User topics

Article topics

Log in Sign up

Maybe don't install that groovy pirated Android keyboard

A mobile software developer has turned an popular third party Android mobile keyboard called SwiftKey into a counterfeit package loaded with a trojan as a warning about the perils of using pirated or cracked apps from back-street app stores. Georgie Casey, who runs a popular Android app-development blog in Ireland, created a …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Page:

1. 1. 1. 1. Wednesday 27th March 2013 06:19 GMT jake
        
        Re: @DrXym (was: Sheeple are sheeple.)
        
        No, DrXym. I haven't lost anything.
        
        I'm calling the vast majority of the unwashed masses "sheeple", because they follow the flock unthinkingly. They don't actually have a personal point of view, even if they are potentially capable of obtaining one. They follow the church, the political party, the ruling party, the computer company, etc., even in the face of reality that is obviously smacking their faith with cold, hard facts.
        
        They have lost. Sad, that. And I'm totally fucking serious when it comes to this opinion.
        
        If you think I've "lost" because of "thumbs" here on ElReg, you are deluded.
        
        0 0
  2. Monday 25th March 2013 12:35 GMT Wize
    
    Re: Sheeple are sheeple.
    
    'People who call others "sheeple" immediately lose whatever point they are trying to make.'
    
    And they always make me think of http://xkcd.com/1013/
    
    0 0
  3. Monday 25th March 2013 16:30 GMT Anonymous Coward
    
    Re: Sheeple are sheeple.
    
    Besides, the word "sheeple" is now banned because Ms. Richards will get upset.
    
    http://www.theregister.co.uk/2013/03/22/donglestorm/
    
    1 0
2. Monday 25th March 2013 21:46 GMT Anonymous Coward
  
  Re: Sheeple are sheeple.
  
  Jake, everyone is "sheeple" to someone else. You're not a surgeon, so you're "sheeple" to them. Also, if you are all about doing 1 thing and doing it well, why does it take 2+ posts to prove your point? :-)
  
  4 1
  1. Wednesday 27th March 2013 06:26 GMT jake
    
    @MyBackDoor (was: Re: Sheeple are sheeple.)
    
    I'm not a surgeon? No? ::eyeballs DVM cert. hanging on wall[1]:: OK. If you say so ...
    
    It takes more than one post to respond to more than one commentard. Kinda like trying to treat fatty tumors & thyroid issues in an old dog with a torn ACL and mange.
    
    0 0
Monday 25th March 2013 07:57 GMT WonkoTheSane

"Should custom Android keyboards even be allowed?"

I find that with a rooted Xoom 1 running JB 4.2.2, a custom keyboard like (genuine) Swiftkey is NECESSARY!

This is because the stock keyboard closes itself after EVERY keypress.

1 2
1. Monday 25th March 2013 08:53 GMT Jim 48
  
  WHOOOOOOSH!
  
  Hear that sound? That's the point of this article going right over your head.
  
  0 1
2. Monday 25th March 2013 11:19 GMT Robert Carnegie
  
  Re: "Should custom Android keyboards even be allowed?"
  
  I want a version of Fitaly - kind'a. As it is, I use Fitaly on full-fat Windows touch devices, such as right now. For stylus or one-finger typing, it's a lot faster than the QWERTY layout, once you learn it. But about half the speed - for me - of typing on a good real keyboard. I assume that a tablet screenboard or skinnyboard is also less satisfactory than a real keyboard - and real keyboards presently very very quickly make my hands and wrists hurt like heck, so I need to use an alternative. Speech recognition is cute, but I'm a programmer so I have to write things like "SET @if_digest = N'IF ( ' + STR(@spdigest) + N' = 1 ) ' " which are, at best, tricky to say aloud.
  
  0 0
3. Monday 25th March 2013 19:52 GMT Simon Brady
  
  Re: "Should custom Android keyboards even be allowed?"
  
  Of course not, because why would any phone user ever need an input method for a language that doesn't come pre-installed by their provider? If English was good enough for Our Lord it should be good enough for us.
  
