Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Finally Uses Remote Kill Switch On Malware

timothy posted more than 3 years ago | from the you're-going-to-feel-a-little-zapping dept.

Android 177

Hugh Pickens writes writes "The Google Mobile Team has announced that in addition to removing the 21 malicious applications from Android Market that were downloaded 50,000 times, suspending the associated developer accounts, and contacting law enforcement about the attacks, they are remotely removing the malicious applications from affected devices. 'We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,' wrote the team on their blog. 'For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).' Google's actions come after numerous complaints in tech publications. "Does Google really want its Android Market to gain the reputation of being a cesspool of malware? 'Certainly not,' wrote Nicholas Deleon in TechCrunch. 'But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.'"

Sorry! There are no comments related to the filter you selected.

GJ GOOGLE (3, Informative)

Soilworker (795251) | more than 3 years ago | (#35399498)

Good job again google. That's why you're on top.

Re:GJ GOOGLE (0, Flamebait)

Haven (34895) | more than 3 years ago | (#35399596)

The next time Microsoft releases a patch for a security vulnerability I would like to see this sentiment repeated.

Re:GJ GOOGLE (3, Insightful)

whitehaint (1883260) | more than 3 years ago | (#35399654)

Well considering that Google fixed something a 3rd party created and that Microsoft is the creator of the problem in it's systems I fail to see the correlation.

Re:GJ GOOGLE (0)

Anonymous Coward | more than 3 years ago | (#35399810)

I'm pretty sure MS's malware removal tool fits the bill. (And I'm not an MS fan by any means.)

Re:GJ GOOGLE (0)

Anonymous Coward | more than 3 years ago | (#35400326)

I have NEVER seen the "malware removal tool" remove malware

Re:GJ GOOGLE (1, Troll)

dwarfsoft (461760) | more than 3 years ago | (#35400726)

Is that because you are running Linux?

Re:GJ GOOGLE (3, Interesting)

Flytrap (939609) | more than 3 years ago | (#35400602)

FTA: "The applications took advantage of known vulnerabilities which don’t affect Android versions 2.2.2 or higher..."

So if a malware writer takes advantage of a vulnerability in an old or unpatched instance of Windows its Microsoft's fault... but if they take advantage of an exploit in Android its not Google's fault.

This logic does not compute.

Re:GJ GOOGLE (4, Insightful)

rainmouse (1784278) | more than 3 years ago | (#35401192)

Well considering that Google fixed something a 3rd party created and that Microsoft is the creator of the problem in it's systems I fail to see the correlation.

To be fair if Microsoft started remotely removing software from your computer that they deemed a threat there would be a considerable backlash.

Re:GJ GOOGLE (5, Funny)

tomhudson (43916) | more than 3 years ago | (#35399808)

The next time Microsoft releases a patch for a security vulnerability I would like to see this sentiment repeated.

Okay, next patch Tuesday, someone please make Haven happy and post a "Good job again google. That's why you're on top." post.

Re:GJ GOOGLE (1)

Em Ellel (523581) | more than 3 years ago | (#35399848)

The next time Microsoft releases a patch for a security vulnerability I would like to see this sentiment repeated.

Generally I think when Microsoft release a patch of a security vulnerability - I do say good job. Everyone has security problems, the issue is how they deal with it - and Microsoft in the past often ignored the issue for a long time (I dont deal a lot with Windows these days, but it does seem that that has shifted as of late)

Of course as others pointed out - this less like Microsoft patches to their own code and more like forced Anti-Malware install - for which I have mixed feelings.

Re:GJ GOOGLE (2)

artor3 (1344997) | more than 3 years ago | (#35399898)

"We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices" sounds an awful lot like Google is patching their own code.

no, only the affected deviced (0)

Anonymous Coward | more than 3 years ago | (#35400498)

only the devices with the malware are having code pushed. the dont need it, which is how you can clearly see that they are not patching their own code, only removing the malware. to prevent this from even occuring next time they might have to change their veting systems, and that might have a follow on affect on the code, but the security issue exists at a higher level.

Re:GJ GOOGLE (1)

_Sprocket_ (42527) | more than 3 years ago | (#35399944)

The next time Microsoft releases a patch for a security vulnerability I would like to see this sentiment repeated.

If you can point to a post on /. where the general consensus is that Microsoft did something wrong by releasing a patch, then you'll have a point. The same goes for Apple while we're at it.

Re:GJ GOOGLE (0)

Anonymous Coward | more than 3 years ago | (#35400500)

Usually the argument is more that Microsoft shouldn't have needed the patch. Even when the patch covers for 3rd-party code (eg. the shims that came out to mitigate Safari's EOP attack when they didn't properly mark downloaded files as coming from the Internet).

