SoylentNews is people
SoylentNews
posted by
martyb
on Friday January 05 2018, @03:50PM
from the the-play's-the-thing-where-I'll-capture... dept.
from the the-play's-the-thing-where-I'll-capture... dept.
TrendMicro has discovered 36 apps in Google Play that execute unwanted behavior:
These apps posed as useful security tools under the names Security Defender, Security Keeper, Smart Security, Advanced Boost, and more. They also advertised a variety of capabilities: scanning, cleaning junk, saving battery, cooling the CPU, locking apps, as well as message security, WiFi security, and so on.
The apps were actually able to perform these simple tasks, but they also secretly harvested user data, tracked user location, and aggressively pushed advertisements.
The apps in question have been removed from Google Play.
Related: Google Pauses Crackdown on Apps That Use Accessibility Features
This discussion has been archived.
No new comments can be posted.
Apps on Google Play Disguised as Security Tools Instead Serve Ads and Track Users' Location
|
Log In/Create an Account
| Top
| 54 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
The Official Colorado State Vegetable is now the "state legislator".
(Score: 1, Insightful) by Anonymous Coward on Friday January 05 2018, @06:20PM (14 children)
Thank you for that detailed and comprehensive criticism of the FSF! You've completely changed my mind! I'd mod you up, but I'm an AC right now.
(Score: 0) by Anonymous Coward on Friday January 05 2018, @06:23PM (13 children)
Unless you sign away all legal rights to the FSF, it rapidly becomes very difficult to participate in the production of their software.
That's why there are so many alternatives; the FSF throws out technical excellence in favor of philosophical and political masturbation.
(Score: 1, Insightful) by Anonymous Coward on Friday January 05 2018, @07:16PM (7 children)
I don't think I'm aware of this license. I typically release my programs under either GPL or LGPL. What is this FSF license called and where may I read about it?
(Score: 1, Informative) by Anonymous Coward on Friday January 05 2018, @07:45PM (6 children)
You'll have to sign a special form, and assign your copyrights to the FSF.
Seriously, you people are talking out of your asses. I've at least got experience.
(Score: 3, Informative) by lentilla on Friday January 05 2018, @10:29PM (5 children)
This is to prevent issues arising in the future like we see with the Linux kernel - forever stuck on GPLv2. With the copyright assigned to a single; trusted; project sponsor, they don't have to seek consensus to move the project forward (or enforce the licence). As you might imagine, obtaining permission from now-deceased contributors can be challenging.
Nothing here takes away your moral rights to what you contribute. You wrote the code, you contributed the code, everyone in the world can see that. The copyright assignment is simply thinking ahead, anticipating the implications of a changing legal landscape.
(Score: 0) by Anonymous Coward on Friday January 05 2018, @10:45PM (1 child)
*Is* it a problem to be stuck on GPLv2?
(Score: 2) by lentilla on Saturday January 06 2018, @12:56AM
Yes and no - rather depends on your goals and values. The main difference between v2 and v3 are the anti-Tivoization clauses. Others will be able to explain this much more eloquently than I am able in a short post.
(Score: 0) by Anonymous Coward on Saturday January 06 2018, @12:48AM (2 children)
So... try again.
(Score: 2) by lentilla on Saturday January 06 2018, @01:05AM
Quite. Linus is the ultimate pragmatist. His goal is; well; let's call it "market penetration", and from that perspective, GPLv2 suits his goals admirably.
Fair call. Linux is; however; a good example of a project where it is impossible to update the licence. Not even Linus himself could do this. This may; or may not; be a "good thing" - only time will tell.
(Score: 3, Touché) by lentilla on Saturday January 06 2018, @01:15AM
Actually (and at the risk of starting a flamewar), I will take you up on the challenge: had Linux been an FSF project, we would not have had to put up with that ridiculous SCO debacle [wikipedia.org].
Now I'm not stating a position on whether Linux should have been an FSF project... but I am saying we would have avoided years of damage and millions of dollars of legal fees.
(Score: 2) by HiThere on Friday January 05 2018, @07:43PM (4 children)
What you say is true IFF you want the FSF to distribute your software. That's not one of my requirements.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 1, Insightful) by Anonymous Coward on Friday January 05 2018, @08:10PM (3 children)
If you want to contribute anything more than a few typo corrections, they'll start hounding you to sign a document which transfers to FSF rights to patents and copyrights. Nobody else does that sort of thing, and the result is that people would rather work on other projects than associate with the FSF.
So, go ahead. Signal your virtues with a check to the FSF; the rest of us are going to spend our resources actually working on useful FOSS.
(Score: 0) by Anonymous Coward on Friday January 05 2018, @10:49PM
Apache does too. Projects there have to think about how much code they can accept from the community before a copyright assignment is needed.
What's wrong with just answering "fuck off"? Either they take your contribution, reimplement it themselves, or you can post the patch on your website.
(Score: 0) by Anonymous Coward on Friday January 05 2018, @11:18PM (1 child)
So they try to make you sign away the copyrights and patents for your patch to them, or is it more broad than that?
(Score: 0) by Anonymous Coward on Saturday January 06 2018, @12:54AM
The legal statement you're supposed to sign conveys to the FSF any future rights and patents that might in some way be connected back to your patch; on paper, you're basically giving up participation in the patent/copyright system, which is exactly what the FSF wants.
The FSF only likes copyright law insofar as it can be hacked into supporting the copyleft philosophy.