If the malware has full admin rights on the same device as is using SSL to send to the server, couldn't they compromise the root certificate store on the device? Or somehow intercept the data on the device before it tunnels into the encryption engine? I don't know, I just remember reading about SSL archetecture a bit once and basically it's good security unless either of the two endpoints in the session is compromised.

Speaking of stupid apps sending cleartext, I think it was even on TR I saw this but WhatsApp got a slap by the Canadian and Dutch authorities for colelcting unauthorized address book info and sending that in the clear to their server(s). The fact that anybody, anywhere, thinks it's ok to code an app to send data in the clear is not a good sign.

JCitizen: You're right, but the object-oriented nature of Quirbles makes it difficult to adjust the magnometer curve. Oops sorry, wrong thread. Ok ok....viProCon ----- Lame.