Unlike Apple's App Store iOS and other smartphone app market, Google's Android Market does not vet applications requires developers to submit software to approval before being posted. App makers of mobile platforms for Google only have to pay a small fee to register as a developer and sign your application with a certificate or key before you can upload photos directly to the Android Market.
the lack of third-party approval process for the Android Market has been identified as potential security holes in the platform. "Prevention is always better than cure - so there is no doubt that the test application will be stronger than defense malware cleaning the mess later." Graham Cluley, senior technology consultant at Sophos, told silicon.com
", of course, testing does not necessarily mean that all malware will stop at that point - but that does not mean that applications must go through additional testing." He added
Writing in his blog, Rich Cannings, Android security lead at Google, said Google's Android team is made aware of the existence of malicious applications from 1 night March "The minute we become aware of the identify and remove malicious applications," he wrote.
According to Cannings, application exploits known vulnerabilities in the Android platform, which affects versions 1.5, 1.6, 2.0/2.1 - Cupcake, Donut and Éclair - but not version 2.2.2 - Froyo - or more. Google believes dodgy apps just picked some device-specific information:. Unique IMEI / IMSI markings used to identify the mobile device, a version of Android to the device
{ 0 comments... Views All / Send Comment! }
Post a Comment