Google Remotely Nukes Apps From Android Phones

itwbennett writes "Google disclosed in a blog post on Thursday that it remotely removed two applications from Android phones that ran contrary to the terms of the Android Market. From the post: 'Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them. After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.' The blog post comes a day after security vendor SMobile Systems published a report saying that 20% of Android apps provide access to sensitive information." Update: 06/25 16:44 GMT by S : Clarified last sentence, which incorrectly suggested that 20% of Android apps were malicious. According to the report (PDF, which we discussed recently), "a majority of these applications were developed with the best of intentions and the user data will likely not be compromised.

What the hell dude, enough with the sensationalism

[somersault]

security vendor SMobile Systems published a report saying that 20% of Android apps are malicious.

No, the report said that 20% of apps require access to sensitive data (ie your address book) or functionality to perform their job. You'd think people would have noticed by now if 1 in 5 Android apps were "malicious".

Re:What the hell dude, enough with the sensational

[msauve]

Yes, and you'd think that "itwbennett," the submitter would know that, since he is affiliated with itworld (check his home page), the publisher of the linked articles.

Odd, that although he references a slashdot article from a few days ago, instead of linking to that article, or the article that links to (on CNET), or to the source of the report, or even to the report itself, he links to a rehash on itworld.

Tagged as a slashvertisement for self-promotion.

Re:But what if I liked the application

[mean+pun]

I'm fine with repositories and security updates, but nuking an applications without asking first is what Steve Jobs does and that Google is not supposed to do.

Actually, Apple has never done this until now. Yes, they have the infrastructure to do so, but so far they have never used it.

Re:But what if I liked the application

[snottgoblin]

I'm fine with repositories and security updates, but nuking an applications without asking first is what Steve Jobs does and that Google is not supposed to do.

I hate iPhone OS policies as much as the next geek (why don't I get an upgrade for security on my original iPhone, even to iOS 3.1.4?), but even Jobs doesn't delete apps from your phone. Any apps once through the store, are yours, lock, stock, and barrel. They may prompt you to upgrade, they may stop selling an app, but they don't delete them. What google should be doing is sending these users an email and free SMS letting them know that they "should delete app $FOO because it's potentially dangerous. For reference, please see https://google.com/android/press-release/93857293875928.html" Maybe some people wanted these apps... like the friends of the security researchers in question.

Actually the iPhone has the exact same "kill switch" for the exact same purpose. http://www.iphonealley.com/node/2928