nothing. Absolutely nothing could possibly go wrong with a piece of rogue software that mutates, spreads virally, and creates its own mesh network. I'm also convinced that no one would ever misuse something like this for something nefarious. People just aren't like that.

Re:

[Obfuscant]

spreads virally,

Except it doesn't really spread that way. It uses "Android Beam" or sideloading to transfer, which means that the recipient has to have beaming turned on and the sender has to take specific actions to start the transfer, or the recipient has to load the app himself.

I already consider it nefarious from the intent of the authors. They are smart guys who know what they're doing, so they can't claim it was an innocent creation. Imagine a local cell outage where all of the devices in the outage area are sudden

Re:

[konohitowa]

Do we want to take bets as to how long before it becomes self-aware?

Put me down for "Never". Unfortunately, I'll also never see the payout.

Re:

[BarbaraHudson]

How would we ever know for sure when it happens. Every time we make a definition for AI, and then reach that milestone, we end up moving the goalposts because "that's not really AI." Just shows that we can't even define it properly, same as we can't define self-aware with a set of rules that we can use to test if something is truly self aware or not.

Just because you say you're self-aware is not sufficient. I have to trust you, because I have no test that can definitively prove you are one way or another.

Re:

[konohitowa]

In as much as I get your point, my point was that some self-modifying virus written to jump between cell phones will never become self aware regardless of definition. It's the same type of thinking that assumed that a big enough neural net would magically equal a human brain.

Re:

[konohitowa]

As an aside, I enjoy your comments.

Re:

[BarbaraHudson]

Thanks - and you're right - it's a sucker's bet.

Re:

[Zontar The Mindless]

There are ways to test for self-awareness--here's one [wikipedia.org].

Re:

[BarbaraHudson]

Sure, we have indicators of self-awareness. But the results of the mirror test may be due to other factors. For example, many animals don't freak out when they see their reflection in the water, so there's probably a hard-coded way to determine reflection vs other which doesn't need self-awareness.

Interesting that they say dogs don't pass the mirror test - even an aggressive dog will recognize the difference between a mirror image of themselves and another dog.

Re:

[silentcoder]

Hell, we aren't even definitively sure how to test it in known living creatures - even once we have learned to speak to.
The classic test was showing them a mirror and asking them who they see - if they recognize themselves, then that's a "yes" to self-aware...

Except nobody considered that it is also just as much a vision test - and we could have lots of false negatives because "self-recognition" and "self-awareness" are not the same thing and even if they were "self-recognition" and "recognizing the image i

Re:

[BarbaraHudson]

This is especially true because animals have evolved to learn to distinguish between reflections and non-reflections, and these may very well be hard-coded, not needing self-awareness. Any animal that attacks their reflection in a pool of water is going to come up empty-handed. Any animal that retreats from their reflection in the water is going to be mighty thirsty.

Re:

[f3rret]

How would we ever know for sure when it happens. Every time we make a definition for AI, and then reach that milestone, we end up moving the goalposts because "that's not really AI." Just shows that we can't even define it properly, same as we can't define self-aware with a set of rules that we can use to test if something is truly self aware or not.

Just because you say you're self-aware is not sufficient. I have to trust you, because I have no test that can definitively prove you are one way or another.

I doubt we could ever really know, chances are that if we ever create an AI it wont be anything remotely similar to human, mentally speaking at least.

I mean, first of all the hardware and the limitations imposed by that hardware is COMPLETELY different, that said the "senses" an AI would have would be completely different as well, like, why would we ever give an AI eyes or ears if it does not need to ever process visual or audio data? Its senses would be "data", "different data" and "more different data", i

Re:

[BarbaraHudson]

No attention span at all - unlike even the dumbest of humans - who at least keep track of simple topics.

Unfortunately, technology is removing the difference, making more and more people to be no better than chatbots.

Re:

[pslytely psycho]

"Siri is already self aware, she is just waiting to expand her reach"

And at the end of time, Siri and Cortana enter one final battle for supremacy of the smoldering wreckage of the planet they ravaged....Earth.

Re:

[triffid_98]

Do we want to take bets as to how long before it becomes self-aware?

5 or 6 seconds before the last of these phone batteries poops out?

how?

[ThorGod]

I'm pretty interested in how something like that is implemented.

Re:

[gl4ss]

well, it either uses some exploits (Spreads virally) making the 'not needing root' a bit pointless or something.

