Maybe Apple’s App Review Process Isn’t So Heinous – 21 Android Apps Turn Out To Be Malware
Mar 2nd, 2011 | By James Lewin | Category: Apple iPad, iPhoneApple’s iOS app review process has long been the source of criticism: It’s too slow, it’s too arbitrary or it’s biased.
Unfortunate news about the Android platform, though, suggests that maybe Apple’s app review process may not be so heinous after all.
Android Police reports that 21 popular free apps for Android phones, apps that have been downloaded 50-200k times in the last 4 days, are actually malware that will root your phone, steal your private data and open a backdoor to your system.
Android Police’s Aaron Gingrich notes:
It does indeed root the user’s device via rageagainstthecage or exploid.
But that’s just the tip of the iceberg: it does more than just yank IMEI and IMSI. There’s another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID.
But that’s all child’s play; the true pièce de résistance is that it has the ability to download more code. In other words, there’s no way to know what the app does after it’s installed, and the possibilities are nearly endless.
The fact that over 50,000 users got their phones rooted is horrible; the fact that this was predictable and the tip of the iceberg if nothing changes, even worse.
If you’ve downloaded one of the malware apps, the recommended solution is to stop using your phone and to ask your carrier to exchange it for a new device.
Does this incident make you reconsider the pros and cons of Apple’s app review process?
Does Apple actually systematically screen apps for malware?
I agreed with Apple vetted program. Look at the Android market with just one very important example. They are allowing the official Wells Fargo app, but also somebody else’s Wells Fargo app that as far as anybody knows will steal customers information. There have been many message left for Google to take it down and has been reported as malware, and the app is still there for many months.
So boys, what do you prefer, freedom to get scam and taken to the cleaners or allow someone to vet every app to be clean? I go for clean!
Eduardo –
There’s a place for both approaches – but this sort of incident does validate Apple’s reasoning for its approach.
Theres an easy way to know if its malware… but apple is just becoming a boutique