Mike Stone

Mostly The Lonely Howls Of Mike Baying His Ideological Purity At The Moon

Regarding Android Malware

02 Mar 2011

I’ve been reading a lot recently about 21 applications in the Android Market that contained malware, a potential timer, and other miscellaneous bad things. While I’ll agree that this is a very bad thing, I think it’s more of a failing of the Android Market than the device itself.

As phones are becoming more and more like full blown computers, it stands to reason that if the user of the phone installs an application (app)  and gives it the permissions it asks for, it’s going to be able to do what ever it wants. This is a given. The fact that this kind of thing is possible to me is a t estimate of the power of the platform. This isn’t necessarily a bad thing. In fact, I’d argue the inverse. The same thing is possible in any computer Operating System.

Where the real failing is here is the fact that these applications were available for download from the Android Market. I don’t advocate Google installing rules like Apple where developers survive at Apple’s whim, but I do think that some checks should be put into place to verify the quality and authenticity of the apps being distributed by the Market. Google is putting it’s name and the Android name on this market, and applications that come from the Market should be at the very minimum authenticated.

It should be noted that installing more stringent checks on the Market won’t prevent this type of thing entirely, as Android isn’t the iOS, and applications don’t have to go through Google to be installed (this is a GOOD thing). Because of that, it will always be important to verify that the apps you’re installing on your phone are trustworthy, but at least make the apps that are being distributed by the Market trustworthy.



Looking for comments? There are no comments. It's not that I don't care what you think, it's just that I don't want to manage a comments section.

If you want to comment, there's a really good chance I at least mentioned this post on Fosstodon, and you can reply to me there. If you don't have a Mastodon account, I'd suggest giving it a try.

If you don't want to join Mastodon, and you still want to comment, feel free to use my contact information.