Android Vulnerabilities and Exploits in the Wild!

Android garden

Time to Do what?

When I was researching this on the web I didn’t expect to find so much stuff, but I do think IOS has more vulnerabilities then Android but it isn’t as bad as Apple IOS problems!

I am not going to talk about all of them but just a few that have peaked my interest!

The ‘Master Key’ Exploit

A simple but yet easy way to fool your Operating System and gain more access than it should.  The name doesn’t mean they actually have the master key to your device.   It is using what all Android devices use in the APK.  The MANIFEST.MF, which if done right, will have two more copies in the APK (Zip file).   When the Android OS installs this APK it will use the the last MANIFEST.MF and thus it can gain more access than you once thought.   Be able to communicate with a server  or copy your contacts.   I’ve pretty much come to the conclusion that 3rd party apps are dangerous now and I will not use anything but Google or Maybe even Amazon US app store!  

The ‘Webview’ JAVA Exploit

If you don’t use JAVA you will need to consider disabling it in Android.  While this one is a little more trickier and harder to avoid if you use Java, you best bet is to install Dolphine Browser, FireFox, and/or Chrome.   Then install a java an Addon or and Extension that does not allow Java to be used unless you specify.   This exploit can send SMS, or send out emails from you to spam your friends and family.   So this is one that you must start worrying about to a point.

The ‘Scarevertising’ Exploit

This last one I have seen become very prevalent and thus you should be on the lookout for this!   They claim in either a push notification or in some kind of inside application banner that basically tries to scare you into thinking you have a virus.   I’m not sure which advertising networks are being used but you can bet this will be a constant problem.   Some rules of thumb are install only from the Google App Store and never install any third party apps, which some call side along install.  

If your worried and you want to protect your Android Device, here are a few free applications that will help and hopefully keep you safe:

The last thing I can say is there are more than 100 different anti virus apps out there but it all depends on the end user (you) to know and trust vendors who are reputable and you can trust.   If you don’t know the Anti virus Company than maybe they shouldn’t be used.   I do hope I have helped you find what your looking for and we will discuss more in the future on Android Exploits!

 

Scare advertising hitting android Devices!

androidantivirusfree.org

I Think NOT!

I was doing some stuff and this little advertisement appeared on my tablet:

Phone is Infected, Remove Virus Now! (Scare Tactic)

As you can see there is a lot to this that you can’t really, even though I know Androids aren’t immune.  This seems to indicate the advertising of malware is on the rise.  So I intend to help those who want to be helped.  Let’s by chance think you have a virus on your tablet or phone.   How do you get it off, there are a few ways.   One you can do a hard reset and restore you phone or tablet to factory settings.   Essentially wiping all information from the phone.  

Don’t install any 3rd party applications!

Use coupon code “Savenow15” and Save 15% off the lifetime of your account!One of my common rules is not to install any third party applications unless I trust the source and just because they look legitimate doesn’t always mean they are.   For example, the picture looks convincing enough but home site (androidantivirusfree.org) has nothing there which indicates to me that it is designed to install malicious software to make you buy there cure for their android virus or malware!

Although this is the beginning of this, I am just going to.  I have already talked about this in a previous post so I will just say this.  Don’t do anything without consulting a geek! 

Paul Sylvester

 

What’s with Google trends?

Having been going to the Google Trends and keeping watching.  I am starting to wonder something?  Take a look at this and you tell me?

Oct 20,2008 Google Trends

[ad]Can you see how someone might use this to create a Goog-411 and use it to promote there website? It is all about the hits and getting what publishers like to say the eyes on a website. Now is that going to confuse people or make people not want to come to a site.  So how would people abuse this?

Very Simple, they’d watch what is trending and post accordingly.  Now you as a reader would click on the website expecting to see what you want to see but instead it would popup with advertisements and maybe malware?  Check these links to better understand it:

[ad]
Now even though these are just a few.  You can see how someone might want to abuse it and get there site up on Google trends and be able to infect several to even millions of computers before Google sees that or stops.  You could in theory take over a website high in Google rankings and do exactly that.

Then I have to ask myself, why would hackers want to do it in the first? One they’d be able to direct people to sites that they could use to phish your information, or maybe make money by you going to these sites. It is all about money, I don’t say that lightly, but it seems to always be true.

So what is Google doing to prevent this? is it right to use Google for your advantage? Do we need it for anything other than to see what people are looking at? Is that a form of them tracking your every click.

[ad]
Are you comfortable with them keeping the list of what people searched for last year? if you don’t believe me, go check it out yourself. These are important questions to answer and should be explored.

How to Get advertisers to come to you!!

Lately in the past few weeks, I’ve had several Advertisers come to me wanting to advertise for there clients.  I’d thought I share you some of my experiences, in the hopes, that you too can get advertisers to come to you so I’d come up with some steps to better help you;

[ad]

  1. Don’t use Blogger.com — Yep that’s right, after recently moving from blogger to WordPress.  I’ve found that after the move, I’d start getting more people coming to my site.  I don’t know if it was something I did or if it was the platform that got me more business.  I think most advertisers think blogger is for amatuers or people who aren’t interested in revenues.
  2. Content is the Key — Having spent the last few months thinking how I can get people to come to my blog.  I’ve found this out.  If you make content that is specific to your area and not try to repeat what everyone else is saying you can get a high volume of people to come to you site.  I’ve also learned that Google is your friend and you need to use it to you fullest abilities.
  3. Social Media is the Key — That’s right find sites that are social media and use them for the fullest.  Some of my favorites are: Friendfeed, Disqus, Seesmic, Furl, Technorati, Twitter, Youtube, Tumblr, Plurk, and Facebook.  Although this isn’t the complete list this is quite a few and you will need to socialize as much as possible to get people to come to you site.
  4. Don’t be afraid to get your own ads — Yes your are correct you don’t have to wait for them to come to do you.  You can go to them.  Find some ad-services that will work for you and sign up.  Some of the ones I’ve checked out are Google Adsense, Crispads, and Commission Junction.  Having ads are your site lets advertisers know you are interested in having ads.
  5. Have an About me Page — Although this seems the simplest of them all.  Having that will have them be able to get a hold of you if they would like to offer some sort of advertisement on your site.  It does not have to be complete.  It does however, have to have a way for advertisers to contact you in case they are wanting to communicate with you.

[ad]

There ofcourse is more to the story but this will begin your journey into the world of ad revenues.  It is to be expected to have some bumps in the road, however hard or soft.  If you can get past the first few months with your newly created blog, and you start creating content, you will start to get ads coming your way.  If you have other suggestions on how to get ad revenues please feel free in leaving a comment and I’ll check it out.