Preventing spying/keylogging

[twinmomma416]

My contract with ATT is up and we are switching providers due to limited tower availability near our home. We will be switching to Sprint which does surprisingly well where we are at.

I was a BB power user who switched to iPhone two years ago. I loved it. Ease of use, all the apps, etc... Disappointed in the lack of customization but happy with the security of the phone and trusting the apps.

Fast forward to now and I'm rather let down by the iPhone 5 release. I was hoping for much more - bigger screen, more iOS features/customizability. I'm a big fan of Apple computers mostly because I don't have to worry about viruses and my wife downloading stuff since she is NOT a techie at all. Played with my friend's HTC Evo 4G and fell in love.

Here's my problem. I don't like what I'm reading about the susceptibility Android's platform has for keyloggers and spyware. I deal with a lot of confidential information (I work in government HR) and I cannot risk someone putting something on my phone either through an app, an email, a text, whatever, that could compromise that. I've searched for anti-keyloggers/anti spyware but I'm not finding anything that really puts my mind at ease.

I'm not interested in rooting a device, but I am interested in making sure I don't worry about these things daily. I want to go Android, but Apple's security leaves me feeling more at ease.

Thoughts from the experts here?

I should add I'm also considering the Galaxy 3

 

[Mooncatt]

First off, I don't buy into any system being safe from malware, be it Apple or any other company. Second, from what I hear, the Google Play store is supposed to be very safe from hidden malware in apps. Granted, you could pick up something in an app downloaded from outside the store, but you can set the phone to not allow installations from outside Play. I'm not a security expert, but everything I've read says things can't just infect your phone without you at least being notified that something is installing.

Whether anti-malware programs are needed or not, I still installed AVG on mine, which has some nice features. Of course, I've never been infected with anything to really test its protection.

 

[Phil Nickinson]

Here's our take: From the Android Forums: Android security | Android Central

 

[Belly of the Beast]

To be quite honest, the whole "mobile malware" thing is a bit overblown. Granted, no system whatsoever is truly invulnerable to exploits, but the problems, I feel are greatly exaggerated. To go a bit more in-depth, first, look at the system itself. In typical Linux fashion, applications are separated out in "sandboxes", basically they are isolated and my only interact with other apps which are specifically given permission. These app sandboxes also prevent the app from accessing anything they have not explicitly requested permission for when you installed it.

So now that we have an, admittedly simplified, idea of what's going on at the system level, we can take a look at the market level. in addition to the permission requests that have to be agreed to before the app can be installed, there's Google's safeguard, called Bouncer. Bouncer is essentially a program that sifts through the market constantly, downloading and examining apps to determine if any foul play is afoot. Google also has a great track record back in the day of fixing such problems, a few years ago, when the whole DroidDream thing happened, response was very swift, going so far as force uninstalling infected apps from users devices.

On the whole, while there has been an example or two of malware in the past, it really is not much of a concern. If you really are concerned, just make sure you don't download apps from unknown sources, and grab an anti-virus suite like a vast!

oh and to address the other concern...to my knowledge, things like flyby malware from webpages is not now, nor has ever been viable on android systems.

any further questions feel free to ask, hoping to see you on team android!

 

[twinmomma416]

Ok, so i get it from an "accidental" malware type of situation. But what about an intentional one? A nosy spouse or leaving my phone on my desk to go to a meeting? My understanding is apple needs to be jailbroken but android doesn't need to be rooted in order for intentional spyware to be installed, which was confirmed by a brief google search of android keyloggers.

Thoughts?

 

[srkmagnus]

Ok, so i get it from an "accidental" malware type of situation. But what about an intentional one? A nosy spouse or leaving my phone on my desk to go to a meeting? My understanding is apple needs to be jailbroken but android doesn't need to be rooted in order for intentional spyware to be installed, which was confirmed by a brief google search of android keyloggers.

Thoughts?

