Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Android Browser flaw a “privacy disaster” for half of Android users


  • Please log in to reply
5 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,397 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:11:50 AM

Posted 16 September 2014 - 07:35 PM

 

A bug quietly reported on September 1 appears to have grave implications for Android users. Android Browser, the open source, WebKit-based browser that used to be part of the Android Open Source Platform (AOSP), has a flaw that enables malicious sites to inject JavaScript into other sites. Those malicious JavaScripts can in turn read cookies and password fields, submit forms, grab keyboard input, or do practically anything else.

Browsers are generally designed to prevent a script from one site from being able to access content from another site. They do this by enforcing what is called the Same Origin Policy (SOP): scripts can only read or modify resources (such as the elements of a webpage) that come from the same origin as the script, where the origin is determined by the combination of scheme (which is to say, protocol, typically HTTP or HTTPS), domain, and port number.

Android Browser flaw a “privacy disaster” for half of Android users

BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,552 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:50 PM

Posted 16 September 2014 - 08:08 PM

While this is not great news it's not the end of the world. download and install a replacement browser such as the KitKat default Chrome browser. If you hate Chrome there are many many others to choose from. Once you have a new browser, disable the default one.

I did a very unscientific poll about 4 months ago amongst friends, coworkers and acquaintances who use Android. Out of the 40+ people I talked to less than 5% used the default browser that is the basis for this article. So while indeed it is an issue that needs addressing. I can't help but wonder what the true risk factor numbers actually are? I have doubts that it's actually as high as the half of Android devices in service. I actually had to make a concerted effort to find people who use the default browser. I know I'm only one person, but as a random sampling I can't be that unique.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 13,397 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:11:50 AM

Posted 16 September 2014 - 09:30 PM

I miss the good old days when a cell phone was just that a phone, I still remember my old Motorola brick, I could get calls and make them. Then in came TXT  messages, HMM now people could annoy me without speaking to me. As for all these new phones these so called smart phones I hate them, No I do not want to surf the net from my phone, or watch movie's or play games or listen to music, I just want to make phone calls now and then.

I have an IPhone 3GS 16GB, And have turned off as much of it as I can, Bluetooth WiFi email notifications all that is off.

If anybody could show me the way to turn the internet side of the phone off without affecting the phone and txt message side I would also do that.

 

<Rant ^^^^^^^^

 

I am one of those people who would use the default browser on an Iphone or Droid as I don't use the net on my phone, except in an emergency I would not consider changing browsers, And I should know better.

 

 

 

I actually had to make a concerted effort to find people who use the default browser.

Try hanging with a non tech savy crowd. Mostly in their 50's. The younger generations are ok, Its us oldies.

 

Here's how I see it.

With a few exceptions.

70 + When I was your age .....................

50 + Generally have no clue about all this new tech.

40 + Get some of it Just. Can set the clock on microwave.

30 + Mostly ok with it. As long as its click n point.

20 + Easy.

As for any teenagers well they know it all just ask them. No exceptions.

 

We could run a  poll? See what the members say.

 

 

PS.

I just ran a quick poll at work I asked 10 people what type of operating system do you have on your phone and what browser do you use.

 

Replys.

 

6 its an Iphone.

3 Its android Huh what browser.

1 No idea its android. I just click and it works.

 

Guess I hang with the wrong crowd.


Edited by NickAu1, 16 September 2014 - 11:13 PM.


#4 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:09:50 PM

Posted 17 September 2014 - 02:49 AM

 

 

I miss the good old days when a cell phone was just that a phone

 

So do I! :thumbup2:

 

I don't use a cell phone that much, just for my doctor appointments & business. What I have is a TracFone (don't laugh!), and all I have to do is add a card every 3 months. On eBay, I often get 200 minute cards for what 120 minute ones costs in the stores. Plus my phone is double minutes, so that makes it 400 minutes. I also find online promo codes that gets me as many as 100 extra minutes, though 60 is more common. 

 

The issue.....it's getting hard to find good flip phones these days, yes there may be one or two LG's or some off brand in the local stores. So I find them on eBay or Amazon. Though I have to search the model to see it if activates in my area. I lucked out last time & found a brand new Samsung one for $6.99 + $3 shipping, for a total of $9.99. Not bad, considering WalMart sold the same phone for $29.99. I would have bought two of them, but the thing is, they may activate one day & we can use them until they're dead, and then try & activate the other, no go. 

 

I like this phone, it's simple, the way I like it, it's a bit smaller than I prefer, but for $9.99 shipped, it's great. Oh, & picks up better than the Motorola I transferred from. 

 

I also agree with Nick above, many that I know over 50 has book sense, as most has college/university degrees, but has no common sense at all. Cannot configure a printer or wireless router. Most of these are my in-laws, so I kind of feel obligated to assist. The cool thing is, when they buy something new, I often get the old, be it a notebook, wireless router, sometimes a monitor & one time, an full version copy of Vista 64 bit, from which I upgraded Windows 8 Pro from in the fall of 2012. 

