Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
Up to 20% of Android apps could be spyware
A new report from SMobile Systems suggests that almost 20% of the 48,000 apps on the Android Marketplace could be spyware.Now, this is a potential risk -- as in, 20% of apps have functionality that could be likened to spyware. If you've installed apps on an Android smartphone, you'll know that you get a big warning screen that tells you which services and data the app will have access to. There's no risk when an app only wants to save to your SD card, but apps can make calls, send SMSes or even read your email! Therein lies the risk: users might be installing Android apps that have the ability to transmit your personal data to a third party.
While I'm sure the vast majority of available apps are not spyware -- this is probably just developers selecting the wrong 'flags' when they upload their app to the Marketplace -- it does highlight a big risk with 'open' app stores. Only 3 months ago we covered a story about Android and iPhone devices being turned into a giant botnet!
With Android going mainstream, you can be guaranteed that the platform will soon have its very own breed of malware. Once enough newbies have had their Android phones bricked by malware, how long do you think it'll be before they retreat to Apple's walled utopia?
[via CNET -- direct PDF download of the report]
Comments
21
Subscribe to commentsRogueJedi86Jun 23rd 2010 3:09PM
This message brought to you by Steve Jobs. :P
JozefLJun 23rd 2010 3:38PM
I believe it is now 65,000 apps: http://gizmodo.com/5570936/the-state-of-android-160000-phones-a-day-and-65000-apps-in-the-market
Sebastian AnthonyJun 24th 2010 6:09AM
Thanks for the update :)
JamesJun 23rd 2010 3:45PM
Up to 100% of all Linux, OS X, and Windows could be spyware by this criteria. This piece is what is known as "FUD".
Just because Android warns you about the capabilities an application needs, or Apple is reviewing every app on the iPhone doesn't mean you get to shut off your brain. You have to evaluate the trustworthiness of any software that you use whether it's on the wide-open desktop OSes, the more-secured Android, or the walled-garden iOS.
JoePalmaJun 23rd 2010 3:50PM
1/5 of software could be spyware... says the company selling spyware protection...
JohnJun 23rd 2010 4:07PM
Wait, so you mean I SHOULDN'T be installing every one of these "sexy lady pictures" that show up on the market every other minute????
Oh crap....
DanielJun 23rd 2010 5:29PM
I liken this to saying......A 100% of all people could be @$$holes...but im not entirely sure.
From GoogleJun 23rd 2010 8:27PM
Sebastian,
I'm with the Google Communications team. This report falsely suggests that Android users don’t have control over which apps access their data. Not only must each Android app gets users’ permission to access sensitive information, but developers must also go through billing background checks to confirm their real identities, and we will disable any apps that are found to be malicious. The report has no evidence of malicious applications.
I would appreciate it if you would update your article. You will also probably be curious to note the changes that Elinor Mills made to her piece today to remove the misleading components.
Jay Nancarrow
Google Communications
Sebastian AnthonyJun 24th 2010 6:15AM
Heya!
Thanks for the info.
I don't disagree with you -- and while I'm being sensational, I don't think I've said anything untrue...!
My main concern is usual consumer ignorance. It's great to warn them, but if they don't really KNOW what the warnings mean, what does it matter?
Think of those pop-ups that say 'your computer may be at risk!' -- not quite the same thing as the Android marketplace, but _warnings_ aren't necessarily efficacious.
I'm actually a fan of the open approach over the iPhone -- but I can definitely see the advantage of the iPhone's approach for the casual/newbie crowd.
Dr. ChagasJun 24th 2010 11:19AM
@Sebastion Anthony
"I don't think I've said anything untrue...!"
Meanwhile, in your article, you claim:
"Once enough newbies have had their Android phones bricked by malware"
Where are your sources?
Sebastian AnthonyJun 24th 2010 11:21AM
I'm going to go out on a line and say: within 5 years, lots of Android phones will get bricked by malware.
I won't stake my reputation on it, but I'm fairly confident :P
WrinkliezJun 23rd 2010 10:26PM
Yeah no joke... talk about Iphone fanboy here. I think this is the first time I've heard someone refer to the Iphone as a "walled utopia" :D
Sebastian AnthonyJun 24th 2010 6:16AM
I hope you're not calling me an iPhone fan boy! You should read some of my other stuff...!
DanOJun 24th 2010 6:58AM
To borrow some of someone else's words, "The problem is simple apps ... will sometimes want ... access when they really shouldn't need it. There needs to be a way to deny certain rights to apps, instead of the approve app's request or don't install as it currently works."
SlipdiscJun 24th 2010 7:25AM
This just in, Obama could be an alien. The weather could be cloudy today. This article could be FUD.
johnbondjoviJun 24th 2010 10:30AM
smobile = Complete Mobile Security Solutions for Business and Personal Use.
/me shakes head
Norton says: As many as 30% of all website may contain malicious links. Buy our new link scanner.
RobJun 24th 2010 11:22PM
I have to admit, this article really makes me shake my head.
Sebastian, you openly admit that you are "being sensational", and you're ok with how that makes you look? Based on some of your other work, I had become a fan, but this,.. this just makes you look like an ass.
Yes, any number of Android apps could be malicious (despite Google safeguards), but the same can be said for any number of things. NEWSFLASH: Up to 80% of torrents could be malware/fake. Hell,.. even the almighty Apple let's some questionable apps get through their rigorous screening process. And guess what,.. they get removed.
Seriously, how about some restraint (or at least some critical thinking) in your next article.
Sebastian AnthonyJun 25th 2010 5:41AM
Did you read how the report derived those percentages?
It's 20% of apps that have the _ability_ to transmit your private data.
I don't know if there's a metric that you can use to compare Android apps to torrents...
Nothing wrong with a bit of sensationalism! It makes people stop and look! This might not be an issue yet, but if people don't pay attention to those installation warnings it might soon be.
BrettJun 24th 2010 11:57PM
I really wish they would stop putting those sexy girl apps all over the market. They are in every category!
It would be nice to have the ability to block a certain developer.
mastermind777Jun 30th 2010 3:18AM
20% of apps have the ability to make calls, send SMS, read email, access the internet, etc., but have you thought about what makes up those 20% apps? Dialer replacements like DialerOne, SMS replacements like chompSMS and Handcent, apps that let you forward SMS to email or download attachments, alternative browsers, Twitter/Facebook clients, radio apps, etc. These permissions have a use, and to go so far as to label 20% of the Market as potential malware is simply ignorance. Most of these apps have a clearly defined purpose, and if you download an app that lets you do these things, you would expect it to ask for these permissions. Similarly, if you download live wallpaper, then you would expect it to simply do its job, and if you even see a permissions page asking for anything, it would automatically make that app suspicious. The problem with the "20% malware" label is that these tags have a variety of uses, and would therefore be necessary in several apps. If a game posts a score to an online scoreboard, it will obviously need internet access. A gallery app will need permissions if you expect it to share pictures with someone through email, MMS, Facebook, Twitter, etc. I could go on and on about how apps need those permissions to do what they are expected to do, but I think I've said enough so far.