Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Android malware: Why you shouldn't be scared

JR Raphael | March 8, 2011
Reports of malware on the Android Market are far less frightening than some stories would lead you to believe. Here's why.

SAN FRANCISCO, 8 MARCH 2011 - If you've read much news lately, you know it's that time of year again -- time for the semiannual Android malware freakout show.

You know what I'm talking about: Some company, usually one that happens to sell a virus protection program for Android, comes out with a slew of blogs and press releases warning us of a super-duper-scary virus monster just waiting to attack vulnerable Android phones. Countless news stories follow, making sure we're aware of the unprecedented danger headed our way. Soon, the streets of America fill with men and women flinging their phones and running for their lives.

All right, that last part might be a stretch, but you get where I'm going here. Our latest Android malware episode started a few days ago when Lookout, a company that -- wait for it -- sells a virus protection program for Android, posted a blog and sent out a press release warning of a newly found threat. Called "DroidDream," the threat lurked in about 50 apps within the Android Market, Lookout said. If installed on your phone, those apps could potentially let an attacker install additional programs and ultimately access some of your device's data.

Long story short, Google axed the infected apps from the Market, remotely removed any traces of the programs from users' phones, and released a patch that'd prevent the apps from doing any more harm. Android engineers say the only thing the attacker might have gotten his hands on was a series of phone-identifying codes -- no personal e-mails, no phone numbers, nothing else.

Is this mildly concerning? Sure. Is it a cause for the kind of panic-and-mayhem-ridden headlines we've seen around the Web this week? Absolutely not.

Let's step back for a moment and put this in perspective: The Android Market is an open ecosystem. That means any registered developer can create and upload programs without the need for a manufacturer's approval. Inevitably, that also means something shady will show up from time to time.

It's kind of like another open ecosystem we all use: the Internet. There are tons of programs, good and bad, available for us to download. There's even (gasp!) porn. Yes, my friends, it's a big, bad, scary world out there. But the answer isn't locking it down and having some panel preapprove everything before it gets uploaded. The answer -- in both environments -- is exercising a little caution and a little common sense.

 

1  2  Next Page 

Sign up for MIS Asia eNewsletters.