Does malware only come from Apps?

Toggle sidebar Toggle sidebar
B

BlueEyesNotADragon

Member
Apr 18, 2014
14
0
0
Hello! I browse the web alot using the androids browser. So my question is does malware only come from installed apps? The only instance I know of for the internet is drive by downloads and I thought you had to install the apk it gave you to even do any harm. Currently have a Samsung Galaxy s3 with side loading disabled and only install apps from the Google Play Store.

Posted via Android Central App
 
Welcome to Android Central :)
You can get malware from side-loading app, downloading APKs, and browsing sketchy sites. The latter is the least likely though, so if you just stick to apps from the Play Store you should be fine.

Sent from my Galaxy S4 running SlimKat 4.4.2
 
BlueEyesNotADragon said:
Thanks for the response! How do sketchy sites infect you?
Click to expand...

As UJ95 said, it's much less likely for a website to infect your mobile device these days. Most vulnerabilities would rely on you opening a file that was downloaded from said site (whether intentionally or otherwise), and in the case of Android that's pretty much just APKs. Even then, it's still unlikely. It also depends on how you define "infect" — there are some pretty undesirably tracking cookies out there. Many past browser vulnerabilities relate to file or plugin issues, such as with PNG file and Java plugin vulnerabilities. These work in ways that don't usually translate to mobile environments and browsers, meaning you're fairly safe. That's not to say there aren't problems, though:

Making sense of the latest Android 'Master Key' security scare | Android Central
Multiple vulnerabilities in Google's Android | CORE Security

The second link mentions vulnerabilities that were triggered by opening image files in the browser. The good news is that Google is experienced with software security and is typically on top of their game. Keep an eye on our Security section (and this forum) to stay up to date... Android Security | Android Central
 
Thanks so much that's extremely relieving. Just a few last points im worried about if you wouldn't mind; when you refer to opening images in the browser is that loading up a page that has images on it? Such as 9gag or 4chan. And the browser has a retrieve running apps permission. Could a hacker or malware take advantage of that and use it to see pictures or anything else that's still running?

Posted via Android Central App
 
BlueEyesNotADragon said:
Thanks so much that's extremely relieving. Just a few last points im worried about if you wouldn't mind; when you refer to opening images in the browser is that loading up a page that has images on it? Such as 9gag or 4chan. And the browser has a retrieve running apps permission. Could a hacker or malware take advantage of that and use it to see pictures or anything else that's still running?

Posted via Android Central App
Click to expand...

Yes, that's correct — any images loaded in web pages were susceptible, though it's important to note that these specific problems have long since been addressed. I don't know of any current major security vulnerabilities in mobile browsers, and the fact that these problems existed at some point isn't cause for concern, only awareness. And, for comparison, these "vulnerabilities" aren't always used with malicious intent. JailbreakMe, an early jailbreak solution for iOS devices, used a vulnerability in Safari's PDF file parser.

Any permissions granted to Android apps specifically relate to components of Android and your phone that the app in question is able to access or use. In the case of web browsers, it's not possible for these permissions to simply "pass through" to any web content; web content is rendered and executed by the web browser, but not at the same level. In the case of other apps, there's no question. The permissions don't extend beyond that application. Web scripts (typically JavaScript) have limited access to information about the client device they're being run on, as well as the ability to do things like tell the web browser to open custom dialog boxes (like text inputs, etc). Though these tools can be used to mislead the user, beyond that they are relatively harmless. Plus, without JavaScript, much of the web just wouldn't work.

Android effectively limits how much information is available to applications, and the primary user-facing mechanism behind this is the permissions system. Pay attention while browsing and downloading, pay attention when installing apps, and keep an eye out for security news, and you should be good. :)
 
Your so helpful! Thank you so much! My primary concern was having the web up, then starting up an app, then going back to the web. Didn't want anything floating around : ) Also never knew alot about Android so now I know something : P

Posted via Android Central App
 
Last edited:
You must log in or register to reply here.

Similar threads

L
[App][4.0+][Free][Root optional] App manager - manage your installed apps, APK files, and removed apps
Replies
0
Views
1K
Android Apps
LB LB
L
P
S21 FE Battery drain
Replies
6
Views
1K
Samsung Galaxy S21 & S21+ & S21 Ultra
pjtwyman
P
I
Tablet keeps restarting when downloading newly downloaded apps — even from the Play Store
Replies
3
Views
2K
Android 13
B. Diddy
B. Diddy
G
  • Question Question
Question Major android breakdown
Replies
2
Views
915
Ask a Question
goodknight
G
J
Android 4.4.4 tablet revival
Replies
25
Views
4K
General Help and How To
mustang7757
mustang7757

Latest posts

Trending Posts

Members online

Total: 4,690 (members: 3, guests: 4,687)

Forum statistics

Threads
954,244
Messages
6,961,059
Members
3,162,960
Latest member
wyn8

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom