Android Threat Level?

Discussion in 'Android Tablet Apps' started by OffWorld, Jul 16, 2011.

  1. OffWorld

    OffWorld Senior Member

    Joined:
    Oct 5, 2010
    Messages:
    460
    Likes Received:
    67
    Trophy Points:
    102
    Location:
    Minnesota, USA
    Tablet / Device:
    Haipad M701-R, Augen Gentouch 78 (returned it)
    There have been some recent news articles about threats to Android devices from malware/viruses/trojans - some of which found their way into the official Market. There is also a warning about infected apps in Chinese app stores and you never know where those might end up. My tablet is from China and came with a bunch of preinstalled apps as does the unofficial firmware I'm running now and there's no way for me to know where those apps originally came from. I've also side-loaded a number of apps I've downloaded from various places, some of which have been hacked to run on my hardware but you never know if some malware came along for the ride or if the hack left a security hole. I've also been connected to a number of public, unsecured networks with my tablet.

    Suffice it to say I thought it was time to install a decent anti-virus on my tablet and scan it. I went with AVG Antivirus free version downloaded from the official Market.

    This is clearly intended for locked-down devices, not those of us who hack and develop with our devices. My tablet is rooted, I have the Superuser app installed, and connect via ADB so often I leave USB Debugging turned on all the time. AVG sees ALL of these as threats!

    It will see Superuser.apk as an "infected" app and prompts you to uninstall it! Thankfully it isn't, it is likely flagged because it can elevate the privileges other apps.

    Being rooted also means that my tablet is generally running with elevated privileges, so that gets flagged as a security risk too under Settings. I'm not really sure why "USB Debugging" also gets flagged there, maybe because it can provide a way to unlock the phone without knowing the unlock pattern?

    Once I told it to "Ignore" those three things it rescanned and didn't find anything else, which frankly surprises me but I'll take the good news.
     
  2. gurgle

    gurgle Super Moderator Staff Member

    Joined:
    Aug 6, 2010
    Messages:
    1,463
    Likes Received:
    130
    Trophy Points:
    162
    Location:
    Near 39.11°N 94.6°W
    Tablet / Device:
    Better question What don't I own, Oh a generic APAD
    Good to know, I chose Webroot's product about 3 months ago for the same reason. What it does not like is any Side-load app or USB Debug mode enabled. It also inspects shares. I participated in their Beta program and converted for free to the commericial product.
    What I have done is compared performance on my Archos 101 with and without AV protection. There is not so much a performance hit as there is a memory loss in the available memory of the OS. I will get the low memory warning icon, if I load too much earlier than without the AV. Otherwise it is good.

    I too have had false positives, but they were (PUPS) Potentially Unwanted Programs. These are security apps that inspect the kernel and similar for forensic testing.
     
  3. Spider

    Spider Administrator Staff Member

    Joined:
    Mar 24, 2011
    Messages:
    15,415
    Likes Received:
    1,784
    Trophy Points:
    1,000
    Location:
    Chicago, IL
    Tablet / Device:
    NOOK Tablet Stock NOOKcolor Rooted/Flashed Nexus 7 (2013) 32GB Stock
    Thank's for posting this information. It's a good thing you're knowledgeable enough to know those are false positives and can ignore them. That sort of thing would scare a new person, but then a new person probably wouldn't be running SU. :)
     
  4. hunted

    hunted Member

    Joined:
    Jul 4, 2011
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    60
    Location:
    USA
    Tablet / Device:
    acer iconia 500
    We should all beaware that if it is a program or anything that needs a program to work there is always someone out there that wants to get in and look. some of those lookers like to be destructive. They are destructive cause they get kiks out of it. So it is up to the individual to decide how much protection you need to have if any. Also remember that free can sometimes come with a price! ;={
     

Share This Page

Search tags for this page

kindle fire avg threat enable usb debug

,

why webroot sees messaging on android as a threat