Spyware-like behavior of 29 Android applications on Android Market

28th June, 2010 by adina
Tags: , , ,

S Mobile Systems in a study claims that at least 29 applications on Android Market would be considered acting as spyware on a personal computer due to having system level access. After installation, the application group gives enough permission to represent a serious danger for privacy and security. For example, a mobile banking application had a malicious behavior and sent login information from a user account to the site of the developer.

The mobile security company suggested that about 20,000 Android applications have suspicious permission levels. Many of them tried to get permission to use the GPS positioning, the dialer and contacts. However, Google said that each Android Market application must clarify what it does prior to been downloaded and installed by the user. It pointed out that not only has each Android application to obtain user’s approval to get access to sensitive data, but developers also have to pass billing background checks in order to confirm their identities. Any application found to have a malicious behavior should be disabled, according to Google.

These remarks were made after Google has pulled two applications for suspicious actions. A researcher had designed them to falsify their purpose and although they had no malicious code, they were pulled by Google using its authority to delete applications remotely. According to Tim Bray from Google, the company would act this way only in case of emergency, such as when a spreading virus is detected.

This is contrasting with the philosophy of Apple and the App Store. It has significantly tighter restrictions for the applications to be allowed but has to have an example of a publicly recognized malicious application. Critics have pointed that this approach also keeps from tight integration between applications and has even been used sometimes to discourage any competing application.


  • Share

 

Readers Comments