Malware in Android Market

<http://arstechnica.com/open-source/...n-android-

ighlights-googles-vulnerability.ars>
Malware in Android Market highlights Google's vulnerability

Google has removed 21 applications from the Android Market after it
was discovered that the apps secretly installed malware. The
applications themselves included pirated and renamed versions of
legitimate Android software that had been modified to include the
malware and then offered for free on the Market. Together, the 21
programs received more than 50,000 downloads over the course of
about four days.

The malicious applications sent personal details, including the
phone's unique IMEI number, to a US-based server. Worse, it
exploited security flaws to root the phone, and installed a backdoor
application that allows further software to be installed to the
handsets. Though Google has now purged the applications from the
Market, the rooting and backdoor mean that the anyone who has run
one of the malicious programs should reset their phone to stock
conditions to clean it up.
...
Android is now a major smartphone platform, estimated to be
outselling the iPhone. For many, its openness and flexibility is a
virtue, but it comes at a cost: it leaves the platform unusually
susceptible to attack. And those attacks will come: just as
popularity has made Windows an attractive target, so too will the
black hats be drawn to Android. This will place Google in an
increasingly uncomfortable position; locking down the platform may
be appealing to most users, but it would infuriate and alienate the
early adopters and trend-setters who championed the operating system
in its early days. However, leaving it a free-for-all could make
Android the Windows 98 of smartphone systems: virus-ridden and
unsafe.

Some lessons:

1) Android is a Linux based OS. The idea that since you are using Linux
you are safe from malware is *clearly* not true.

2) Apple's alternate method of handling apps, where there is very, very
little chance of malware clearly has some benefits.

And some predictions:

1) Malware for the Android is going to get more prevalent before it
becomes less so. Android users (Linux users!) will increasingly be
using anti-malware software and other tools usually associated with
Windows. The very types of software many of the "advocates" claim slow
down computers enough to make them not worth using.

2) The fact a platform gets malware will be held, in COLA, to be a sign
users are doing something wrong - and not something about an OS doing
something wrong. This is, of course, the exact opposite view many of
the "advocates" take toward Windows and its malware problems.

3) Apple's iOS will continue to be, essentially, malware free... this
will not be seen as an advantage to the "advocates".