There are apps to password protect certain apps if you don't want someone opening something in particular and going through the contents. Otherwise you can password protect the device to prevent any unauthorized access.

As for the nosy husband, its called trust

 

[Rukbat]

I'm a big fan of Apple computers mostly because I don't have to worry about viruses

Who told you that? If the computer is working, and it's connected to anything external - the internet, a USB drive that's been somewhere else, a floppy - you can get viruses. It's true of a Commodore 64 and it's true of an IBM mainframe. Most script kiddies can't find scripts for Apple products, so they can't modify them and send them out. But any decent programmer can write a virus that would totally brick your Apple computer (or your iPhone).

and my wife downloading stuff since she is NOT a techie at all.

No problem downloading stuff in any phone.

[Ok, so i get it from an "accidental" malware type of situation. But what about an intentional one? A nosy spouse or leaving my phone on my desk to go to a meeting?

On an Android, iPhone or Windows phone (or some not-so-smart-but-more-than-feature-phones), it's the same thing. A spouse who knows how to install a program can install one, and anyone who can write apps for a particular operating system can learn to write a keylogger.

My understanding is apple needs to be jailbroken but android doesn't need to be rooted in order for intentional spyware to be installed, which was confirmed by a brief google search of android keyloggers.

Nope. Jailbreaking and rooting give you access to the root account. There are ways of sneaking a keylogger into a plain old app that will usually be running. (Not all keyboards need root - jailbreaking or rooting - but any one of them can log keystrokes.) You won't find any apps in the Apple store that have keyloggers hidden in them - because Apple checks every app before allowing it to be downloaded (they say), but anyone can write an app for iPhone and put it up for downloading on another site without Apple's permission.

The person who assumes that his computer (or phone) can't have malware in it probably has a computer with malware in it. The way to avoid malware is to actively avoid it, not to assume that your device is immune to it.

 

[twinmomma416]

Let me clarify my virus statement - the sorts of viruses my PC Desktop has managed to be riddled with have never infected my Mac computers. So IN MY EXPERIENCE, my mac's have been less susceptible to virus invasion than my PCs. I'm well aware of how viruses work.

The downloading comment regarding my wife had to do with her accidentally downloading viruses (again happened a lot with the PC) and the fact that on the Mac it's a lot harder to do (3rd party browser add ons were a huge issue).

Jailbreaking an apple iphone is the only way to get a mobile spyware program on the phone that is currently commercially available. Do a quick google search and you'll find they all say an iPhone has to be jailbroken but an Android does NOT have to be rooted in order to install the programs.

Nobody said I assumed my phone/computer didn't have malware, and my question was specifically ABOUT actively avoiding it. The condescending nature of most of these replies is in large part why I even hesitated to post. I'm not an idiot technologically, I don't have fear of new things or switching because apple's interface is easier to navigate. I was asking a technical question to a group of people who purport themselves to be more advanced technologically than apple iphone users. Thanks for those who actually assisted without the derision.

 

[Bowser19]

Whether we're please about it or not, we have got to get used to an Android community that is becoming more mindful of malware... mostly because - and I agree that the threats are overblown - but because external fears of malware (among the public) will lead to an internal loss of money for devs and mobile advertisers in our circles. There is a rat race like I've never seen to bolster mobile security. I use Airpush, so I see that they just teamed with Appthority in what they say is a "huge leap forward in erasing malware from the Android ecosystem." We are going to see a crap ton more of these announcements. partnerships, etc. next year. Bet everything I own on it.

 

[Daviddcross]

If a person has your phone and downloads an app. That tracks everything, keystrokes, audio, text, allows you to hack Facebook, your location, and more. How do you get it off.

 

[belodion]

If a person has your phone and downloads an app. That tracks everything, keystrokes, audio, text, allows you to hack Facebook, your location, and more. How do you get it off.

Welcome.

This is an old thread from 2012 and things have probably changed a lot since then. What is the app?