2015-03-15, 00:54
2015-03-17, 13:22
Yes,
I was scanning with CM Security and found this "BroadAnyware Vulnerability" and it says to fix it, But I'm curious because I can't seems to root this phone with any given methods and 5 minutes ago I've download CM security and scan my phone and finds this virus, Wondering if I should fix it or it's trying to help me root my phone?
Please answer ASAP
I was scanning with CM Security and found this "BroadAnyware Vulnerability" and it says to fix it, But I'm curious because I can't seems to root this phone with any given methods and 5 minutes ago I've download CM security and scan my phone and finds this virus, Wondering if I should fix it or it's trying to help me root my phone?
Please answer ASAP
2015-03-17, 17:09
(2015-03-17, 13:22)CuteBoii Hudson Wrote: [ -> ]Yes,Is Android's BroadAnywhere really a threat that an antivirus can protect from? Do Android phones need antiviruses?
I was scanning with CM Security and found this "BroadAnyware Vulnerability" and it says to fix it, But I'm curious because I can't seems to root this phone with any given methods and 5 minutes ago I've download CM security and scan my phone and finds this virus, Wondering if I should fix it or it's trying to help me root my phone?
Please answer ASAP
BroadAnywhere
Firstly, BroadAnywhere is not a virus or malware. It's just an ordinary software bug in Android.
I became aware of this after I installed an antivirus on an Android phone and the antivirus said it detected the BroadAnywhere vulnerability and was now able to protect the phone from it. Made me curious, and I dug up the actual flaw and its solution:
BroadAnywhere is classified as Bug: 17356824 in Android's Operating System code and won't be found in any Android OS that's released after September 10 2014; and that would be Android version 5.0 onward.
The bug
mPendingIntent = PendingIntent.getBroadcast(this, 0, new Intent(), 0);
App's in Android communicate with each other using the Intent object. When your app gives a PendingIntent (a reference token) to another app, you're giving it the right to perform the operation you specify (the Intent), using the same identity and permissions as your app. If your app does not cancel the PendingIntent, the other app will be able to continue using it even if your app is closed/killed.
Bug 17356824 was a problem, because the Add Account Settings section in Android needed to identify the app that was invoking it and the PendingIntent it created for it, unwittingly allowed the invoker app to not only send it's identity information but also allowed it to launch activities, services or broadcasts. So anyone can create an app that misuses this PendingIntent, and either make your phone crash or wipe all data in your phone or send spam to your phone or send fake SMS'es.
The fix
private static final String SHOULD_NOT_RESOLVE = "SHOULDN'T RESOLVE!";
Intent identityIntent = new Intent();
identityIntent.setComponent(new ComponentName(SHOULD_NOT_RESOLVE, SHOULD_NOT_RESOLVE));
identityIntent.setAction(SHOULD_NOT_RESOLVE);
identityIntent.addCategory(SHOULD_NOT_RESOLVE);
mPendingIntent = PendingIntent.getBroadcast(this, 0, identityIntent, 0);
Now the interesting part is that antiviruses for mobile phones claim to be able to protect us from this problem. I asked on StackExchange's Android forum, got an upvote, but no reply.
Antiviruses
Windows users would be all-too-familiar with viruses and antiviruses that "catch" and "destroy" them.
Antiviruses use two techniques:
1. Virus signatures: These are just a sequence of bytes that the antivirus searches for, which will be unique for a certain virus. The same way you do a string search. Programmers started creating viruses that were capable of encrypting and decrypting themselves (and thus hiding their signature) and capable of creating variants of their signature each time they encrypted or decrypted themselves. Next came polymorphic viruses which changed the signature of the encryptor and decryptor itself, each time it replicated.
2. Heuristics: The file being scanned is allowed to run in a special virtual environment (something like a sandbox) and it searches for virus-like behaviour (replication, overwriting files or hiding suspicious files).
I've blogged about killing viruses... http://nrecursions.blogspot.in/2014/05/d...linux.html
... and even after I killed a virus, antiviruses in Windows would identify the file as a virus. That's because of Virus Signatures.
So can an Android Antivirus protect you from BroadAnywhere?
The websites of these antiviruses claim to protect you, but haven't offered any explanation of how they do it. They definitely can't peep inside an app and check the lines of code to see what kind of an Intent is being sent, but if the antivirus company maintains a very-frequently updated list of malicious apps, it might be able to warn you that an app you're about to install is harmful.
Question is, do they really do it? It'd require a dedicated team who would actively search for malicious apps and test them. Would a company do so much for free? Or would they make their money by tracking your phone and the data in it (given the high level of permissions that antivirus app's request)? It's a matter of trust.
Do you need an Antivirus at all?
Like in Linux, where your system can get infected only if you deliberately give root access to a malicious program, the one way your phone can be susceptible to viruses or malware is if you decide to give an app elevated permissions on your phone.
So to stay safe, only install apps from trusted sources like Google Play and be a bit suspicious and do a followup of apps that ask for permissions that seem un-necessary. If you're careful, you won't need an antivirus. It's not just about data and security. Many apps gather data about you and your location. Your privacy is also important.