Technology

59152 readers

2441 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

407

In case you missed it: Bank info-stealing malware found in 90+ Android apps with 5.5M installs (mashable.com)

submitted 5 months ago by [email protected] to c/[email protected]

106 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 40 points 5 months ago (34 children)

And this right here is why you use open source apps.

[–] [email protected] 32 points 5 months ago (27 children)

This only would work if you check every line of source code, even the dependencies and build chain, and then build it yourself. See xz utils backdoor or heartbleed, etc.

[–] [email protected] 40 points 5 months ago (6 children)

The whole point is that at some point somebody can check, and you can have a higher level of trust in that than proprietary software.

And if someone does something like this then it has to be disguised as an innocuous bug, like heartbleed, they can't just install full on malware.

It's a different beast entirely.

[–] [email protected] 8 points 5 months ago

There is no guarantee that the released app is exactly the same as the source code when getting it on Google Play. You'd have to decompile or compile from source and try to compare.

Using F-Droid is good alternative.

load more comments (5 replies)

load more comments (25 replies)

load more comments (31 replies)