Android: Major Malware Killed Fast & Clean
Given the enormous popularity of Android for smart phones these days, it’s not surprising that it’s become a target for malware. And it’s a big target, too – the Android operating system has become an extremely popular choice for phones, given that it’s open source, easy to modify and quite sophisticated right out of the box. And I’m sure many people don’t realize exactly how big a target Android really is – most think it’s just for cell phones, but it’s actually a complete OS and we’re starting to see it on notebooks, netbooks and of course the exploding tablet market. This makes it very attractive to malware authors! Fortunately it’s also a lot more secure than your average operating system (*cough* Microsoft Windows *cough*), making attacks difficult. That being said, the first major attack has finally arrived two years after Android debuted*.
Thankfully, Google’s response has been both extremely swift and effective: from notification of the problem apps by Redditor lompolo to their being yanked from the Market and remotedly deleted from users’ phones was… five minutes. Now THAT’s a response time!
The remote application removal feature Google used to do this is a bit of a worry, but to date they seem to have been using it responsibly. Which is more than can be said for Apple’s iOS on iPhones and Amazon’s Kindle. They use a similar remote kill switch to remove paid content and apps… but for apps or content that they simply don’t like. And in the Kindle’s case without notifying the owners and in violation of their own terms of service. It’s an issue that rages back and forth: how much control should the company selling you a product actually have over the product once you’ve purchased it? Do they have the right, for example, to brick your phone because you jail broke it? After all, it is your phone, you should be able to do anything legal you want to with it after you’ve paid for it. In my opinion voiding your warranty shouldn’t entail the manufacturer deliberately breaking your device. Yes indeed, remote kill switches can be a nasty business – let’s hope Google continues to do no evil on that score.
* Two white hat proof of concept apps were deleted from the Market in June 2010, but these were functionally demos and did not pose any serious threat.