• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Help Android Security: Web Browsing

HerpyDerp

HerpyDerp

Lurker
How susceptible to attack via malicious websites are Android devices? I cannot find a straight answer on this anywhere. It seems like everyone thinks Android OS is only vulnerable to malicious apps. So does this mean that visiting shady websites with a browser won't harm one's device, in the same way one can carelessly browse the web on a Mac and have little to worry about? I'm a little skeptical of this.

Full disclosure: I was browsing Reddit and carelessly clicked on a post without noticing the url. It turned out to be an attack site. Within less than 1 second I realized this and closed that browser tab, but it had already launched a notification box "you have one instant message from a cam girl! [view] [cancel]."

If this were a PC I would know I goofed. But forum threads always say Android is different.

So do I worry or not?
 
All I can say is that you can't unintentionally install an app on android.
That's the limit of my security knowledge sorry.
Browsers have been hijacked recently but it's a simple matter of clearing data of the browser to cure that.
I'm sure someone will chime in with a far more advanced explanation soon enough
 
Unsolicited downloads might be offered by malicious pages. But as long as you don't install them, which you have to knowingly do, they can't do anything. Nothing will auto-run, it's not like Windows. Malicious sites tend be getting smarter these days and might determine what you're using, so will offer an APK download, instead of the more usual malicious Windows EXE.

If a page pops-up saying something like "YOUR PHONE HAS A VIRUS, tap here to remove it.", it's lying.
 
Last edited:
mikedt said:
Unsolicited downloads might be offered by malicious pages. But as long as you don't install them, which you have to knowingly do, they can't do anything. Nothing will auto-run, it's not like Windows. Malicious sites tend be getting smarter these days and might determine what you're using, so will offer an APK download, instead of the more usual malicious Windows EXE.

If a page pops-up saying something like "YOUR PHONE HAS A VIRUS, tap here to remove it.", it's lying.
Click to expand...
Ok, that is what I had intuitively thought -- that attack sites may attempt to trick the Android user into installing an app (i.e. the dialog box with buttons that appeared). My main concern was the possibility that something could download and autorun. Thanks.
 
You must log in or register to reply here.
Back
Top Bottom