In Android we trust…(?)
The recently discovered malware on Google’s Android Market highlights a flaw in the current design of that system. A large number of applications, including a knockoff of a guitar simulation game, have been discovered to contain code that steals the content of an Android phone and leaves it open to other further invasions by opening a backdoor. The threat of the backdoor was known and has been secured in newer versions of Android. This is the type of issue Windows users are familiar with, and one that can be addressed by constant improvements to the OS. It is inevitable that people will try to take advantage of an open operating system; we just have to hope Google has the skill to keep ahead of them. The bigger issue is the situation that led to the uploading of phone contents. As far as I know, this didn’t rely on any flaws in the OS. It was just a program not doing what it was supposed to do. There are a number of reasons a user may want their phonebook copied off their phone, the OS can’t be expected to know that playing a guitar game isn’t one of them.
This is a problem with the Android Market, not with Android. When downloading an app, the only information a user has to work with is what comes up in the market. How many users undertake the task of following up on the web link to the publisher to make their own assessment of trustworthiness? For the usefulness and price of most apps, how much pre-investment research is going to be done? This malware was downloaded because it sounded like a game that people wanted to play and there was no reason to think it was different from any other. Before downloading the app, the guitarist would have been warned that the game required access to various areas of their phone. But almost all apps take an aggressive approach to gaining access; a paper tossing game requires full internet access, phone status, device (network-based) location and the right to modify the phones global settings. Familiarity with giving that level of access has bred user contempt for the implications of signing it away.
So it seems we have the choice to either not participate in the app market or accept that we have no control over our exposure to malware. This is where Google should step in. For many years, before the invention of the word ‘app’, Windows users downloaded applications off the internet. Before the invention of the words ‘app store’, websites like Tucows, CNET, and ZDNET have been making them available. All these sites implicitly and/or explicitly guarantee the security of the apps they offer. There are a near infinite number of other apps on the internet with no guarantees, and the average Windows user knows they are taking a risk when using them. The Android Market needs to decide which model it wants to go with, because having one foot on each side brings the worst qualities of both. Right now the apps are restricted, but not guaranteed.
The fixes are easy. Warn users that the app store is a free for all and make space for a third party certified market. Have a ‘safe zone’ for Google-certified apps and have us sign our lives away to leave it. Or go the way of Apple and close the market to non-certified apps. After all, the web can still provide all the useful and potential damaging applications we crave.
Any option Google chooses leaves opening for another party to enter this space. A 3rd party with a trusted or at least trustworthy-sounding name can create a certification system. Possible monetization strategies are charging app makers for the service or taking the next step and offering a complimentary app store with the associated distribution fee. Another possibility is for network operators, whose call centers are likely dealing with any user problems anyways, to take charge. Operators control the point of sale where a bricked phone would be returned and also have the potential to monitor suspicious network traffic. Security/safety could be the service that adds weight to the WAC initiative or operator run app stores. Either way, there is a market opportunity for somebody to take advantage of.
Until then: repair and recovery for compromised Android phones – there needs to be an app for that.