Tag Archives: googleplay
Backing up your Android device is probably something that you have never thought of or never do that often. Given the amount of data that mobile devices store these days, it’s becoming even more important now to make sure your device data is backed up to your PC/Mac and/or SD card and recoverable in the event of damage, loss or theft.
Most Android users (other than the techies among us) don’t realize that when you backup your Android device it only backs up media i.e. photos, music (non-system files in the main) etc and not the system files (you have to have “admin” rights for this to work) and app data (by this I mean the entire device) etc. So what can you do? Well it’s easy. A developer called Gigadroid developed earlier this year a PC/Mac tool called Ultimate Backup which can be used to backup everything to a PC or Mac without you requiring “admin” access (the techies call this “rooting”).
How to install ADB and Ultimate Backup Tool to backup your device to a PC or Mac
Android malware is something my readers will be familiar with. As you know most Android threats are coming from third-party app markets, SMS and email phishing and malicious URL links, or redirectors as they are called in the security industry (See Bootnote). But what about mobile in-app advertising or as some refer to it “adware”? You might say there is nothing to worry about. Read on to find out why you should be concerned about your privacy.
Mobile in-app advertising is a growing and lucrative market, especially given smartphone screens are getting larger. The ad revenues will continue to grow while at the same time the ad platforms will look to collect more of your Android device’s personal data so they can target you with specific ads – think of this as behavioural advertising or Interest-Based Advertising.
The main reason for in-app advertising is to generate an additional income for developers who right now are giving away their apps for free. Developers can make money from in-app game purchases and in-app advertising. So what about your mobile device data?
Google has issued letters to Google Play Store app developers which contained a stern warning outlawing abuses such as impersonation, spamming and deceptive advertising. Google highlighted that it would not tolerate “unhealthy behaviour, like deceptive app names and spammy notifications.”
Most of the changes appear very obvious such as if an app discloses personal data without permission the app will be no longer be permitted along with those that too closely resemble other apps an Android system apps in name or form. It will be interesting to see how Google manage this as this appears a rather ‘grey’ area for me. A quick glance in the Play Store and it will not take long to see that there are apps that will be in breach of the ‘warning’ letter. Google is also stressing that anything that spams will be excluded along with products or the ads they contain also must not mimic functionality or warnings from the operating system or other app.
In addition, developers must not divert users or provide links to any other site that mimics or passes itself off as another app or service. How will Google police this? Bouncer maybe? Google continues to say that apps must not have the names or icons that appear confusingly similar to existing products, or to apps supplied with the device i.e. Messaging. Maybe they will be reviewing each app manually like Apple does? 🙂
The folks over at NQ Mobile’s Security Research Center have just discovered a new Android malware, which cannot only push other apps, but the upgraded version of itself to users. NQ Mobile named this malware *VDLoader. After analyzing a great number of app-push malware, VDLoader is the first mobile malware which has the ability to auto-update, bringing a serious threat to Android users.
*Note: VDLoader can only be currently found on third-party Android app markets in China. The Google Play Store is unaffected by this rogue app at this time.
How does VDLoader work? This malware injects into normal applications to hide and broadcast itself. You cannot see the corresponding icon in the application table. It starts the service when the signal change is captured, connects the Internet to acquire commands from the server, and downloads application packages without the users’ knowledge. Unlike other promoting applications, the downloaded applications are infected by the malware. This malware disguises itself as SMS notifications to mislead users. It not only causes data flow consumption (not so good if you are on a limited data plan :() and financial loss, but also brings a much more serious security threats into users’ Android devices. See below:
I’ve been researching Android mobile application permissions on the Google Play Store, and have noticed that quite a few apps are now looking to review what permissions their apps have access too. One particular Android app was Flixster on Google Play which now no longer requires permission to read contacts or text messages. Reading some of the comments on this app, it appears some users are congratulating Flixster for removing these permissions. I am too, but this still got me wondering.
Why do apps continue to access data they actually don’t require to run? Accessing my contact book gives app developers full access to emails and telephone numbers. This is not only useful for spamming but also for renting the data to marketing and 3rd parties. I’m seriously concerned with apps accessing my contact and calendar and my call logs for example – this is my personal private domain. Some say, if you don’t want to allow them access to your data, don’t download the app. Why should I not download an app I believe I need and or I find very useful to my ilife? Enough said.