开发者

Any open source project of Android virus? [closed]

开发者 https://www.devze.com 2023-03-23 16:00 出处:网络
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references,or expertise, but this question will likely solicit debate, a
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 11 years ago.

I just want t开发者_如何学JAVAo research the security mechanism of the android, so I want to find some open source project of Android virus to do some test.


This is probably not the best question. As a security specialist, though, I can understand why you would ask about this. To my knowledge, there isn't an open source Android virus (due either to its taboo, or because anyone who has made one doesn't want to release it).

However, you can easily think about how a virus (or malware) would function. As an application, you can gain permission to a WIDE variety of things (most people don't read the "This application has permission to" statement in the market). You could grab the entire contacts list and transfer it over the internet, you could grab files from internally and send, and you could even send hidden text messages to services that would charge the user a lot of money. Android takes a stance that trusts the developer to not be malicious and, at the same time, trusts the user to not do something stupid. Obviously, installing a program that promises to give you funny jokes, but has access to making phone calls, might seem a bit suspicious.

I don't think you really need an example of what a virus (I covered malware here) would look like in Android. The largest fallacy in Android security would have the user installing the application (which is, in itself, a huge fallacy most the time).

Whatever you do, don't do something stupid. Research is fine, practicing it on yourself is fine, practicing it on a friend (WITH PERMISSION) is fine, but do NOT do anything malicious to anybody without first explicitly asking for permission. Personally, I require written permission from everyone before I even go so far as to port-scan them (I'm a penetration tester for a large company and I could get in a lot of trouble for doing even simple things).

0

精彩评论

暂无评论...
验证码 换一张
取 消