X

Sign in

Sign in to confirm

Have you forgotten your password?

... or login with Facebook:

Don't have an AndroidPIT account yet? Sign up

"Android is a Malware Cesspool - and Users Don't Care"

Steven Blum
5

 

Those were the words that Galen Gruman, the executive editor of Infoworld, typed as the headline in a blog post yesterday. The IT expert was ranting about the lack of security in Android Market, the recent discovery of almost a dozen malware-addled apps and the general apathy he perceives among users who "happily give malware apps the permission the Android OS makes them seek to access information stored on the device as well as access to other apps on the device."

Old news, right? But by leveling charges at individual users, not just Google, Gruman constructs a fairly innovative argument. It's not Google that's the problem, says Gruman, but the users who, when confronted with access requests, click through message after message from the app's manufacturer, giving permission for the app to access text messages, and even local data like bank info and photos.

Gruman highlights a company called BullGuard that's working on a green / yellow / alert authentication system within Android Market to alert users to developers BullGuard finds suspect. The notification system would look much like "how modern browsers color-code sites' URLs."

But ultimately Gruman finds users at fault, and he pontificates a number of punishments for users who download phishy apps, such as disabling smartphone access or even cutting bonuses.

Certainly, users need to be held responsible for OK buttons they click. And it is often clear, just from reading reviews, that a certain app is phishing around for user data or sending spammy text messages. But Google is part of the problem, too -- as much as this fact distracts from crafting a polemic blog post. And Google, for one, could start taking a harder look at their apps. Not by screening them beforehand, as perhaps that is too difficult since malware evolves so quickly. But the company should at least start taking a look at the reviews of apps and noticing trojan trends.

It's one thing for a phishy app to remain in the Market for a day or so. But for months? That is unacceptable

Related Topics

Related Articles

News / Updates
4 1 day ago

Android 4.4.3 update coming to Nexus line soon

News / Apps
0 1 day ago

Pre-Easter app deals - the Play Store bunny came early

News / Hardware
0 3 days ago

Top 5 Forum: erotic apps banned, best antivirus apps, new phones, ROMs

News / Apps
0 1 week ago

Pocket update brings immersive mode and more language support

News / Apps
7 1 week ago

5 best Android-only apps Apple can be jealous of

News / Apps
0 1 week ago

Spy on your friends' app habits in Google Play

News / Apps
0 1 week ago

Top 5 essential apps for the Galaxy S3

Comments

Write new comment:
  • Vasilj Milosevic Jun 15, 2011 Link

    I agree completely, but all in all, yes the users should look what they are installing. If the app name has cute asian girls, would you install it?? Why would you? Or Angry Birds from unknown developer? It's almost like in PC world. We have so much malware there, and most of the users doesn't use antivirus software, as for myself, I just don't click on untrusted sources, and I'm safe. But for unexperienced users, there's antivirus. Maybe I'm wrong, but I'm feeling pretty comfortable right now, and in my opinion, the antivirus companies should take care of such problems, not the market holders.

    0
    0
  • red Jun 16, 2011 Link

    I know I would feel better if I had control over what connects to the net. My former smartphone allowed me to give permission to have whatever program I launched to connect to the internet. I didn't allow all programs to connect and felt I had control. The problem with this idea for android is when you connect your data, many programs will connect in the background anyway without your permission. I wish there was a program to help me do just that - allow which programs to connect.

    0
    0
  • Fabien Roehlinger Jun 16, 2011 Link

    True!

    0
    0
  • red Jun 16, 2011 Link

    Vasilj: thanks for posting a link for me. Unfortunately, my samsung galaxy s isn't rooted. It's a shame because the app you suggested sounds great. Too bad there isn't one that doesn't require root. Thanks again.

    0
    0

Author
2

Question: Internal SD labeled 0