  0 0
Monday 25th March 2013 08:22 GMT Danny 14

oh well

tbh, so what? If someone wants to pirate a game, app or keyboard and they get reamed it is about the best lesson they can get in the pitfalls of downloading bootlegged cracked copies. I'm betting they wont do it again.

0 3
1. Monday 25th March 2013 08:52 GMT Anonymous Coward
  
  Re: oh well
  
  Yes, if they are getting the pirated app from some dodgy website or a torrent, but they're downloading these from a Google app store!
  
  If you walked into PC World and purchased a counterfeit product you would be pissed off, but it seems (according to you) that doing so from a Google app store is okay?
  
  4 1
  1. Monday 25th March 2013 10:25 GMT Anonymous Coward 15
    
    Re: oh well
    
    I can't walk into PC World, set up a stall and start selling my wares. Think of a car boot sale- is everything there genuine, working, PAT tested?
    
    1 0
Monday 25th March 2013 08:41 GMT Dan 55

Pretty damn obvious what's going to happen

Who installs a keyboard which asks for permission to access the Internet?

3 3
1. Monday 25th March 2013 08:53 GMT Anonymous Coward
  
  Re: Pretty damn obvious what's going to happen
  
  The keyboard may be downloading additional dictionaries, grammar rules etc. It's not that unreasonable a request.
  
  7 1
  1. Monday 25th March 2013 10:25 GMT Dan 55
    
    Re: Pretty damn obvious what's going to happen
    
    @AC 8:53: That sort of stuff already comes with the OS.
    
    0 0
  2. Monday 25th March 2013 11:25 GMT grammarpolice
    
    Re: Pretty damn obvious what's going to happen
    
    Because the grammar and vocabulary of a language changes on a daily basis...
    
    1 0
2. Monday 25th March 2013 09:16 GMT Anonymous Coward
  
  Re: Pretty damn obvious what's going to happen
  
  I suspect that the answer would be "most Android users"....
  
  3 0
3. Monday 25th March 2013 09:37 GMT Anonymous Coward
  
  Re: Pretty damn obvious what's going to happen
  
  Someone who wants to use the keyboard, but isn't given a more fine-grained option to deny certain permissions while proceeding with the rest, so just shrugs and allows everything.
  
  6 0
  1. Monday 25th March 2013 16:34 GMT mickey mouse the fith
    
    Re: Pretty damn obvious what's going to happen
    
    "Someone who wants to use the keyboard, but isn't given a more fine-grained option to deny certain permissions while proceeding with the rest, so just shrugs and allows everything."
    
    Root and use lbe or pdroid combined with avast and adaway and all permission and snooping related issues are gone.
    
    I rather like the swype beta keyboard, but buried in the smallprint of the terms of service was the fact that it reserved the right to monitor what you were doing for `testing and performance improvement`. Using lbe, I nipped that right in the bud, blocked its internet access and about 10 other snoopy little permissions it grants itself. And pray tell, why would a keyboard need fine (gps) location to do its job of transporting my prose into a textbox?
    
    0 0
    1. Monday 25th March 2013 23:11 GMT dave 76
      
      Re: Pretty damn obvious what's going to happen
      
      "Root and use lbe or pdroid combined with avast and adaway and all permission and snooping related issues are gone."
      
      Sure, the average person is going to know that they need to do that and also how to do it.
      
      I think it is fair to say that most people with a smartphone are not that technically orientated.
      
      so what's the best way to have fine permission control on your phone that doesn't require rooting it?
      
      0 0
      1. Thursday 28th March 2013 21:46 GMT mickey mouse the fith
        
        Re: Pretty damn obvious what's going to happen
        
        "Sure, the average person is going to know that they need to do that and also how to do it.
        
        I think it is fair to say that most people with a smartphone are not that technically orientated.
        
        so what's the best way to have fine permission control on your phone that doesn't require rooting it?"
        
