Kirin is a research app from Penn-State. It is a customized package installer that performs these "common sense" checks automatically.
On Aug 12, 9:33 am, Dan Hein <[email protected]> wrote: > Thanks Nick. I enjoyed the article. > > Does anyone know about any efforts to crowd source ratings for applications > and to black-list trojan apps? For example, I've read research papers > discussing how Android apps can leak sensitive information to remote servers > (e.g. Ad servers and servers in other countries) which the user would > find surprising. Given that the current permissions model provides a coarse > grain of control, it would be nice if there was a community project to > supplement information on available applications. Similar services > currently exist for phishing sites and websites in general, e.g. > > http://www.phishtank.com/ > > http://www.mywot.com/ > > Anyone know if there's already an open or community project like this to > rate Android apps? Very simply, such a service could provide a simple app > that only accessed the package manager and the network. Using the package > manager, the app could simply enumerate applications on the device and check > them against a crowd sourced black-list on the server. > > Thanks, > Dan > > On Wed, Aug 11, 2010 at 2:10 PM, Nick Kralevich <[email protected]> wrote: > > > The best article I've read has been the following: > > >http://thenextweb.com/mobile/2010/08/10/first-android-trojan-surfaces... > > > As for countermeasures, there's already plenty: > > > 1) Installing this application outside of market requires that you > > explicitly disable the "Allow installation of non-market application" > > settings, which generates a huge warning. > > 2) Attempting to install the app clearly shows it is "a service which costs > > money" and "sends SMS". Common sense would indicate that a media player > > shouldn't do that. > > > I think Google's statement on this matter pretty much sums up the > > countermeasures: > > > """ > > Our application permissions model protects against this type of threat. > > When installing an application, users see a screen that explains clearly > > what information and system resources the application has permission to > > access, such as a user's phone number or sending an SMS. Users must > > explicitly approve this access in order to continue with the installation, > > and they may uninstall applications at any time. We consistently advise > > users to only install apps they trust. In particular, users should exercise > > caution when installing applications outside of Android Market. > > """ > > > IMHO, this is just irresponsible fear mongering by anti-virus vendors > > attempting to sell their product. > > > -- Nick > > On Wed, Aug 11, 2010 at 12:01 PM, Dan Hein <[email protected]> wrote: > > >> See > > >>http://news.cnet.com/8301-27080_3-20013222-245.html?tag=topTechConten... > > >> Does anyone know any more about this? > > >> I assume this trojan app is not available on Market. > > >> Obviously, this is a social engineering attack, but does anyone have any > >> ideas for countermeasures that could be used in this scenario? > > >> Thanks, > >> Dan > > >> -- > >> You received this message because you are subscribed to the Google Groups > >> "Android Security Discussions" group. > >> To post to this group, send email to > >> [email protected]. > >> To unsubscribe from this group, send email to > >> [email protected]<android-security-discuss%[email protected]> > >> . > >> For more options, visit this group at > >>http://groups.google.com/group/android-security-discuss?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Android Security Discussions" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to > > [email protected]<android-security-discuss%[email protected]> > > . > > For more options, visit this group at > >http://groups.google.com/group/android-security-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
