Printed from http://www.electronista.com

Firm calls 29 Android apps spyware-like as Google pulls two

updated 04:15 pm EDT, Thu June 24, 2010

Study warns some Android apps have too much access

At least 29 apps on Android Market have system level access that would be considered spyware on a PC, S Mobile Systems claimed in a warning study. When installed, the app group gave enough permission that they could represent serious privacy and security breaches. In one example, a mobile banking app was deliberately malicious and ultimately sent login data from an account to the developer's site.

The mobile security firm went on to suggest that as many as 20,000 Android apps have permissions levels that are "suspicious" but stopped short of calling them hostile. Many of these asked for permission to use contacts, the dialer and the GPS positioning. Google, however, has pointed out that every Android Market app must make clear what it does before the user agrees to download and install it.

"Not only must each Android app gets users' permission to access sensitive information, but developers must also go through billing background checks to confirm their real identities," the company said in a statement to the Inquirer. "And we will disable any apps that are found to be malicious."

The remarks came just as Google noted that it had pulled two apps late Wednesday. Two apps designed by a researcher to misrepresent their purpose, albeit without malicious code, were pulled using Google's authority to remotely delete apps. Company evangelist Tim Bray stressed that the company would only do this "in case of an emergency," such as with a spreading virus.

Both of the instances represent a contrast in philosophy with Apple and its App Store. The company has considerably tighter restrictions on which apps are allowed but has yet to have an instance of a publicly known malicious app. Critics have charged that its approach also prevents tight integration between apps and has sometimes been used to discourage competing apps.



By Electronista Staff
toggle

Comments

  1. stevesnj

    Mac Elite

    Joined: Apr 2003

    0

    Wow

    that didn't take long!! Imagine a phone getting a virus and taking over your phone and data? The big anti virus and spyware makers are licking their chops! So is iOS4 UNIX based? This could be the edge Apple needs to solidify it's hold on secure mobile and computer based OS's. I can see Apple capitalizing on this story!

  1. pairof9s

    Mac Enthusiast

    Joined: Jan 2008

    +10

    But...

    ...isn't consumer privacy & security a small price to pay for having an open platform?!

    Gimme a break, Google!

    /

  1. russellb

    Junior Member

    Joined: Sep 2001

    +5

    Mobile Banking

    Yeh love to do my mobile banking on that platform ... not

  1. JeffHarris

    Fresh-Faced Recruit

    Joined: Oct 1999

    +9

    "Open" Systems Rule, eh?

    And that number probably represent only the Spy Apps they FOUND.

    After all the iHating about Apple, iTunes and the App Store, what can you do but laugh at this.

    Symantec and MacAfee must be licking their chops.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -9

    Re: Wow

    Guess what? Apple's OS allowed (allows still?) applications to read your entire address book. And there is no way to tell whether any app on your computer or iPhone is really a trojan waiting to steal some information or send out spam.

    In fact, Apple proudly announced that iOS 4.0 closed 29 security vulnerabilities. I guess we ignore the fact they are still open on those 3.1 devices?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -4

    Re: Wow

    So is iOS4 UNIX based? This could be the edge Apple needs to solidify it's hold on secure mobile and computer based OS's. I can see Apple capitalizing on this story!

    Android is Linux based. Same difference.

    And note that they aren't spyware, just that they have permissions that, if on a PC, would be called spyware (whatever the h*** that means - I guess any app that runs in system space is considered spyware?).

    And how come no one is mentioning who announced this? A security company! Who wants to sell you their business.

    Oh, right, that only gets mentioned if they announced Mac or iOS 'spyware'.

  1. chas_m

    Joined:

    +2

    Steve was right ... again!

    Turns out you DO need a single, "curated" store to stop this sort of stuff! Whaddya know!

  1. herojig

    Fresh-Faced Recruit

    Joined: Jul 2009

    0

    Interesting...but agree with testudo on this one

    Seems like this company trying to sell you an internet security "suite" for your phone. My phone now needs a firewall?!? Anyway, this ARTICLE is malware as defined on a PC, where using it leads you to a link that leads you to downloading some software that...

    Comment buried. Show
  1. @okli

    Banned

    Joined: Apr 2010

    -11

    @testudohole

    How many security holes does U'r a** have ???... DUDE
    U have no f.clue of what ever... testiclessUDO
    thats why U have chosen the androcr^pid
    now stick with it and stop biting at APPLE, like a mad dog...
    get lost... U f.prick

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tablo DVR

With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Sponsor

toggle

Most Commented

 
toggle

Popular News