Tag Archives: malware

Resilience for Connected Objects

Attacks occur, especially on IoT. While it is very hard to avoid an attack altogether, we can minimize its consequences. The first factor to consider is the impact of an attack; there are many ways to analyze such impact, for instance from a financial or technical point of view. In a very simple analysis, we […]

Android malware better, still accessible

I have been lazily looking at the latest Android piece of malware these past few days, until a tweet written this afternoon by @cryptax: Disagree with http://bit.ly/hq5J6H on raising entry fee of #android dev: organized gangs will still pay. Genuine individuals no. It sure sounded to me that I agreed with Axelle, and not only […]

Android Malware, Permissions, and Side Channels

New Android malware keeps popping up, and the latest one to be publicly discussed is very typical of what we are seeing these days. And frankly, I haven’t found them very impressive. In short, the attack consists in recording phone calls, identifying calls to credit card support lines, then analyzing the recording to identify the […]

Android malware hype

There is no better publicity for a security company than a good scare. Apparently, some guys at Smobile are taking publicity seriously. They have published a report entitled Threat Analysis of the Android Market, which got them some news coverage. The report includes some pretty scary statements, like: 3% of all of the Market submissions […]

Should we sign malware?

The distribution of mobile applications heavily relies on digital signatures. Applications must be signed before they are distributed. The problem with signatures is that we have often been warned that “we should not trust applications that have not been signed”. Although this is absolutely true, and although anybody who has followed a Logics 101 class […]

Android’s definition of malware

Android is starting a security review, so there have been some communication about security. Among this communication, there is a Security FAQ, which includes a list of characteristics of malware. Here are a few comments on this list (the items are not in the original order). First, we have the obvious items. Any application doing […]