Re:GJ GOOGLE (0)

Anonymous Coward | more than 3 years ago | (#35399622)

LOL.

Re:GJ GOOGLE (3, Interesting)

Rosyna (80334) | more than 3 years ago | (#35400332)

Good job again google. That's why you're on top.

So it's a good thing that Google can, has, and will continue to remote remove (remote kill) applications downloaded onto phones.

Apple has removed apps from their store, but never from the phone itself once the app has been downloaded.

Re:GJ GOOGLE (4, Interesting)

Deathlizard (115856) | more than 3 years ago | (#35400622)

Except that it's unlikely that this will totally clean the problem.

This Exploit Rooted phones. That means Google lost control of the phone the second the user installed and run the malicious app. They could remove all of the malicious apps all day long but all that does is remove the Trojan Horse that dropped the rootkit.

As for the removal tool Google is planning to send. If the virus programmers have any sort of brain the first thing they're going to do is block the removal tool from removing the rootkit by sending a patch to the rootkit. It wouldn't surprise me if the rootkit doesn't phone home soon and download something to either spoof that the rootkit was removed or block the rootkit remover altogether and disable apps (either from Google or a third party) designed to remove the exploit. Google giving them a heads up through the blog post that they got 72 hours to code such a patch just made the virus writers job even easier.

Now I'm not saying that Google is handling this totally incorrectly. If I was Google, I would have taken many of the steps that they are currently doing, except I would not publicly lay out the plan until after it was executed. I know it would give Google Bad PR by sending apps without user knowledge, but it would have minimized a counterattack time frame from the virus writers and would have been the safer option overall. I just hope that Google has another strategy if this one fails, such as carrier involvement to recover and possibly disable remaining infected phones until it can be cleaned by a carrier tech.

260,000 infected Android devices (5, Informative)

Anonymous Coward | more than 3 years ago | (#35399504)

Correction: The malware was downloaded 260,000 times, not 50,000 as initially reported. source [techcrunch.com]

Re:260,000 infected Android devices (0)

pandrijeczko (588093) | more than 3 years ago | (#35400428)

This is relevant how?

Maybe "50,000" could be deemed as "a lot of phones" whereas "260,000" could be deemed as "a fuck of a lot of phones" but otherwise I fail to see the significance.

Re:260,000 infected Android devices (0, Insightful)

Anonymous Coward | more than 3 years ago | (#35400938)

I'm hopeful you're not this much of an asshole in real life.

Re:260,000 infected Android devices (0, Flamebait)

pandrijeczko (588093) | more than 3 years ago | (#35401144)

You'll need to tell me how wide you are holding your fingers or arms apart when you say "this much" such that I can get a sense of scale from you.

Once I know that, I can indeed inform you quite categorically whether I am indeed a bigger or smaller asshole than that.

Re:260,000 infected Android devices (4, Informative)

HLJ76 (2007462) | more than 3 years ago | (#35400634)

Also the summary notes only device information was potentially stolen, but fails to note that the malware was able to download more code [pcmag.com] that could do just about anything with the device. Can the market patch remove that code from the device, or will it only remove the downloaded apps leaving all post-downloaded code there to do whatever it wants to do?

Way to go! (-1)

Conrthomas (1993390) | more than 3 years ago | (#35399524)

Because we know that Google has the guts to be controversial and do this, while Apple probably wouldn't.

Re:Way to go! (5, Insightful)

Anonymous Coward | more than 3 years ago | (#35399548)

And the reason for Apple's 'Walled Garden' helps prevent malware for reaching the app store to begin with.

Re:Way to go! (4, Insightful)

Anonymous Coward | more than 3 years ago | (#35399670)

And the reason for Apple's 'Walled Garden' helps prevent malware for reaching the app store to begin with.

it didnt stop that flashlight app which doubled as a tethering tool - explicitly against apples rules at the time from getting approved, why would it stop malware?

Re:Way to go! (1)

Ender_Wiggin (180793) | more than 3 years ago | (#35399846)

Apple takes the submitted app and runs it to see if it calls any prohibited APIs. Also they check if it accesses any data without authorization, such as when Apple blocked apps from using an ad framework that took too much OS data about its users.

Re:Way to go! (2)

Bert64 (520050) | more than 3 years ago | (#35400070)

And they didn't catch the tethering app, what makes you think they would catch malware?
Malware could simply do something mundane until after Apple have done their tests, and then activate its malicious functions later down the line when lots of users have it installed.