        This is the problem, even looking at the permission list before installing isnt going to stop a non tech minded person installing that free ringtone maker. Most non-technical people i know with smartphones just install willy nilly, they dont even understand the concept of permissions, its just a screen of boring text to click through.
        
        The snarky answer is that these people should either take responsibility and educate themselves or suffer the consequences.
        
        Its the same with windows, i see so many machines with no av and with unpatched browsers laden with toolbars. The owners are stumped as to why their £600 machine goes so slow, they have no concept of malware, trojans etc, even after being told many times. To them its just an appliance.
        
        This isnt just about Android either, Apple are no better, they just hide the permission system in a `what you cant see cant hurt you` kind of way. Yes, Apples app store is more locked down and thus potentially `safer`, but Android is where the real inovation and off the wall concepts are happening due to the low barrier`s of entry and lack of restrictions development wise.
        
        I think the only solution is education, i love how open Android is and wouldnt want to see it go down the Apple closed ecosystem route because a load of numpty`s got pwned through their own lazy ignorance.
        
        Maybe some people just shouldnt own smartphones. As a huge believer in the advantages of technology in daily life, that thought really depresses me.
        
        0 0
4. Monday 25th March 2013 09:58 GMT joeW
  
  Re: Pretty damn obvious what's going to happen
  
  One of Swiftkey's USPs is that you can feed it the logins for your email/facebook/twitter accounts and it will do a scan of everything you've written in the last few years to build a personalized predictive text database for you.
  
  Not something I'd be comfortable allowing, but a couple of my less-paranoid mates swear by it.
  
  1 0
Monday 25th March 2013 08:58 GMT auburnman

Did this guy ask SwiftKey's permission to fiddle with their product? The last thing a decent company needs is a keylogger out there with their brand all over it.

7 3
Monday 25th March 2013 09:25 GMT Anonymous Coward

No Shit Sherlock

Don't people learn anything from the Windows ecosystem. If it looks dodgy then it probably is.

0 1
Monday 25th March 2013 10:39 GMT OMen

Why should Smartphone's OS differs from computer's OS ?

But why do you think installing a software on a phone should be more secure than on any computer ??? Because MS, Apple or Google host them into a so-called Store ?!!! But this is not a guaranty of safety, only a guaranty for THEM to hold those apps and make business from them !

A software is simply a pack of instructions that someone (that you trust ?!) created and that you accept to execute on your phone/computer when you install/execute it !

People install every apps they get, they are kids in front of candies !, without wondering why some meaningless apps ask for so much permissions (GPS, contacts, accounts, running apps, change system settings (?!!!)), and so on...)... But that does not differs from all theses permissions that you have been giving for years to your computer's applications that you daily launch with administrator or root's permissions !!!

Wake up !

0 2
Monday 25th March 2013 12:43 GMT Anonymous Coward

Oh FFS.....

What kind of ----tard would rather pirate Swiftkey than pay the paltry three squidz purchase cost????

2 1
1. Monday 25th March 2013 13:21 GMT Lallabalalla
  
  Re: Oh FFS..... What kind of ----tard
  
  any android owner. You know - a regular cheapskate who wants everything to be free like music, films, apps etc etc, and won't stump up for an iPhone, which unjailbroken is the only secure smartphone platform.
  
  1 6
2. Wednesday 27th March 2013 08:05 GMT Anonymous Coward
  
  Re: Oh FFS.....
  
  "What kind of ----tard would rather pirate Swiftkey than pay the paltry three squidz purchase cost????"
  
  Presumably the same sort of ----tard that uses a free OS, rather than pay for one?
  
  0 1
Monday 25th March 2013 13:10 GMT Chika

Spotting an typo...

"an popular third party Android mobile"

That's the second time I've seen that grammatical error on this site today.

0 0
Monday 25th March 2013 13:54 GMT dannymot

that isn't an accurate reflection of google play

Google play houses 800,000 apps.

Google play housed 68,740 malicious apps.

So 8.6% of apps could be malicious in some way.

However it is incredibly easy to post apps on google play.

Malicious apps don't necessarily stay up for long.

