Google flips Android kill switch

Discussion in 'Apple, Inc and Tech Industry' started by MacDawg, Mar 6, 2011.

  1. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #1
    Pretty interesting article on Engadget about Google's kill switch and the need for it

    Google flips Android kill switch, destroys a batch of malicious apps

     
  2. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
  3. kdarling macrumors demi-god

    kdarling

    Joined:
    Jun 9, 2007
    Location:
    First university coding class = 46 years ago
    #3
    Hubris is always something to avoid. Apple fanboys take note.

    According to the last malware survey I saw, there are currently a larger percentage of iOS apps that can send personal info out to remote servers, than with Android apps.

    The iOS user community has the false idea that Apple can or does actually check app store submissions for Trojans.

    Not only is that not possible without the source code, but iOS is far more vulnerable to bugs like buffer overrun hacking due to using native code instead of a managed language like Java. This vulnerabilty is outlined in every iOS update that has included fixes for such security holes.

    It's also demonstrated by apps with hidden code, such as that hotspot that a kid developer snuck into a flashlight app. Apple didn't find out about it until it was downloaded by thousands, at which time they pulled it from the store. If Apple can't find something like that in so simple an app, they're not going to find a time delayed Trojan in more complicated apps.

    So it's just a matter of time before malware, possibly already in place, is discovered in the Apple App Store. Don't forget that Apple also put in a kill switch, which means they believe there's a possible need for it. Whether or not they'd publicize its use, is up for debate.
     
  4. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #4
    Add to it MS already announced they have a remote kill switch in WP7 and the power to add in the patch remotely. It is good idea to have it.

    As for Android I bet that is a catch to gain access to the Android market is to have the ability for good to force that to happen.

    As least Google gets on top of fixing exploits like that after they find out about it. Apple it would of been weeks before they would of patch it. PDF jail break any one. 2 weeks to fix that major hole.
     
  5. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #5
    We're waiting patiently.

    Just like we've been waiting patiently for that tidal wave of malware for OS X since 2001 . . . that never happened.

    There is no substitute for control of the experience. Google is still in short pants, but they're learning. Maybe one day they'll actually get serious about their product and restrict licensing. They sort of half-heartedly tried that with the Nexus One, but it rapidly became clear to them and everyone else that they aint Apple.

    It's all about priorities, and as long as Google's is ads and data-collection, they'll never match the Apple Experience.
     
  6. Melrose Suspended

    Melrose

    Joined:
    Dec 12, 2007
    #6
    Well, Google already rifles through your email and monitors as much as they can squeeze out of you, so this is hardly surprising.
     
  7. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #7
    honestly I have noticed all email company do that. They look at what emails come in use that to build data bases. At a company the size of google once all personal information is strip out not like you could have a clue who went with what data.
     
  8. Melrose Suspended

    Melrose

    Joined:
    Dec 12, 2007
    #8
    To a degree, any information we send or receive is read and noted. I just don't like it when wealthy corporate shirts do it to make even more money. :p
     
  9. munkery, Mar 6, 2011
    Last edited: Mar 6, 2011

    munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #9
    The Jailbreakme exploit became public on April 3, 2010 and was patched on April 11, 2010. This patch fixed both the local and remote exploit used in Jailbreakme. So, it took 8 days for Apple to fix.

    A quick search through the Microsoft Security Bulletin Summary index shows that this publicly released UAC bypass (see also Exploit-db & CVE-2010-4398) in Windows 7 was not patched until February 8, 2011 as shown in ms11-feb.mspx. Contrary to the Microsoft Security Bulletin for this patch, proof of concept code exist for the UAC bypass exploit. So, nearly 2 and a half months.

    Interestingly, it is in the same class of exploit used to achieve privilege escalation in the Stuxnet worm that was discovered in July 2010. The win32k.sys exploit used in Stuxnet was not patched until Oct, 12/2010. So, a little under 3 months.

    The win32k.sys exploit in Stuxnet did not work in Vista/7 so another exploit was used to achieve privilege escalation in Vista/7. This Task Scheduler exploit was not patched until Dec, 14/2010. So, a little under 4 months.

    The remote exploit used in Stuxnet was public on July 17, 2010 and patched on August 2, 2010. So, roughly two weeks.

    But, those local privilege escalation exploits could have been leveraged by other remote exploits while they remained unfixed.
     
  10. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #11
    and how many of those were mission critical..
    For example you Stuxnet worm which only could do real damage required access to a patch zero day exploit that MS quickly fixed.

