Some malicious parties, though, have tried to take advantage of the company's permissive nature.  On December 22, First Tech Credit Union wrote that a "fraudster developed a rogue Android Smartphone app" that spoofs users with a fake bank interface, trying to get users to fill in their account information.  That day BayPort Credit Union's mobile bank provider, MShift, announced similar concerns, stating that it had contacted Google on the December 15 about another rogue app.

It turns out that the developer -- 09Droid -- actually had a plethora of fake bank apps available on the Android Market, including apps posing as Chase, Sun Trust and Bank of America.  Google has at last removed those apps from the market, explaining that they clearly violate its terms of use.

Writes a Google spokesperson, "The Android Market Content Policy clearly states that we don't allow applications on Android Market to identify themselves with third-party marks without permission. If an application violates the content policy, we will remove it from Android Market, and developer accounts will be terminated for repeated violations."

They add, "For example, we have a policy against inappropriate content, which includes malware. A developer must also abide by our Developer Distribution Agreement in order to upload an application to Android Market. We also may check applications for compliance with the Market Content Policies (in order to remove malware, porn, spam, or profanity)."

While the Android Market clearly has rules, it is an interesting question whether Google's permissiveness is the reason rogue apps like this have been able to slip through to a greater degree than competitor Apple.  Despite an enormous volume of apps, few, if any, rogue apps have made it to Apple's iTunes App store thus far.

Regardless of the answer to that question, Mikko Hyppönen, chief research officer at F-Secure, says rogue applications are a sign of smart phone attack attempts to come.  He also points out that smart phone manufacturer Symbian's app approval process has also been subverted.  He writes, "Some of them will try to target online banking, others will try to call premium-rate numbers or send text message spam and so [on]. Signing and certifying programs are in a key position on smartphone systems to prevent problems like this ... [although] we have seen the 'Signed by Symbian' certification process subverted a couple of times."