Re:Way to go! (2)

omglolbah (731566) | more than 3 years ago | (#35400850)

1. Add time trigger to make the app only access bad stuff after a certain date or have it fetch a trigger from some server...
2. Turn over binary to apple.
3. Get verified.
4. flip switch
5. ???
6. Profit?

Re:Way to go! (1)

mean pun (717227) | more than 3 years ago | (#35400056)

The fact that the protection doesn't stop 100% of malicious apps doesn't mean it is not effective.

Re:Way to go! (1)

dr2chase (653338) | more than 3 years ago | (#35401298)

It's not effective enough, though it depends a lot on your threat model. Given that nation-sponsored malware has now been deployed and observed, and I think we need to be more careful.

Re:Way to go! (4, Insightful)

DavidinAla (639952) | more than 3 years ago | (#35400370)

The fact that Apple's approval process isn't PERFECT at stopping everything doesn't mean that Google's policy of stopping NOTHING until a quarter of a million people have already downloaded the malware is a good idea.

Re:Way to go! (2)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#35400872)

And the reason for Apple's 'Walled Garden' helps prevent malware for reaching the app store to begin with.

it didnt stop that flashlight app which doubled as a tethering tool - explicitly against apples rules at the time from getting approved, why would it stop malware?

Of course the real question is: if it isn't the walled garden, what else stops malware on iOS? And how can Android use that?

Re:Way to go! (2, Insightful)

Anonymous Coward | more than 3 years ago | (#35399834)

The reason for Apple's 'Walled Garden' has little to do with security, and Everything to do with control.

Re:Way to go! (4, Interesting)

thetoadwarrior (1268702) | more than 3 years ago | (#35400512)

Well yes you're right. Control is needed to try and attempt to keep quality high both in content and coding and to help keep security high.

Mobiles are different from desktops and I think resorting to virus scanning on mobiles would be awful. While Apple's approach is by no means perfect it is actually looking like the best solution. I just don't bother with the app market for my Android. There is a lot of shit in the market to sift through and while being concerned with how many apps ask for all sorts of permissions we're now finding out that actually a lot of bad stuff is getting through and not being found straight away.

I do think my next phone will be an iPhone. The games are definitely better and until Google proves to at least be more proactive on filtering out the rubbish then I just can't trust the apps and what is the point of a smart phone without apps?

If Google can tell me what the app needs access too then surely there is some way they could come up with a system that flags apps ask having questionable requirements and requiring someone at Google to personally review it before it makes it onto the market.

When you want people to tie all their personal information and even payment methods (ie Google Checkout) to a device it needs to have some sort of security. It is not good enough to kill it after it's been downloaded a quater of a million times. Alternatively they can come up with some sort of mobile virus / malware scanner and risk complaints about battery life and performance.

Re:Way to go! (1)

pandrijeczko (588093) | more than 3 years ago | (#35400358)

...and emulator software.

Absolutely plus one! (0)

Anonymous Coward | more than 3 years ago | (#35400426)

And the reason for Apple's 'Walled Garden' helps prevent malware for reaching the app store to begin with.

It stops all that nasty malware from the App Store! Hear hear!

Instead, they let it in through the front door via a glaring remote web based security hole in the core system.

http://mashable.com/2010/08/02/ios-4-jailbreakme/

Re:Way to go! (2)

Haven (34895) | more than 3 years ago | (#35399604)

What does this even mean? Apple wouldn't use their total control over their devices to remove malware from them? Of course they would, and they should!

Re:Way to go! (4, Insightful)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#35400806)

Because we know that Google has the guts to be controversial and do this, while Apple probably wouldn't.

So Apple got attacked when people heard the iPhone had a "kill switch" for apps - and then Google gets cheered on for actually using theirs on Android many times over - and then Apple gets attacked for not using theirs once?

Slashdot hypocrites.. (4, Insightful)

Anonymous Coward | more than 3 years ago | (#35399538)

If I was to s/Apple/Google/ people would be declaring how this is censorship and true evil and how Apple kills a kitten every time someone jailbreaks an iPhone.

Re:Slashdot hypocrites.. (1)

Anonymous Coward | more than 3 years ago | (#35399576)

Yeah, sure. You definitely lack comprehension of malware and legit apps.
Lets, say, i have a trojan on my windows computer and daemon tools. If M$ kills the trojan, i'm happy. If M$ kills daemon tools, i'm angry.
The difference? I chose to install daemon tools, but i didn't want the trojan at all.

Re:Slashdot hypocrites.. (4, Insightful)

rjstanford (69735) | more than 3 years ago | (#35399800)

Not quite. You did choose to install it. It just does something that Google (or Microsoft or whoever) feels that you probably don't want it to do. Or at least, it's doing something that they don't want it to do. So they delete it.

