Strawberryland Forum

Idk, that was posted on my wall by another friend of mine,would is coincidentally an iPhone owner...

cpd2009 Wrote:

huckleberrypie Wrote:Was it just me, or does Bluebox's advisory smell like FUD?
<!-- m --><a class="postlink" href="http://m.androidcentral.com/bluebox-security-scanner-attempts-scare-living-shit-out-you">http://m.androidcentral.com/bluebox-sec ... it-out-you</a><!-- m -->

Sure enough, some of them tablets are known to have trojans like the infamous Demo lock, but imo any device can be subject to hacking especially if you're complacent when it comes to security.

I questioned Bluebox mentioning the ability to install from so-called "malicious third party sources", but this is referring to the Unknown Sources option in any Android tablet. There are indeed malicious apps that can be installed this way, but there are legit ones like QuickPic photo browser or the Amazon AppStore. However, people who buy these bargain tablets likely aren't experts and they want a quick gift for a person who wants to check their banking stuff via the web on these tablets, and to play games. For these people, it's actually best to leave the Unknown Sources off by default if it comes with Google Play installed and they likely don't need root access either.

So to me, it does have a bit of FUD, but also a bit of truth when it comes to the typical Android consumer. Experts like us can easily avoid the security pitfalls such configurations provide. The typical consumer? Not so much.

Exactly. It only goes to show that, regardless of what device, users should know better when it comes to keeping their personal info safe and not fall for dancing pigs and other seemingly attractive yet malicious stuff.

huckleberrypie Wrote:Exactly. It only goes to show that, regardless of what device, users should know better when it comes to keeping their personal info safe and not fall for dancing pigs and other seemingly attractive yet malicious stuff.

Yes, but unfortunately I know quite a few people who are of said archtype that would choose dancing pigs.

RAMChYLD Wrote:

huckleberrypie Wrote:Exactly. It only goes to show that, regardless of what device, users should know better when it comes to keeping their personal info safe and not fall for dancing pigs and other seemingly attractive yet malicious stuff.

Yes, but unfortunately I know quite a few people who are of said archtype that would choose dancing pigs.

Unfortunately so.

WarnG: 12/01 date detected. Sanity flew south for Winter. Won't be back until Chinese New Year.

So, I decided to run that Bluebox Security Scanner thing on my two tablets Poppy and Hazel. Poppy is first since she was a Menard's special low-end tablet.

As you can see, Poppy only has one of the four bugs unpatched in her particular Android build, and since there aren't any firmware updates at last check, she has to remain this way unless I work up the courage to attempt a root and flash. Poppy has Android 4.1.1, mostly stock.

And now, for Hazel...

I was actually surprised to see Hazel have the FakeID vulnerability unpatched. I was expecting her to have no vulnerabilities since she is a Samsung. And since Samsung decided not to roll out KitKat or Lollipop for her particular model, I'm stuck with that one vulnerability. I should be able to easily avoid it since I never download suspicious apps and always make sure to check permissions before downloading.

Hazel has Android version is 4.2.2 customized with the Samsung TouchWiz UI.

Hmm, wonder what Stefan and the lads at TechKnow have to say with this vulnerability thing with Chinese tabs...

huckleberrypie Wrote:Hmm, wonder what Stefan and the lads at TechKnow have to say with this vulnerability thing with Chinese tabs...

I'm tempted to run the app on Tessa just for the lulz.

For the records, Tessa's a Blackberry Q5. She runs a Frankenstein hybrid of the QNX kernel and a full Android runtime stack.

Hmmph. Well, I suppose no one's perfect. Blackberry isn't even rolling out 10.3 to my device yet- apparently it's exclusive to the Passport, P'9983 and the upcoming Q20 Classic for now.

Wait, app from unknown sources not allowed?


Problem? :lol:

RAMChYLD Wrote:

huckleberrypie Wrote:Hmm, wonder what Stefan and the lads at TechKnow have to say with this vulnerability thing with Chinese tabs...

I'm tempted to run the app on Tessa just for the lulz.

For the records, Tessa's a Blackberry Q5. She runs a Frankenstein hybrid of the QNX kernel and a full Android runtime stack.

Interesting. Reminds me of program called Bluestacks for Windows that lets you run Android apps on a PC, but unlike BlackBerry 10 OS, I believe Bluestacks emulates an Android environment in a way similar to VirtualBox, which in turn lets you run most Android apps.

Also, I saw the updated post while writing this, and I must say, seems like a lot of big name tablet and phone manufacturers can have the same vulnerabilities, not just cheap no-names. Even though we can easily avoid these vulnerabilities, I do hope BlackBerry 10.3 gets rolled out to Tessa. Hazel has already been left behind. Her model was only released in early 2012! I ended up purchasing her on clearance in Fall 2013.

Interesting and thorough disclaimer on the second image too. Typical consumers with at least some bit of common sense should be able to understand that.

That reminds me... perhaps BlueBox could also release their scanner to the Amazon AppStore since that can at least prove to them that the "Unknown Sources" option in Android devices is not inherently malicious. You actually need to have the Unknown Sources option enabled to install Amazon AppStore. I was unable to run BlueBox on Anna-Lena's HDMI stick because of no Google Play.

---------
Turns out, I haven't sold Lilly at all yet, because I haven't located her Mac Keyboard and Mouse. And once again I am considering putting her back in service for something since her text-to-speech abilities are wonderful. Though I don't agree with Apple's current business decisions, there are some parts of OSX that I still like very much.

Before Audrey came in to the picture, I meant to make Lilly a dual OS computer... Mac OSX and Windows 8.1. I do have a Windows 8.1 disc set, but if I were to pursue this plan now, I would have to revert Greta to Windows 7 which is no big deal. I also have an itching to try out Yosemite with Lilly. I'm curious as to performance of the OS compared to previous releases. I need some time to think this over and perhaps find that keyboard and mouse.

David, have you installed Yosemite on your Mac Mini? If so, how is performance there?