Native Browser Malware/Virus

Copying what I said in the meeting here, as it was right at the end:

When the background running is disabled, then that package isn’t allowed to receive broadcast intents (such as boot_completed, which is the standard way for apps to launch themselves at startup), and when its window is closed then the app is force stopped. that stops the ‘normal’ ways for apps to start, but a lot of them put a lot of effort into launching themselves any way they can. Certainly an app or its services can be launched from another app, or via some background push notification service if you have one of those running though MicroG or something. The trouble with hacking around with that stuff too much is if we deviate too much from how android normally works, then innocent apps will stop working properly.

4 Likes

Thanks for the explanation - I think I understand it and that, what you are essentially saying is because certain android devs “cheat” their way around the normal process this problem isn’t really fixable (i.e. you’d have to keep up with every new way they find to cheat - and that in itself might break other standard stuff. If you can’t stop an Android app from starting in the Aliendalvik world maybe you still can stop an android app from starting a native sailfish app in the Sailfish world?

Without permission of course.

Indeed, the German language seems to have ‘en’ on the end of a lot of words - and not just nouns but adjectives as well (e.g. grossen). I’m sure this must mean something but my German is not good enough to understand what :pensive:

Android apps not respecting the option in settings is of nothing new to me personally. This was the case in the old Jolla phone’s dalvik as it is now in the XA2’s. Some really insist on relaunching themselves up. Not just only fishy apps like apkpure. Some main and big ones I’ve noticed; Outlook, Chrome, Anghami(spotify like app), Twitter.
Ok these are naturally suspicious :roll_eyes: but anyway…

I’ve just installed a security update of APKPure. Let’s see what happens now.

This sounds like a terrible security model - basically just trusting an app to respect an option setting without any enforcement by the OS, rather than the option setting in the OS forcing an app to behave, or not, in a specific manner. If this is really how it works then OS architecture/design has gone backwards :pensive:

2 Likes

-en is plural in German, no secrets here…

The security or quality of the software is no worse today than it was 10 years ago if you compare the number of bugs with the number of lines of code I think. Software has become more complex and confusing. It is only human work and remains imperfect.

Because of this, there are more people today who are interested in bugs in order to use them for their own purposes. When working on modules in teams, fewer bugs are found because everyone only knows their task and not all of the dependencies. Working without a quality check is no longer possible, but finding and fixing bugs costs time and money. Is that realistic for an app for € 1.50 and a maximum lifetime of 1 year? I do not think so. Programmers of a useless fart app can get the idea of ​​integrating malware and trackers as well. Everyone wants quick money. Unfortunately, programmers of trusted software, such as for banks, have the same idea in the meantime. That concerns the money and the security of the customers.

It is important to understand that almost all current Android apps contain trackers and / or adware.
The system is the fault!

“APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices.”

“This trojan belongs to the dangerous Android.Triada malware family capable of downloading, installing and uninstalling software without users’ permission,” Doctor Web researchers said.

2 Likes

It’s not the first time that alternative stores have been affected. Last year, Aptoide lost the data of 20 million users. It always comes through the third party adware modules. Apparently nobody checks them before they are integrated into their own app. One more reason not to use this Google system.

1 Like

This solved the problem on my devices.