All good, right? Well, as long as you trust their opinion of what software should do more than your own. Which is a point always brought up by Android fans to stomp on the Apple store. Except when google does it because... um... they said they wouldn't? And that's...better?

Re:Slashdot hypocrites.. (0)

Anonymous Coward | more than 3 years ago | (#35399982)

It's a bit more clear-cut than that. The applications are advertised as doing something. They also happen to exploit a vulnerability in the OS, in a way that can't possibly have to do with advertised functionality. There is very little chance that users installed the software for these "extra features," especially because they have just about no way of even knowing they exist.

Re:Slashdot hypocrites.. (1)

Anonymous Coward | more than 3 years ago | (#35399618)

Possible, but I don't think so. Slashdot's hatred of malware trumps its hatred of Apple by far.

Re:Slashdot hypocrites.. (1)

ynp7 (1786468) | more than 3 years ago | (#35401276)

Slashdot seems to love Apple these days. What are you idiots on about?

Re:Slashdot hypocrites.. (0, Troll)

Ziekheid (1427027) | more than 3 years ago | (#35399642)

Upvoted comment by Apple fanboys, congratulations, your post fails to make any sense.

Really? (4, Insightful)

SanityInAnarchy (655584) | more than 3 years ago | (#35399672)

How the hell did you get to +5 insightful by implying that we can't tell the difference between preventing people from doing what they want with a device, and preventing developers from taking advantage of users?

Seriously, this is like implying that when we say "Good job" about putting spammers behind bars, you're surprised we weren't defending their freedom of speech. I know it's tempting to think in soundbites, but this isn't hard.

Re:Slashdot hypocrites.. (4, Insightful)

phantomfive (622387) | more than 3 years ago | (#35399776)

Maybe, or maybe Apple not letting me put things I want on my phone IS annoying, but what Google is doing here is not. There really is a difference between purging malware (which no one wants) and purging stuff people do want. Really.

Is Android free software? If so, no hypocrisy. (1)

jbn-o (555068) | more than 3 years ago | (#35399782)

This is the difference between free and proprietary software: Apple's software is proprietary—you have no way to restrict Apple from using their power to "kill" (their term) applications on your computer. If Android is free software—software which respects your freedom to control your computer—it's up to you to make things better by hacking software or getting more knowledgeable people involved. Free software lets you choose to remove the code that grants Google app-killing power (or have someone remove app-killing code on your behalf) leaving you free to independently determine what programs to run no matter who calls those programs "malware". After all, if it's your computer you should determine what you want running on that computer. Given this understanding, I don't see the hypocrisy. I also don't see the problem in jailbreaking an iPhone other than doing business with Apple in the first place (one should not reward one's "jailer").

Re:Is Android free software? If so, no hypocrisy. (1)

Billly Gates (198444) | more than 3 years ago | (#35399916)

Which is why I am probably going to go with Andriod and not an iPhone when I upgrade my phone next week.

Android phones unfortunately are expensive, but in the end the developers will hopefully start sticking with Android and not put up with th*s crap.

Re:Is Android free software? If so, no hypocrisy. (1)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#35400978)

Which is why I am probably going to go with Andriod and not an iPhone when I upgrade my phone next week.

Android phones unfortunately are expensive, but in the end the developers will hopefully start sticking with Android and not put up with th*s crap.

They already are - why else would all the malware writes work exclusively on Android, apart from a few still sticking to jailbroken iPhones?

Re:Slashdot hypocrites.. (2)

shentino (1139071) | more than 3 years ago | (#35399822)

First of all, it would be Apple doing the actual killing. Apple is not a force of nature that is immune to moral codes, or the law for that matter.

Second, participation in the android app store is optional.

Re:Slashdot hypocrites.. (0)

Anonymous Coward | more than 3 years ago | (#35399888)

Actually, that would be if you were to s/Google/Apple/g this.

More overreaching "sole discretion" terms. (2)

Animats (122034) | more than 3 years ago | (#35399592)

These "remote removal" schemes seem to come with a "sole discretion" clause. Not, say, "after confirmation by the US Computer Emergency Response Team".

Re:More overreaching "sole discretion" terms. (2)

fermion (181285) | more than 3 years ago | (#35399864)

I think it would be much better to have a blacklist of known infected apps. The phone can check against this lis, and, just like other malware detectors, note that it is dangerous, and why, and then prompt the user for removal.

