• Home
  • About
  • Blog
  • News
  • Events
  • Media
  • Video
  • Glossary
  • Contact
  • Download
  • RSS

Malicious Apps in the Android Market

January 11th, 2010  |  by elisabeth  |  Published in Future of the Internet  |  2 Comments

As we knew would happen sooner or later, a dangerous malicious app has apparently made its way into Android’s Market. The app is said to “create[] a shell of mobile banking apps” and collect users’ personal information. It’s been removed; no word on how many users, if any, were actually affected.

Offhand, I can’t think of an app with comparable problems that has gotten into iPhone’s app store. What will be really interesting about this incident, and the similar ones that are sure to follow, is how users and vendors react. I can imagine this creating hysterical urging for Google to pre-screen all Android apps the way Apple does, but I think that would be premature. Yes, an open Market(s) is going to have more questionable apps, but there are many solutions other than lockdown—a strong user ranking for apps (which already exists), a way to alert people who have already downloaded the app, sandboxing (which admittedly wouldn’t have mattered here), or a quick way to freeze the app while complaints are investigating. They’re only partial solutions, but lockdown is only partial, too.

Now that the Android OS is really starting to take off, this story is going to be repeated, and we’ll get to see how strongly committed Google is to the principles it built the OS on — and whether there are models out there for vetting third party code that do better than those of the generative PC, but aren’t as restrictive as that of the iPhone.

—By Elisabeth Oppenheimer

Update: eWeek reports that Google has removed a number of suspicious apps from its marketplace.  Of course, the more generative structure of the Android market means that “banned” apps can be obtained elsewhere — unlike the iPhone app monopoly enjoyed by Apple, where the iPhone App store is the only point of distribution.  –JZ

Responses

Feed
  1. Bertil Hatt says:

    January 11th, 2010 at 9:05 pm (#)

    What really upsets me about all that is that the future of an Opened Mobile App ecology depends on journalists having something to say or being bored the day someone looses money in this kind of scam, and whether that person is cute-for-TV or not… Let’s hope that Google’s spam- & phising-detection algos will save us from this long enough for people to adopt the tech.

  2. Nick Taylor says:

    January 12th, 2010 at 4:45 am (#)

    This comes with the terrain – but the alternative is corporate ownership of the root… which is worse.

    Remember the Palladium scare back in the 00s? When Microsoft was going to build its DRM in at the hardware level so you’d have to ask MS for permission to run anything?

    Remember the Sony rootkit fiasco… where Sony attempted to infect its customers PCs with a virus taking control of the root when they played a Sony CD?

    Well Apple have built this functionality in. They’ve taken something that was too evil for even Microsoft to get away with, and they’ve copied it.

    So um… I’ll live with the risk of rogue apps. Any day.

Blog

  • Controlling Cyberspace

    • This semester, we’re starting an exciting new class, aimed not at lawyers, but undergraduate CS students here at Harvard. It’s called CS42: Controlling Cyberspace – and we’re sharing the syllabus online.  Anything big we’re missing? Read more »

  • Computers Going Wild?

    • Computers Gone Wild: Impact and Implications of Developments in Artificial Intelligence on Society was an informal discussion that took place at Harvard Law School on December 8th, 2011. Hosted by Jonathan Zittrain, Marin Soljačić and the Berkman Center for Internet & Society, we brought together eighteen mostly local guests to discuss the ways that AI is changing society. Unlike futuristic predictions involving the Singularity or the underlying technology, this workshop explored current technology. Sessions included discussions on warfare, finance, education, and labor. Below is a list of attendees and a summary of the discussion.

    Read more »

  • Ideas for a Better Internet
    • Ideas for a Better Internet, or i4bi, is an interdisciplinary course at Harvard and Stanford that challenges students from law, computer science, and public policy to come up with novel and plausible ways to improve the Internet and its use. i4bi centers on immersing participants in Internet history, technologies, and politics, so that students can come up with ideas that help to build a better Internet — however they define “better.” Read more »
  • Microsoft Echoes Apple App Store Requirements

    • Here at Future of the Internet, we’ve already talked a little bit about Apple’s content requirements for both the iOS and Mac App Stores in JZ’s The PC is Dead post. As JZ said,

    “Pulitzer Prize-winning editorial cartoonist Mark Fiore found his iPhone app rejected because it contained “content that ridicules public figures.” Fiore was well-known enough that the rejection raised eyebrows, and Apple later reversed its decision. But the fact that apps must routinely face approval masks how extraordinary the situation is: tech companies are in the business of approving, one by one, the text, images, and sounds that we are permitted to find and experience on our most common portals to the networked world. Why would we possibly want this to be how the world of ideas works, and why would we think that merely having competing tech companies—each of which is empowered to censor—solves the problem?”

    Apple’s approach is an example of a larger phenomenon. Read more »

  • A SOPA compromise is floated
    • Last week several members of Congress — Senators Wyden, Cantwell, Moran, and Paul, and Reps. Issa, Lofgren and Chaffetz — floated a proposal to substitute for the contentious proposed Stop Online Piracy Act, previously discussed here.  Sen. Wyden’s office has commented on the compromise, and TechDirt has a writeup and a copy of the document here. The proposal omits the elements of SOPA that had run into the most resistance. Gone is tinkering with fundamental Internet architecture such as the use of the domain name system. Gone is the involvement of the Attorney General. Gone is the criminal copyright streaming provision that could, theoretically, make a teenage Justin Bieber a felon for streaming amateur videos featuring his renditions of songs by his favorite artists.In all these ways, the Wyden compromise is significantly better than SOPA. So what’s left? Read more »
About Jonathan Zittrain

jonathan zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School

RSS Tweets from Z

  • An error has occurred; the feed is probably down. Try again later.

Blog Archives

Creative Commons BY-NC-SA Jonathan Zittrain unless otherwise noted.
Powered by WordPress using Gridline Lite.