Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Data Stealing App Downloaded By Millions

Posted by CmdrTaco on from the nobody-is-safe dept.

wisebabo writes "A wallpaper utility (that presents purloined copyrighted material) 'quietly collects personal information such as SIM card numbers, text messages, subscriber identification, and voicemail passwords. The data is then sent to www.imnet.us, a site that hails from Shenzen, China.'"

3 of 335 comments (clear)

  1. News flash! by moogied · · Score: 0, Troll

    In other news... stupid people get tricked by stupid tricks, rain is wet, and dry erase markers smell amazing.

    --
    So basically, -1 troll/offtopic is really slashdots way of saying "I hate that you thought of something before me."
  2. 50k or 4 million? by SuperKendall · · Score: 0, Troll

    The original VentureBeat article claimed the wallpaper app had been downloaded 50k times. So where is the new figure from?

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  3. Re:Unfortunately by c0d3g33k · · Score: 1, Troll

    Explain to me how a few outliers are significant compared to the number of malicious apps might have been created WITHOUT a vetting process. This says more about the vetting process and how poorly it was implemented than it does about the value of a vetting process that successfully filters a substantial number of undesirable apps.

    Introduce a vetting process that is somewhat effective though not perfect and it will still be better than the wild west that is currently the Android Market.

    I'm honestly surprised that it took so long for something like this to happen, and I attribute it to the honesty and integrity of most of the developers (or maybe their skill in remaining discreet). But there are no barriers in place that I can see to prevent an ambitious and unscrupulous developer from taking advantage of the gullible.

    When it comes to the Android Market, Caveat emptor rules the day. Some might say that is how it should be, and to a large part I agree. But there is an implicit aura of trust that surrounds the market, since it is the only "official" avenue for getting apps. There is an option in the Android settings to allow apps from "unknown sources" that comes with an ominous warning about malicious apps if you choose to enable it. That strongly implies that the apps available via the Market are to be trusted. Despite this, I've never felt that Market apps were any more trustworthy than those from other sources, precisely because there is no evidence of any vetting or other quality control.

    I would very much welcome a multi-layered market that included a vetted set of apps that could (mostly) be trusted alongside a layer or two that were more free to developers.

    As it stands right now, I just don't install anything that looks suspicious. Everything else just gets ignored. So much for "we have more apps". That means nothing.