Of course no one, not even the OHC, believes the user owns the mobile device and as such should have complete control over what happens on it. So, as expected, Google does as it pleases when it pleases, even when here is a genter and equally effective alternative.

Openness and Archos (5, Informative)

tepples (727027) | more than 3 years ago | (#35399602)

Quoth Nicholas Deleon in TechCrunch:

But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.

This might be true with respect to application developers but not hardware manufacturers such as Archos. To remain cost-competitive with iPod touch, Archos devices are missing various input and output components not needed in a portable media player, such as a cellular radio, compass, and GPS. However, because certain versions of Google's Android Compatibility Definition Document (CDD) list these components as requirements, Archos hasn't been able to include the Android Market application with the devices. To access the Market (and not the AppsLib that has a far smaller selection), one needs hacks [arctablet.com] that Google could cease-and-desist, just like it cease-and-desisted CyanogenMod for including Google applications [gizmodo.com] .

Re:Openness and Archos (3, Informative)

teh31337one (1590023) | more than 3 years ago | (#35399886)

Oh come on. The google apps are their own proprietary apps, and manufacturers pay to have them - that's why CM couldn't include them. Market place is controlled by Google, and they can remove malicious applications if needed. Device manufacturers have to meet the minimum spec to have market access.

Re:Openness and Archos (1)

jscotta44 (881299) | more than 3 years ago | (#35400052)

"minimum spec"? Hmmmsounds like someone else (not the developer) is setting standards that the developers have to live with if they want to participate in Google's sand box. Doesn't Apple get spanked here for doing that?

Re:Openness and Archos (1)

teh31337one (1590023) | more than 3 years ago | (#35400778)

It's stuff like: having a camera, GPS, access to the internet, a touch screen etc.

Re:Openness and Archos (2)

jscotta44 (881299) | more than 3 years ago | (#35400828)

And your point is? I know what the minimum specs are. However, isn't point of open systems that I can put up whatever I want –including hardware and software? Who is Google to be telling anyone that there system on the open market doesn't meet minimum specs? Who died and made them Apple to make such decisions?

Re:Openness and Archos (0)

Anonymous Coward | more than 3 years ago | (#35400922)

The point is that Google is *not* keeping you from installing software from other sources, while Apple is.

Google just will not guarantee the full "Google Android(tm)" experience on non-compliant devices, so you can't use the Google-branded marketplace. Use a different marketplace, download .apk's directly from the net, put .apk's on an SD, whatever. Try that in iOS.

Re:Openness and Archos (2)

tepples (727027) | more than 3 years ago | (#35401632)

Use a different marketplace, download .apk's directly from the net

So how do I convince my bank to offer its check deposit application in AppsLib or offer bare .apk's so that I can deposit checks with my Archos 43's camera?

Re:Openness and Archos (1)

teh31337one (1590023) | more than 3 years ago | (#35400928)

They're not mandating it on anyone. These min specs are for having access to the android market on your device. Android market is proprietary - Google get a 30% cut from app sales, and they have specs that OEMs have to meet to gain access to the market.

A realistic minimum spec plz (1)

tepples (727027) | more than 3 years ago | (#35400434)

Device manufacturers have to meet the minimum spec to have market access.

But if Google doesn't set a minimum spec that's realistic for a PDA, then Google is handing the PDA market to Apple with its iPod touch. Microsoft had already left the PDA platform market after discontinuing Windows Mobile Classic (formerly Pocket PC) in favor of Windows Phone 7.

Re:A realistic minimum spec plz (1)

teh31337one (1590023) | more than 3 years ago | (#35400822)

The min spec was created with phones in mind. If Archos want official access to the android market, they have to add in the camera, GPS etc like Samsung have done. And there is no PDA market. There's a phone market, and a market for PMP style multi media devices.

Re:Openness and Archos (1)

maxume (22995) | more than 3 years ago | (#35401054)

He's talking about what it takes to sell software in the market, not about what devices it is available on.

So Google has an 'open' policy regarding what apps can put distributed in the market, even if they don't have an open policy regarding buyer access to the market.

I wonder (1)

Anonymous Coward | more than 3 years ago | (#35399646)

how many iPhone apps leak the IMEI??

Android is safer than iPhone.. (5, Insightful)

WarwickRyan (780794) | more than 3 years ago | (#35399700)

Angy Birds, for example, collects a heck of a lot of personal information on the iPhone. Why? Because the user isn't warned about it. Their Android application has so far been much cleaner, mostly because Android asks the user to give the app permission to access certain data.

