Printed from http://www.electronista.com

Google cleans infected Android phones in security debacle

updated 10:25 am EST, Sun March 6, 2011

Google pushes update to purge malware from Android

Google in a late night Saturday update said it was taking extra action to patch up a large-scale Android malware infection that highlighted the risks of the platform. Along with having pulled the apps, it's now pushing an automatic update to compromised phones that will remove the privacy hacks. Anyone affected will get an e-mail first to let them know of the problem and a second after it had been patched, security head Rich Cannings said.

The company was also adding a "number of measures" in the Market to prevent more hostile apps and was working with phone makers and other partners to cure the root causes.

Google didn't provide the full details of the exploit but acknowledged that the apps had scraped unique hardware identifiers and personal information, including a phone's unique IMEI. The techniques let the app writers both exploit personal information and deliver hacks that could be targeted at individual phones. It also stressed that the hacks didn't hit phones using Android 2.2.2 or later.

The company nonetheless didn't answer questions of whether it would do anything to patch phones running the older platform and underscored a still ongoing problem with platform divisions. Its own version list as of February showed about 41.6 percent of Android devices running 2.1 or earlier, leaving nearly half of users vulnerable until a more permanent fix is available. Many of the phones can't be upgraded to 2.2 either due to hardware limits or because the hardware manufacturer has consciously abandoned it, usually through a perceived lack of reward for updating its customized, fragmented version of the OS.

The accessibility of bug and security fixes has been a mounting issue for Android and has left only those devices running unaltered versions of Android, chiefly Google's own Nexus One and Nexus S, getting the most reliable and safest software. Only Android 2.3 has a fix for random text messages and has reached just the 0.8 percent of the Android user base buying one of the two official Google phones.

Apple has been criticized for excessive control of iOS to limit the potential of apps and to shut out competing services. Its platform has nonetheless had far fewer risks and a more proactive approach to keeping the OS secure. While there is little device variety, its direct control over updates has meant that the vast majority are using a version no more than a few months old.



By Electronista Staff
toggle

Comments

  1. imactheknife

    Junior Member

    Joined: Jul 2003

    +45

    android blows

    the new "windows of security problems", welcome to Android!

  1. Bearcat

    Fresh-Faced Recruit

    Joined: Sep 2009

    +45

    Hmmm...

    Google is sounding and acting more like Microsoft everyday.

  1. jdsonice@gmail.com

    Fresh-Faced Recruit

    Joined: Oct 2009

    +46

    Closed iOS looks good now

    Hum - that closed iOS operating system with all those controls sure looks good now :-)

  1. jfgilbert

    Fresh-Faced Recruit

    Joined: Jan 2010

    +26

    It is not a problem

    People who want Android are the tinkerers, the same ones who enjoy fixing registry issues and become experts at repairing broken windows. They will love it.

  1. Madison

    Mac Enthusiast

    Joined: Nov 1999

    +34

    Not a bug!

    Yeah, it's not a problem, it's a feature!

  1. nowwhatareyoulookingat

    Fresh-Faced Recruit

    Joined: Jul 2009

    +23

    So Google can change/access anything on your phone

    That's what the article implies. They send you an email warning you that they are going to change your phone, then they change your phone's software, then they say "we're done".

    Sure, Apple has the ability to delete rogue apps from your phone, but this goes several steps beyond that...and it's not like they are asking permission either...

    I wonder what happens if they accidentally trash your data?

  1. Feathers

    Grizzled Veteran

    Joined: Oct 1999

    -1

    Google clean-up

    Google don't carry sole responsibility in this regard. Whilst this "old hole" might be their fault, it seems that hardware manufacturers, after balkanizing Android, kick all maintenance responsibility back to Google. They can't have it both ways, I mean Google gave them the OS for free! Also, just because the manufacturer has moved on to a newer device with a newer version of the OS, they shouldn't be able to simply walk away.

  1. jpellino

    Fresh-Faced Recruit

    Joined: Oct 1999

    +13

    Yikes

    Closed ecosystem is looking mighty good right about now...

  1. facebook_Justin

    Via Facebook

    Joined: Mar 2011

    +9

    comment title

    Oh they cleaned out all the malware from the Assdroid Market? Funny how the Flash virus is still there...

  1. qazwart

    Fresh-Faced Recruit

    Joined: Apr 2001

    +5

    Are ALL Android Phones getting this fix?

    My understanding is that each and every phone has a slightly different copy of the Android OS specifically compiled for that phone. What is Google "fixing"? Is it merely deleting applications or is it actually patching the OS?

    Android, in many ways, is worse than Windows in the security area. Although initial copies of Windows ignored security issues, at least Microsoft could provide security updates. Most Windows security issues are due to users not patching their version of Windows.

    With Android, I don't believe Google can issue patches even if they wanted to. The best Google can do is remove bad applications and update Google applications (but not the underlying OS).

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a fort ...

Sponsor

toggle

Most Commented

 
toggle

Popular News