    Apple is among the worse of the worse when it comes to fixing zero day or mission critical holes.
     
  11. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #12
    I really think you should read my post again.

    To patch the remote for Stuxnet took two weeks.

    To patch the local for Stuxnet in Windows 7 took nearly 4 months.

    That local was still exploitable after the remote was patched via any other remote exploit available during that nearly 4 month period.

    Remote exploits obviously allow remote access. Local privilege escalation allows payloads to be installed in more sensitive areas of the system without authentication.
     
  12. Tarzanman macrumors 65816

    Joined:
    Jul 16, 2010
    #13
    Having used PCs mostly and Macs some I will say this:

    The main difference between *critical* bugs in Windows and MacOS is that you actually hear about the ones in Windows.

    Apple seems to believe that non-disclosure is a virtue. I have no doubt that more worms exist on Windows... but that also means that unless a Windows user is conscientiously ignorant, they will have a good idea of most of the common vectors for malware infection (first it was disks and usb sticks... then flash, MSIE, PDFs, etc).

    Most Mac users have no clue whatsoever. They assume that their machines are safe from exploits and wouldn't know the first thing about how to go about ridding their machine of malevolent code.

    But yes, beware hubris. Hipsters and yuppies are buying macbooks in large numbers. You probably won't ever see infections on as grand a scale as with windows...most mac users won't see anything at all due to their lack of sophistication.

    Out of sight out of mind, eh?
     
  13. zenio macrumors 6502

    Joined:
    Feb 2, 2011
    #14
  14. gibbz macrumors 68030

    Joined:
    May 31, 2007
    #15
    Seems a bit off topic
     
  15. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #16
    That's his schtick. We all gotta have one, I guess. ;)
     
  16. Melrose Suspended

    Melrose

    Joined:
    Dec 12, 2007
    #17
    ...I understand maybe you had a problem w your computer, but sheesh, lighten up a bit.
     
  17. roadbloc macrumors G3

    roadbloc

    Joined:
    Aug 24, 2009
    Location:
    UK
    #18
    I think it is good that Google is accepting responsibility and doing something about it instead of just saying "It's up to the user if they download it..."
     
  18. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #19
    Google did this before, and under the current circumstances it was a good move. Why have the malware on consumers phones if they have a way to remove it.

    Google needs to be more involved to ensure the android customers are not affected by malware. On one end you have apple with its closed system that is too aggressive and having one company dictate what I can read or use, is not good. on the other end of the spectrum you have google with its complete hands off approach. This hasn't really worked too well when comes to malware.
     
  19. rhett7660 macrumors G4

    rhett7660

    Joined:
    Jan 9, 2008
    Location:
    Sunny, Southern California
    #20
    This sounds good to me. Just as Mac stated. Glad to see they took a proactive approach and removed the software.
     
  20. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #21
    I want to know if Apple has a back door kill switch like that.
    I know Google stated publicly that they had this kill switch and they stated that a while ago.
    MS has also publicly stated that they have a back door kill switch they can use on all their phones.
    Honestly I think it is a good thing to have those switches as it does help fight malware that will get out there.
    It is only a matter of time before we see something like that hit the Apple App Store. Do not say oh it never will happen.... Apple already shown that they do not catch this stuff. It would be a cake walk to do it. Just make sure it has a time release so it gets threw the review process before being spotted and has time to get downloaded.

    Back on Google and MS at least they both are up front about it and Google publicly states when they use their kill switch and what the reason was. As long as it is a good reason (malware) I am fine with it. The reason can not be to keep the carriers happy or to stop competitors .
     
  21. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #22
    Dollars to donuts, they do. Given the control they exert over iOS, apps and the platform. I cannot help but think they have a mechanism to expunge an app from an iPhone, iPad or iPod touch.
     
  22. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #23
    better question will be what they will say when they use it and then the fanboys here bashing Google for doing it will be saying to defend it.

    I bet they have it and I honestly think it is a good idea to have it. Just have to be very careful when you use the nuclear option and better have a good reason to do it.
     
  23. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #24
  24. kdarling macrumors demi-god

    kdarling

    Joined:
    Jun 9, 2007
    Location:
    First university coding class = 46 years ago
    #25
    Yes, as I mentioned in my post, Apple has a way to delete apps.

    Apple confirms kill switch - MacRumors News, Aug 2008

     

Share This Page