Lillesvin Networks

France Gall – Lounge Legends (http://bit.ly/d6opTV)

Pavement – Crooked Rain Crooked Rain (http://bit.ly/cem7qb)

Graham Coxon – Happiness in Magazines (http://bit.ly/d66CeO)

My current desktop.

Who would want to be stuck with OS X or Windows?

Setup:

• GTK2/Metacity: Elegant Cold Blue Flat
• Icons: AnyColorYouLike
• Title bar font: Aldo
• Application font: Butter
• Clock/date font: Digital-7
• Wallpaper: Annotated / Raw
• Conky: .conkyrc
• Docky: bluesmoke

Well, back to work with some LaTeX in Vim. Haha! Even after 10+ years Linux still rocks my world.

Danish newspaper Politiken is running a ritzau piece on what’s been dubbed “The First Android Trojan” [da] in its online version. Now, according to this little article Kaspersky Lab has identified a trojan that poses as a media player and then automatically sends out text messages to a specific number at ridiculous charges. The article doesn’t get more specific than that, so I thought Slashdot might know something more. Slashdot weren’t any more specific than ritzau (which makes sense, since ritzau probably ripped the news from Slashdot in the first place) and they just link to an article on ITWire which is exactly as vague and unspecific as all the other articles.

Fortunately the users of Slashdot had pretty much the same questions as I did. Mainly “What’s the name of the app? (We want to know, so we can avoid it.)” and “How does it sneak in past Android’s warning system?”

Well, it turns out that the name of the app is not something that figures anywhere — neither in the Kaspersky announcement or in the more specific ReadWriteWeb article. According to the latter the app is not even in the Android Market, and — funniest of all — the trojan only works if you’re on a Russian carrier! So basically, here’s what you have to accidentally do to install this “trojan”:

1. Figure out the name, because Kaspersky seems to not want to tell us.
2. Find the downloadable .apk package somewhere on the web and download it.
3. Configure your phone to allow installation of non-market/untrusted apps.
4. Install the app and ignore the part of the installation process, where the phone actually warns you that this app requires access to services that cost you money. Which is even further specified as: Send SMS messages. Granted, it doesn’t specify if the app will actually make use of it, but it should seem odd to anyone why a media player would need to send out text messages.
5. Move to Russia. (Unless you already live there, in which case you can happily skip this last step.)

So let us draw a parallel to the actual story that spawned the use of the term “trojan” in this modern context. You know, just to put things in perspective. (Bah! Who am I kidding, I just love a ridiculous analogy.)

The Greeks built this huge wooden horse and loaded up 30 men in it because after 10 years of siege of Troy they still couldn’t pwn those Trojan n00bs. Then they put this huge wooden horse somewhere in the woods outside of Troy, but not anywhere obvious because that would be too easy, and the Trojans wouldn’t find it until a couple of years later when some Trojan emo kid and his emo girl friend were hiding in the woods crying and writing poems. Now the Trojans were all pumped up because of this loot and started hauling it back to Troy and someone noticed a sign on the horse saying, “There are some Greek soldiers inside this horse. Maybe they have weapons. And maybe they intend to use them. But who knows? GL HF!” “Fuck it!”, the Trojans said and brought the horse back to town only to get completely Zergling rushed by the Greek soldiers inside who were apparently still in great shape after 2 years inside a wooden horse with only very little to eat and even less to drink and no internets at all! So they killed a brazillion Trojans and then they had pancakes to celebrate and was all like *om-nom-nom-nom-nom*. And they never told anyone — ever! — how they’d passed time waiting for 2 years inside a huge-ass wooden horse.

Now, in this version I would say that the whole Trojan Horse ploy worked, not because of Greek ingenuity and cunning, but because of incredible retardedness on the part of the Trojans. And it does make the Trojan Horse seem like way less of a trojan, doesn’t it? Same thing goes for this “First Android Trojan” — not so sneaky after all, when you have to actually give it permissions to perform it’s trojan-y goodness.

There’s an angle on this story that’s really interesting, because Kaspersky Lab not only announced that they’d found this alleged trojan, they also announced that they’ll be rolling out some security software for the Android platform in early 2011, and what better way to spark interest than to find some obscure proof-of-concept trojan that’s not even active in the wild and hype it as if it’s actually a real threat?

I really, REALLY wish that news agencies and newspapers would do just a little research before posting such sensational stuff, because we’re definitely not going to see a follow-up that clarifies the matter.