Google Finally Uses Remote Kill Switch On Malware

Hugh Pickens writes writes "The Google Mobile Team has announced that in addition to removing the 21 malicious applications from Android Market that were downloaded 50,000 times, suspending the associated developer accounts, and contacting law enforcement about the attacks, they are remotely removing the malicious applications from affected devices. 'We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,' wrote the team on their blog. 'For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).' Google's actions come after numerous complaints in tech publications. "Does Google really want its Android Market to gain the reputation of being a cesspool of malware? 'Certainly not,' wrote Nicholas Deleon in TechCrunch. 'But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.'"

GJ GOOGLE

[Soilworker]

Good job again google. That's why you're on top.

260,000 infected Android devices

[Anonymous Coward]

Correction: The malware was downloaded 260,000 times, not 50,000 as initially reported. source [techcrunch.com]

Openness and Archos

[tepples]

Quoth Nicholas Deleon in TechCrunch:

But then part of the allure of the Android Market is that it's open; you don't have to play by Google's rules, per se, to get on there like you do with Apple's App Store.

This might be true with respect to application developers but not hardware manufacturers such as Archos. To remain cost-competitive with iPod touch, Archos devices are missing various input and output components not needed in a portable media player, such as a cellular radio, compass, and GPS. However, because certain versions of Google's Android Compatibility Definition Document (CDD) list these components as requirements, Archos hasn't been able to include the Android Market application with the devices. To access the Market (and not the AppsLib that has a far smaller selection), one needs hacks [arctablet.com] that Google could cease-and-desist, just like it cease-and-desisted CyanogenMod for including Google applications [gizmodo.com].

Re:Android is safer than iPhone..

[Ender_Wiggin]

Actually Apple DOES warn you, via the GPS icon in the top menu bar. In Settings, you can disable Location services for any specific app and see if it's accessed your location in the last 24 hours.

Re:Openness and Archos

[teh31337one]

Oh come on. The google apps are their own proprietary apps, and manufacturers pay to have them - that's why CM couldn't include them. Market place is controlled by Google, and they can remove malicious applications if needed. Device manufacturers have to meet the minimum spec to have market access.

Re:260,000 infected Android devices

[HLJ76]

Also the summary notes only device information was potentially stolen, but fails to note that the malware was able to download more code [pcmag.com] that could do just about anything with the device. Can the market patch remove that code from the device, or will it only remove the downloaded apps leaving all post-downloaded code there to do whatever it wants to do?