Google finds that some are abusive of its app store permissiveness
With a few scant exceptions like
unauthorized
tethering apps, Google has been rather permissive in what it
allows on its Android Market -- its counter to the iTunes App Store.
Whereas approval through Apple can be filled with months
of rejections and delays for some unlucky developers, Google has
tried harder to make the process of publishing an app as straight
forward as possible.
Some malicious parties, though, have
tried to take advantage of the company's permissive nature. On
December 22, First Tech Credit Union wrote that a "fraudster
developed a rogue Android Smartphone app" that spoofs users with
a fake bank interface, trying to get users to fill in their account
information. That day BayPort Credit Union's mobile bank
provider, MShift, announced similar concerns, stating that it had
contacted Google on the December 15 about another rogue app.
It
turns out that the developer -- 09Droid -- actually had a plethora of
fake bank apps available on the Android Market, including apps posing
as Chase, Sun Trust and Bank of America. Google has at last
removed those apps from the market, explaining that they clearly
violate its terms of use.
Writes a Google spokesperson, "The
Android Market Content Policy clearly states that we don't allow
applications on Android Market to identify themselves with
third-party marks without permission. If an application violates the
content policy, we will remove it from Android Market, and developer
accounts will be terminated for repeated violations."
They
add, "For example, we have a policy against inappropriate
content, which includes malware. A developer must also abide by our
Developer Distribution Agreement in order to upload an application to
Android Market. We also may check applications for compliance with
the Market Content Policies (in order to remove malware, porn, spam,
or profanity)."
While the Android Market clearly has
rules, it is an interesting question whether Google's permissiveness
is the reason rogue apps like this have been able to slip through to
a greater degree than competitor Apple. Despite an enormous
volume of apps, few, if any, rogue apps have made it to Apple's
iTunes App store thus far.
Regardless of the answer to that
question, Mikko Hyppönen, chief research officer at F-Secure, says
rogue applications are a sign of smart
phone attack attempts to come. He also points out that
smart phone manufacturer Symbian's app approval process has also been
subverted. He writes, "Some of them will try to target
online banking, others will try to call premium-rate numbers or send
text message spam and so [on]. Signing and certifying programs are in
a key position on smartphone systems to prevent problems like this
... [although] we have seen the 'Signed by Symbian' certification
process subverted a couple of times."
"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis
|
Most Popular ArticlesSource: Don't Worry, NSA Spies on "99 Percent" of Americans' Locations, Call Records
June 14, 2013, 3:57 PM
Xbox Chief: If You Can't Get Online, Don't Buy an Xbox One
June 12, 2013, 9:57 AM
GigaHertz Wars 2.0? AMD Releases World's First 5.0 GHz FX Processor
June 11, 2013, 3:16 PM
Former Palm CEO: Selling Palm to HP was a Waste
June 12, 2013, 10:19 AM
Report: Apple to Release Larger iPhone Screens, Cheaper iPhone for $99
June 13, 2013, 9:41 AM
|