Link: http://www.observer.com/2010/media/angry-birds-and-other-must-have-apps-collect-more-personal-data-you-think [observer.com]

Re:Android is safer than iPhone.. (1)

furbearntrout (1036146) | more than 3 years ago | (#35399766)

I deleted AB on the last(?) update. It wanted the ability to SEND sms. No spamming my friends from my phone.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400008)

I paid the $0.99 for an ad free version. Nothing is free, either pay the developer, or the developer sells you.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400046)

Uh, I just checked that my version of Angry Birds is up to date, and it only requests full Internet access. This is the regular free version on Android. Perhaps you are thinking of another app?

Re:Android is safer than iPhone.. (1)

teh31337one (1590023) | more than 3 years ago | (#35401444)

That was a feature that was implemented for people who wanted an ad free version of the game. It would charge you via text message for it. BUT it was something they were not going to ad to the market version of the game. It did, and they fixed it by releasing an update the next working day.

Re:Android is safer than iPhone.. (5, Informative)

Ender_Wiggin (180793) | more than 3 years ago | (#35399884)

Actually Apple DOES warn you, via the GPS icon in the top menu bar. In Settings, you can disable Location services for any specific app and see if it's accessed your location in the last 24 hours.

Re:Android is safer than iPhone.. (5, Funny)

jscotta44 (881299) | more than 3 years ago | (#35400060)

Please stop using facts to correct Adroid fans. It really confuses them.

Re:Android is safer than iPhone.. (0)

pandrijeczko (588093) | more than 3 years ago | (#35400378)

Yes, and what's he doing on Slashdot today anyway - presumably Apple release something new tomorrow that he should be starting to queue overnight for.

Re:Android is safer than iPhone.. (1)

Anonymous Coward | more than 3 years ago | (#35401566)

Actually Apple DOES warn you, via the GPS icon in the top menu bar. In Settings, you can disable Location services for any specific app and see if it's accessed your location in the last 24 hours.

Please stop using facts to correct Adroid fans. It really confuses them.

Correction: using a GPS icon in the status bar to indicate that an app is using fine-grained location services is confusing. Claiming that Apple is "warning" you by using the GPS icon ex post facto is inherently stupid. What about coarse-grained location services, which doesn't even require an icon?

More correct: Please stop using facts to inform Apple fanbois that they are totally brainwashed by the power of Steve.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400146)

So you're comparing the ability to opt out via settings which rarely anyone will look into, and a vague catch all GPS icon with an itemized list of activities an app performs before installation. Sorry but regardless of how you defend this one Apple sucks at this compared to Android.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400792)

So you're comparing the ability to opt out via settings which rarely anyone will look into, and a vague catch all GPS icon with an itemized list of activities an app performs before installation.

That's after the user opts in for the app. By default the app cannot access the location settings.

Sorry but regardless of how you defend this one Apple sucks at this compared to Android.

I think this article demonstrates both Apple and Google need to be better. Apple should be better about giving users access to the granular ACL controls of the sandbox and provide better information about those settings upfront. Google should be better about vetting apps in advance and limiting what makes it into the Google App Store so that users that don't look at or understand the settings still have a fairly safe experience.

Re:Android is safer than iPhone.. (1)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#35401196)

So you're comparing the ability to opt out via settings which rarely anyone will look into, and a vague catch all GPS icon with an itemized list of activities an app performs before installation. Sorry but regardless of how you defend this one Apple sucks at this compared to Android.

Considering that on an iOS device also informs the user and asks for permission the first an app uses GPS - how does Apple suck compared to Android? Because it actually gives more information about apps using GPS to the user than Android? Too confusing for you?

Heck, Something as simple as changing your Android phone’s wallpaper or downloading a ringtone could transmit personal data about you, including your location, without your knowledge. [wired.com] . Android, not iPhone.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400296)

So you're warned as the data is being sent?

That's like saying feeling the burning pain in your hand as you put it on a cooker is just as good as the warning light that tells you the cooker is on before you touch it.

Re:Android is safer than iPhone.. (0)

Anonymous Coward | more than 3 years ago | (#35400346)

Not really. Take a look at post #29 in this forum [macrumors.com] to see what they are doing, and why.

Android security (4, Interesting)

Anonymous Coward | more than 3 years ago | (#35399742)

Is this the way Android security will be handled (after-the-fact cleanup via the marketplace)? It just seems to me that since the manufacturers don't seem to be too keen on supporting their handsets for longer than it takes them to get the next model out the door, and since the service providers like to sit on updates or block them altogether the actual vulnerabilities are unlikely to be fixed.

I was stupid enough myself to buy a Sony-Ericsson Android device only for them to basically drop it a month later, so presumably it will always be vulnerable to the holes used by this round of malware?

