I have an Android 4.4 phone which I have just been using to interrogate car bluetooth diagnostics. It hasn't been used as a phone and has no credit.
Today we took it for a trip attached to the windscreen to record the journey across Wales and check error codes. On reaching home, it suddenly popped up a message asking me to thank the person who had invited me to join "Swift WiFi", with an app of that name installed.
Research seemed to show that it wasn't something I wanted, and a couple of other apps had appeared that I had never heard of.
I installed Malwarebytes and it found 4 things that all seemed to be part of genuine, known apps, so I went looking for another AV app. I installed Sophos. This found a bunch of weird files of "Low Reputation Apps", some of which seem to be in folders named after apps I have never installed. An app, which I am testing for someone and which I know to be safe and as yet unreleased in the wild was also identified as Low reputation.
I'm alarmed that something or someone seems to have been able to install something which messes with wifi settings and possibly installs other things but also by the security applications.
What app are you using to display the vehicle codes (presumably something like Torque, which talks to an OBD-II bluetooth adaptor?
Are you using a free or paid-for version of the app? It seems to me that some free apps actually have adverts built into them - which get displayed even when you're not connected to the internet.
Could the phone have been connected to the internet by WiFi even though you don't use 3G data?
I used an Android app that I am testing for the developer. It's a re-write of his same program for Windows, and it is specific to the particular Jeep model that I have ( and which has lots of codes for testing). I trust the developer and it has shown no signs of invoking ads previously. I have occasionally connected the phone to wifi at home, but not recently.
We were rained off in a marina, so I thought I would set up Torque Pro and Track Recorder for the trip home. At this point the phone looked normal. On the way home the screen just showed the camera + map and Torque overlay. The message about Swift Wifi appeared when I shut down Torque. Both the marina and the adjacent pub offer free wifi, but with no indication of the provider. I suspect one of them or a drive-by installation on the way home. We did have to filter slowly past a one-wheeled caravan so we could have caught something from an adjacent vehicle. :-)
I'm sure you'd be aware of this, but mine using BT Wi-Fi will connect automatically to any other BT Wi-Fi that allows this. Ie, most Infinity setups. Of which there are lots in London. However, it's easy enough to disable.
I may be wrong, but is it not the case that some support software or dependencies for apps are only free cos they contain some form of advertising or an ability to connect to their sponsors. its a commercial world we live in, and it seems that even apparently free stuff is funded by not always very obvious means. Brian
Yes, and Swift WiFi, which was what appeared on my phone, seems to hope to generate income by pushing adverts and/or other apps to users.
I have spoken to the Marina and they have told me the name of their free WiFi provider. It looks to me as if Swift just piggy-backs onto free wifi by sharing other users' connections (although I may be wrong).
Would you want this on your phone, with this list of permissions, visible on their website when you press "More"?
Permissions
Read sensitive log data: Allows the app to read from the system's various log files. This allows it to discover general information about what you are doing with the device, potentially including personal or private information. Retrieve running apps: Allows the app to retrieve information about currently and recently running tasks. This may allow the app to discover information about which applications are used on the device. Find accounts on the device: Allows the app to get the list of accounts known by the device. This may include any accounts created by applications you have installed. Precise location (GPS and network-based): Allows the app to get your precise location using the Global Positioning System (GPS) or network location sources such as cell towers and Wi-Fi. These location services must be turned on and available to your device for the app to use them. Apps may use this to determine where you are, and may consume additional battery power. Approximate location (network-based): Allows the app to get your approximate location. This location is derived by location services using network location sources such as cell towers and Wi-Fi. These location services must be turned on and available to your device for the app to use them. Apps may use this to determine approximately where you are. Modify or delete the contents of your USB storage: Allows the app to write to the USB storage. Read the contents of your USB storage: Allows the app to read the contents of your USB storage. Access USB storage filesystem: Allows the app to mount and unmount filesystems for removable storage. View Wi-Fi connections: Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. Read phone status and identity: Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call. Install shortcuts: Allows an app to add shortcuts without user intervention. Control vibration: Allows the app to control the vibrator. Run at startup: Allows the app to have itself started as soon as the system has finished booting. This can make it take longer to start the device and allow the app to slow down the overall device by always running. Use accounts on the device: Allows the app to request authentication tokens. Access Bluetooth settings: Allows the app to configure the local Bluetooth device, and to discover and pair with remote devices. Disable your screen lock: Allows the app to disable the keylock and any associated password security. For example, the phone disables the keylock when receiving an incoming phone call, then re-enables the keylock when the call is finished. Draw over other apps: Allows the app to draw on top of other applications or parts of the user interface. They may interfere with your use of the interface in any application, or change what you think you are seeing in other applications. Pair with Bluetooth devices: Allows the app to view the configuration of Bluetooth on the device, and to make and accept connections with paired devices. Read battery statistics: Allows an application to read the current low-level battery use data. May allow the application to find out detailed information about which apps you use. Send sticky broadcast: Allows the app to send sticky broadcasts, which remain after the broadcast ends. Excessive use may make the device slow or unstable by causing it to use too much memory. Connect and disconnect from Wi-Fi: Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to device configuration for Wi-Fi networks. Read Google service configuration: Allows this app to read Google service configuration data. Change network connectivity: Allows the app to change the state of network connectivity. Prevent device from sleeping: Allows the app to prevent the device from going to sleep. View network connections: Allows the app to view information about network connections such as which networks exist and are connected. Close other apps: Allows the app to end background processes of other apps. This may cause other apps to stop running. Modify system settings: Allows the app to modify the system's settings data. Malicious apps may corrupt your system's configuration. Full network access: Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. Allow Wi-Fi Multicast reception: Allows the app to receive packets sent to all devices on a Wi-Fi network using multicast addresses, not just your device. It uses more power than the non-multicast mode. Uninstall shortcuts: Allows the app to remove shortcuts without user intervention. Force stop other apps: Allows the app to forcibly stop other apps. Download files without notification: Allows the app to download files through the download manager without any notification being shown to the user. Receive data from Internet: Allows apps to accept cloud to device messages sent by the app's service. Using this service will incur data usage. Malicious apps could cause excess data usage. Update component usage statistics: Allows the app to modify collected component usage statistics. Not for use by normal apps. Read Home settings and shortcuts: Allows the app to read the settings and shortcuts in Home. Write Home settings and shortcuts: Allows the app to change the settings and shortcuts in Home.
Yes, and I assume that is fine. I've also connected a tablet to the M&S wifi while waiting for shopping women. I haven't even done that with this phone.
I have also migrated fairly recently from a very basic mobile phone to an ebay Blackberry smartphone, which does Android emulation (I think
4.2) pretty well. That hasn't picked up any unwanted apps.
The point is that somehow something was installed without my knowing on an Android phone. It appears, from the permissions required, to be dodgy, and appears to install further apps on the phone unknown to the user (as per the permissions). It appeared to do this without being "activated", whatever that means.
I didn't activate it and uninstalled it before running any malware checks, but found it interesting that Sophos and Malwarebytes found totally different threats.
Be aware that anti-virus and anti-malware apps on Android don't work the same way as those on a PC.
Unless "rooted", it is impossible for the A/V to actually scan anything on your device due to the way apps are sandboxed (each app is owned by a unique linux user and the app's file/folder permissions are set to be accessible by only that user).
So what the A/V apps do is query a list of installed apps on your device, then look these up from a central database which holds the details of apps that the A/V company has analysed ... it's possible this has returned false information.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.