Does anyone actually read the ToS (Terms of Service) that we have to agree to to do just about anything on any gadget, device or the Internet? Don’t even try to front, you know you don’t. Well, in the case of the Google Android Marketplace, apparently all Android users have given Google permission to remotely wipe apps when they deem it necessary.
Before anyone gets all worked up, it does appear that Google has only done this once so far, but it does leave you wondering when else the company could come into our phones in the middle of the night and take our beloved apps.
According to Forbes, security researcher Jon Oberheide decided to run a “proof of concept” test in the Android Marketplace by building apps that appears to be about the Twilight movie series to see how many people who could get to download them. Hidden inside of them were bits of code that would have allowed him to push out malicious code to the handsets, turning them into a network of phones to send out anything he wanted, essentially creating a “botnet” army. Mr. Oberheide had no intentions of sending out any real code, but he has proven it can be done.
Once Google got wind of this, they removed the apps from the Marketplace, and then they executed the little known feature that would allow them to remotely remove malicious apps from phones that use their Android OS. What is odd is how the company decided to describe the apps in its official blog post on the matter:
Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.
“Practically useless”? Why not be up front with people and describe what it is they were built to do, and could have done. By using this description it leaves a very open door to people wondering what other apps could be eventually targeted by the company.
There is also a lesson to be learned here in that Google took no action on these apps until after Mr. Oberheide had publicly revealed what had he done. Meaning that Google had no clue these backdoors were lurking in their Marketplace, or, worse yet, they knew, and just weren’t bothering to take action. What else could be lurking in the Marketplace that they are unaware of?
This story is disturbing on a lot of levels, but all of them give Android phone owners a lot of food for thought on whether or not they have a ticking bomb sitting on their desk.
What say you? Was Google right to handle the situation in this manner?
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Make your foliage a feature with the best plant stands
Really show off your home's foliage with a plant stand that makes your greenery a statement, rather than just background noise. We've found a dozen desirable plant stand solutions to suit all types of spaces, all styles of decor and all kinds of plants.