Re:Android security (0)

Anonymous Coward | more than 3 years ago | (#35400924)

Nope, the answer is don't buy apps that ask for more permissions that are required for them to do their job and yes, removing that app from the market place and having it killed remotely is the fix for the problem.

How would this be different from the iphone marketplace? You have to rely on the people checking the apps before they go on the market place to check for these things. If your app says it wants to make phone calls and send text messages, maybe installing it is a bad idea.

yes, Android has a freer market, and yes, the price you pay is you have to spend a few seconds actually reading the permissions of the apps before you install them. However, you are better informed about what the applications are actually going to do before you buy them. If angry birds is going to track where you are, you can know before it happens on android (since we have the choice before you buy the game), rather then after it happens on the iphone.

Re:Android security (0)

Anonymous Coward | more than 3 years ago | (#35401246)

Nice job of not reading the post you're replying to. Application permissions don't matter so much if the application is exploiting security vulnerabilities. Also, there were no mention of Apple or iPhone so try sounding less like someone cockslapped your mom.

bips; big fauxking deal COs. unneeded/obsolete (-1)

Anonymous Coward | more than 3 years ago | (#35399752)

so there's agreement that some 'plug-pulling' is in order, & we need more than just #1, of almost every product?

a few things we probably can live without as the 'hard times' set in;

any billionaires at all, same with weapons, hired goons etc...
kings
fake money pyramid schemes (failing stock markup, usery style 'banking' etc...)
people that make that stuff controlling our communications & much more
pretending we're all gooey whilst arming & consorting with life0cidals to control populations/real estate/genetics/belief systems etc..

there's more.

btw; robbIE (/.), serge (goo$goo), say they're not involved in anything. we accuse them of censorship & pandering.

Sounds good. (0)

Anonymous Coward | more than 3 years ago | (#35399798)

You don't have to follow googles rules exactly. But you do need to follow the law somewhat.

Win for everyone except the malware authors. Screw those guys.

Google Mobile Team? (1)

Tigger's Pet (130655) | more than 3 years ago | (#35399836)

Would they be known as the 'Moogle Team', or am I going to get sued by Square Enix for copyright theft by using that name?

Hi! Steve Ballmer here. (0)

Anonymous Coward | more than 3 years ago | (#35399854)

Today on Slashdot, I'm going to pretend to be an outraged geek, disgusted by Google's outrageous and despicable behavior, and now finally seeing just how good and pure is Microsoft.

Boooo, Google! Hooray, Microsoft!

Certification (2)

Midnight Thunder (17205) | more than 3 years ago | (#35400168)

What would be nice, is even if the market place is left open, there would be an option to pay Google to certify your application. The idea being that people can then choose between "certified" apps or uncertified ones. This would help give users some sort of reassurance, but still leave the choice option open.

As to the kill switch, does Google print a list of applications to which it was applied?

Re:Certification (1)

Midnight Thunder (17205) | more than 3 years ago | (#35400214)

Forgot to say that the certification process would include a set of API usage tests and behavior tests. No application developer would be forced to go through the process, but if the fee is low and on a yearly basis, then I imagine many develops would want to reassure the customer base.

B-b-b-but (0)

Anonymous Coward | more than 3 years ago | (#35400266)

Apple has a walled garden.

Re:B-b-b-but (1, Interesting)

pandrijeczko (588093) | more than 3 years ago | (#35400408)

Why do they always come up with a "nice" sounding phrase for something that negatively affects the consumer? Think of "walled garden" and everyone thinks of a beautiful green lawn surrounded by flowers & shrubs, surrounded by a nice wall with ivy grown up it & bees buzzing around busily.

"Barred cell" would be far more appropriate - the only other occupant being Bubba Jobs who wants you to be his friend...

The kill switch can't be magical (0)

Anonymous Coward | more than 3 years ago | (#35400274)

These applications had root-level access to all phones that were not patched with the latest version of Android (which given the state of Android updates left a couple hundred Nexus One/S owners safe while everyone else was left in the cold).

What's to stop malware with root-level permissions from disabling the kill switch next time?

Google needs to get the Android update situation under control. It's an absolute mess right now.

Seems like a good standard (4, Insightful)

gman003 (1693318) | more than 3 years ago | (#35400338)

One of the things I noticed was "and contacting law enforcement about the attacks". I think that could be a pretty good standard to follow for using a remote-deactivation capability, to prevent it from being abused. "If it's serious enough to use a kill switch, it's serious enough that someone will be filing a lawsuit, and we're sure enough of it that we're reporting it to police (under threat of perjury)."