Malicious apps rarely have a chance of getting noticed or found by a user as most apps have to develop a popularity to be easily found.

You would often have to either try to search for them knowingly or make a mistake with a search to find one. They often have misspelled or similar names to popular apps so that they actually have a chance of showing up. Similar to sending your bank details to a link on a spam email from an address such as security@hsbc.org.uk

Actually realistically accessing malicious apps from Google play is not a large scale issue. I don't trudge through 100,000 apps on Google play let alone trudge through the several hundred thousand required to get to the murky stuff at the bottom.

2 1
Monday 25th March 2013 14:04 GMT sisk

So basically....

Using pirated software is risky because it could be loaded with malware.

In other news, Sol will be visible in the sky today between dawn and dusk except where cloud cover obscures it.

3 0
Monday 25th March 2013 17:16 GMT mmeier

How could THAT happen - We have been told Android is secure!

After all Android is Linux and Linux is secure! At least that is the FOSStard mantra. So how could it be that there is an evil greek in the wooden horse I just dragged through my gates?

1 1
1. Monday 25th March 2013 22:59 GMT eulampios
  
  it is not secure, it is way more secure than MS Windows though
  
  The original softkey keyboard app uses excessive permissions, which are presented to you when you install an app. It wants your network, sms and phone call capabilities. That is why it can be turned into a really bad app. It is already malicious or poorly written software. So judging from the permissions only, don't install it. Is there a way to know the permissions of your non-free windows/mac os x app prior to the install?
  
  Yet, a better option is a secure repository with a good package manager, like apt, yum or similar
  
  0 0
  1. Tuesday 26th March 2013 11:53 GMT mmeier
    
    Re: it is not secure, it is way more secure than MS Windows though
    
    Sure I know their permissions. Same as the permissions of the user executing them. Just like it is on Unix
    
    0 1
Monday 25th March 2013 19:11 GMT xyz

As I've been sayin' for years...

Android is in reaility, just ActiveX 2.0. And look what happened there.

1 2

Page:

This topic is closed for new posts.

Other stories you might like

CISA in a flap as Chirp smart door locks can be trivially unlocked remotely

Hard-coded credentials last thing you want in home security app

Security 15 Apr 2024 | 49

Google One VPN axed for everyone but Pixel loyalists ... for now

Another one bytes the dust

Personal Tech 12 Apr 2024 | 8

Beijing-backed cyberspies attacked 70+ orgs across 23 countries

Plus potential links to I-Soon, researchers say

Security 19 Mar 2024 | 11

Microsoft drags Windows Subsystem for Android into the trash

Amazon Appstore tieup fizzles out, too

OSes 5 Mar 2024 | 55

Nano a nono: Pixel 8 phones too dumb for Google's smallest Gemini AI model

Updated Some might say a blessing in disguise

Personal Tech 8 Mar 2024 | 12

Lawsuit claims gift card fraud is the gift that keeps on giving, to Google

Play Store commissions are a nice little earner, wherever they come from

Cyber-crime 7 Mar 2024 | 22

Google debuts first Android 15 developer preview without a single mention of AI

Expect it to be stable in June, ready for release sometime after July

OSes 19 Feb 2024 | 10

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash

Research 15 Feb 2024 | 30

Euro shoppers popping more and more premium phones in the basket

Apple ousts Samsung as the people's choice in Q4, and the words 'refresh' and 'cycle' are whispered for 2024

Personal Tech 20 Feb 2024 | 38

HoRNDIS MacGyvers your Mac to get online with Androids

FOSS Fest Apple makes this harder every macOS release, but there are ways nonetheless

OSes 7 Feb 2024 | 25

India to launch android into space to test crewed launch capability

Vyommitra, your multitasking, bilingual, female space friend, will fly before the long-delayed Gaganyaan launch in 2025

Science 7 Feb 2024 | 6

Huawei prepares to split from Android on consumer devices with HarmonyOS Next

Touts custom kernel that creams Linux, coming soon for devs and later for punters

OSes 22 Jan 2024 | 55

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2024