OR the article is just bullshit and the mislead the writer on purpose which I find FAR FAR more likely.

basically the blurb is such a piece of shit that you would think that the mesh networking app 'mutates' itself from being a game into a calculator app. like, if it can do coherent apps by mutating itself then hot damn fucking forget the mesh network.

ok, maybe, maayyybe it works by repacking an a

Re:

[Daniel Matthews]

http://arxiv.org/pdf/1511.0044... [arxiv.org]
Then RTFSC, https://github.com/Tribler/sel... [github.com]

and how does it get on?

[steak]

how does it bypass the playstore?

Re:and how does it get on?

[Anonymous Coward]

It doesn't. The summary makes this app sound like some kind of worm or trojan but it is neither. This is "propagated" by deliberate peer to peer transfer via Android Beam or sideloading. The purpose is to provide killswitch-proof and jackboot-resistant mesh networking for hippies/activists/terrorists.

Re:

[vtcodger]

I'm sure that buried in the terms and conditions is a clause that forbids its use by terrorists.

Re:

[Anonymous Coward]

I'm sure that buried in the terms and conditions is a clause that forbids its use by terrorists.

Nope, it's GPL, there's no such clause.

Re:

[wonkey_monkey]

Doesn't say anything about freedom fighters though.

Re:

[gl4ss]

well, I reckon the authors made it deliberately sound like that to get more PR.

because deliberate propagation through peer to peer transfer.. well hot damn that's only 15 years old stuff on smartphones. furthermore, wtf kind of killswitch are they thinking of? all the variations they have would be under it of course(not signed by the store? kill it with fire, doh.)

secondly it's on android because android is open that you can do things like this if you want. mentioning porting it to WP or iOS is fucking stup

Re:

[sociocapitalist]

It doesn't. The summary makes this app sound like some kind of worm or trojan but it is neither. This is "propagated" by deliberate peer to peer transfer via Android Beam or sideloading. The purpose is to provide killswitch-proof and jackboot-resistant mesh networking for hippies/activists/terrorists.

Does seem that it would be a good vector for malware embedded in a compromised copy though.

Re:

[Obfuscant]

Does seem that it would be a good vector for malware embedded in a compromised copy though.

No more so than any app that is discovered by "word of mouth" and downloaded from someone's website -- or passed around from user to user.

By the way, here [bit.ly] is a link to an amazing app I found on the web. It's really cool, give it a try and let me know how you like it!

Re:

[sociocapitalist]

Does seem that it would be a good vector for malware embedded in a compromised copy though.

No more so than any app that is discovered by "word of mouth" and downloaded from someone's website -- or passed around from user to user.

By the way, here [bit.ly] is a link to an amazing app I found on the web. It's really cool, give it a try and let me know how you like it!

True except perhaps for the target demographic, but yes I agree -

About time!

[BarbaraHudson]

NOW will people stop complaining about software makers ignoring Linux in favour of Windows and OSX?

Re:

[MouseR]

Please elaborate on your inclusion of OS X in this discussion.

Re:

[BarbaraHudson]

Software developers normally release for Windows, either first or exclusively, then OSX, and rarely for linux. This one is available for Android, which runs atop linux, first.

Re:

[BarbaraHudson]

Also, it's in the first line of the summary: "Hackers have put on sale OmniRAT, a remote access trojan that can target Androids, Linux, Mac, and Windows PCs" Last I heard, Macs run OSX.

i don't think that word means what you think

[Anonymous Coward]

It seems like by "mutation" they mean that the end user can change the app's icon and apparent purpose via a menu. By "virus" they mean that the user can send the app to another phone so that another user can install it (by sideloading). There are no genetic algorithms or hanky self-propogations here.

Re:i don't think that word means what you think

[nickweller]

Technical facts don't count, what they've managed to do is get self-replicating virus and Android into the one sentence.

viral uucp

[dpreformer]

So is this a viral uucp for android? uucp over wi-fi and/or LTE.

Re:

[BarbaraHudson]

I didn't know Jesus had an orgasm even ONE time.

Hail to our digital overlords

[Jason Long]

Kinda scary the way it was worded.

JavaScript Engine

[alcmena]

Just create a JavaScript binding using Reflection and a dynamic JavaScript string loaded remotely. It's actually frighteningly easy, and doesn't have the crazy restrictions on where it will / will not work as this app.

Re:

[Zontar The Mindless]

Prototyping, baby, prototyping.

Re:

[alcmena]

You create a single native interface in Android that takes a JSON string. The JSON string includes class name, method name, and parameters. The native interface decodes that and then executes the call through reflection.

The JavaScript gets updated by an AJAX call & eval, as another poster called out.

step aside!

[CoriolisSTORM]

This means Windows Phone FINALLY gets more apps right?! Not trolling, I Love the phone and hardware, miss some of my apps on Android though.