This is probably the best compromise. Obviously, some people would prefer no kill switch at all, while others would like the kill switch to be used on practically anything they don't like. If "serious enough and sure enough to sue" is the standard being used, it won't affect free speech (since, if you would be sued over it already, we've already lost that battle), and it makes accidents much less likely. Now, requiring that lawsuit to be won would make it even safer, but you run into the problem of it continuing to do damage for the years it takes to finally settle the suit.

Overall, I would like to see that standard officially written and adopted, even if it isn't made legally binding. It would make me feel a lot better about the existence of a kill switch, knowing that it will only be used in truly serious cases.

Google's responsibility (3)

krizoitz (1856864) | more than 3 years ago | (#35400396)

If smartphones were only owned/used by tech savvy people like most of us commenting/reading here, then their hands off approach to the Android Marketplace wouldn't be such a big deal, but thats not the case. Google and the carriers are marketing Android as an OS not just for the nerds but for everyone, because of that I think Google bears responsibility for what happened. Their hands off policy in the Android Marketplace pu users at significant risk for this malware in the first place, and does nothing to prevent it from happening again. Openness has its advantages, but those advantages are primarily useful to a select few. MOST users want a smartphone that is easy to use and lets them do things like browse the internet, check e-mail, consume media and play some games. MOST users are not tech savvy, and therefore MOST users aren't even going to know what to look for to try and avoid malware like this. Whats worse is that MOST users think Google is a trustworthy company so they will assume that the official Android Marketplace that ships on their phones and is provided by Google is a safe place to obtain apps. As we have found out recently, that is far from the truth. Google's free-for-all marketplace approach is harmful to average users. I'm not saying that the answer is to lock down Android to he same extent that Apple and Microsoft have done, but the totally open Android Marketplace should be an alternative, not the primary source. As the provider of the experience Google needs to set up a trusted marketplace where they put more scrutiny and oversight into apps and make THAT the default experience for the user. From within that marketplace Google could offer access to the untamed wilds that currently exist today, but MOST users wouldn't need to venture into that space, and would therefore be at far less risk than they are now.

within minutes? (5, Interesting)

Bram Stolk (24781) | more than 3 years ago | (#35400472)

Google:
Within minutes of becoming aware, we identified and removed the malicious applications.

But from the comments in the blog post, we can read that:
This is where the problem is. You became aware because someone had a contact inside Google who alerted to right people.
According to one of the developers of the hijacked applications, he had tried for almost a week to get in contact with someone through the normal channels to correct the situation.
I am sorry if I sounds harsh, but Google are a master of data processing, and surely you should be able to pick up a distress call from a developer within hours instead of a week.

Did they ask first? (2)

Kittenman (971447) | more than 3 years ago | (#35400678)

Just wondering ... if Google remotely trashed people's appns without checking, then what we have here is not ownership of the phone, but a licence-to-use. It's up to people to do what they want with the phones, surely... even if they want to download "malware" (purposefully in quotes).

Of course if it's in the terms-and-conditions of connecting to the provider, that's something different. But otherwise ... heck, if I want to doodle on my copy of 'The Brief history of time', that's my affair. Not the publishers, or Hawk's.

Brave new world (1)

devent (1627873) | more than 3 years ago | (#35400706)

Welcome in the brave new world, where devices you bought don't belong to you anymore. Amazon remotely deletes bought books, Sony sues hackers that modifying their own PS3s, Microsoft threats to sue everyone who tries to use their Kinec with not approved means, and now Google remotely deletes applications and installs new ones.

Is that the future of computing?

Re:Brave new world (1)

maxume (22995) | more than 3 years ago | (#35401068)

This is a feature of software markets (i.e., they are curated and mistakes can be corrected). If it is possible to install software via other methods, it has none of the implications that you list.

The quality and extent of the curation will certainly vary.

*Only* Information (3, Insightful)

healyp (1260440) | more than 3 years ago | (#35401000)

FTFS: "we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI..."

Only the IMEI/IMSI!? You know only the things that uniquely identify YOUR phone among millions, and two pieces of information that are necessary required to clone a phone or SIM.

The attackers only got those, they weren't able to get anything important like facebook logins or anything...

"Finally"? (1)

Cyberllama (113628) | more than 3 years ago | (#35401596)

As if we were all waiting on them to do this? You do understand a) this is the second time they've done this and b) all previous malware "threats" were theoretical attacks and demonstration apps -- not "in the wild" maliciously-intended exploits? The last time they did it was to remove an app created by a security researcher that could theoretically do all sorts of malicious things just to see if people would install it despite the warnings.

Where does "finally", figure into this -- except by way of yellow journalism?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?