 

But these phones, the smart ones, throws me for a loop. A few uses Apple, while others uses Android & there is something wrong with the browser, as one relative is always getting his infected. It would seem there's a security pack to fix this, plus the privacy issue. There are several brands of security now available for these smartphones, why don't the users of these have installed security? 

 

Anyway, the way the one I know got the issue fixed was in what I suggested, install the Opera browser for these phones & installed the security that he was entitled to from his ISP. He happy now, I guess that's what counts. 

 

Like Nick, I keep my phone cut of much of the time, it doubles my battery life between charges. And if I get more than one prank call from the same number, I block it. But I don't have to worry with trying to turn off the browser, Internet, or whatever on a dang phone. It would concern me if data was being used, I realize it has to update, but like IE on Windows 8, is there always junk there to clean? 

 

A phone is a phone & a computer a computer is the way I see it. But I'm in the 50+ crowd, so that's expected.  :P

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#5 saluqi

saluqi

  • Members
  • 622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:06:50 PM

Posted 01 October 2014 - 11:25 PM

Hmm, I dunno.  I will be 83 in about 4 months' time, and carry 2 cell phones at all times.  One for work, one for private.  The work phone is a Samsung Rugby 2 (shortly to be upgraded to Rugby 3).  Flip phone, pretty capable, and very tough.  I have seen one dropped into a vat of liquid chlorine ... 3 years later it is still working (one of my staff members is using it - not the one who dropped it, who is no longer in our employ :)).  My other, personal phone is a Galaxy S5.  Yeah, I don't want to be pursued by E-mail to the ends of the earth - but that is under one's control.  I have LOTS of E-mail (I am list owner or moderator all over the place, mostly technical biomedical and genetics stuff) so I ration it to my home computer, once a day, and don't let it intrude on my work time (I am the overly busy GM of a rural water district in drought-ridden California).  Yes, I have an advanced degree (Ph.D. in biology, but also with major interests in mathematics, physics and music, to name only some).  For about a decade, in my 60s, I earned my living as a software developer (yeah, I know, you're not supposed to be able to do that past 25, or 30, or whatever, but it ain't necessarily so).  Mathematicians, and poets, and probably programmers, do their best work when very young, with uncluttered minds, but also, you do what you have to do, according to the circumstances of the moment, and my programming days were late in life (and yeah, I wrote very "tidy" code, aka "economical" or even "elegant" :))  It got the job done, and made the users' lives easier, which IMHO is the object of the exercise anyway :).

 

I think this has a lot to do with fear.  If you tell people often enough that they won't be able to do something, they come to believe you.  There is a thing called "learned helplessness" and we see far too much of that in modern society.  One of my early experiences was teaching biology at an Eastern university (no it was not Princeton, where I earned my degrees).  Phys. Ed. majors, which included most of the football team, had to take and pass elementary biology.  In those long-gone days the football recruits in state universities were often Polish miners' kids from West Virginia, Ohio, etc.  They had been told for so long, throughout their school careers, that they were dumb, they had begun to believe it themselves.  So here is this college kid on a football scholarship, sitting in a biology lab with a dissected frog, trying to make sense out of the lab manual in order to make an intelligible drawing of what he is looking at.  Complete bafflement.  I walk over and flop down on his desk the current playbook.  "If you can understand THIS, THAT should be a piece of cake!!!".  Startled awakening (they all passed <G>).  Nothing wrong with their brains, only with their indoctrination.  You don't become a brilliant athlete with a substandard nervous system.

 

Of course some of those kids were not verbal athletes, but verbal is not the only game in town (ask any musician, just for example).  A lot of biology is pictures, and that's not verbal either.  A football playbook is about patterns . . . not verbal ones . . . :)



#6 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:09:50 PM

Posted 02 October 2014 - 01:35 AM

 

 

 If you tell people often enough that they won't be able to do something, they come to believe you.  There is a thing called "learned helplessness" and we see far too much of that in modern society. 

Yes, that's very true & why so many are flipping hamburgers & performing other minimum wage jobs, for this very reason, many of these folks has no confidence in themselves & have accepted this fate. Some who works harder than others & stands out may be promoted to management. That's what happened with me, in the sales industry, more on that below. 

 

On the other hand, it also works the other way. People can be encouraged, though the process is different with each & one has to get to know & develop a relationship with the individual, over time, the supervisor can coach the employee into the next level. I was able to coach many who had always had low paying jobs to be the best they can. While there were a few who couldn't be coached, it was because they didn't want to be. 

 

In my sales career, I began from the same place as those whom I coached. My supervisor told me after just two months that he seen "supervisor" material in me. Took almost three years for that to happen, but it did, in 1996 I had a job that was normally reserved for a 4 year college grad. And in 4-5 more years, another promotion followed. It's about believing in one's self & refusing to give up, no matter the challenge. 

 

Though today, I'm physically disabled, I still hang in there by keeping my mind busy. It's easier to deal with when the mind is on something else, like assisting others on these forums. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users