Security Warning Over Web-Based Android Market

← Back to Stories (view on slashdot.org)

Security Warning Over Web-Based Android Market

Posted by Soulskill on Friday February 4, 2011 @06:54AM from the convenience-vs-security dept.

An anonymous reader writes "Security researcher Vanja Svajcer is warning that cybercriminals may be particularly interested in stealing your Google credentials, after discovering a way of installing applications onto Android smartphones with no interaction required by the phone's owner. The new web-based Android Market retrieves the details of Android devices registered to the Google address, and automatically installs software onto the associated smartphones with no user interaction required on the phone itself. Svajcer summarizes: 'Google should make changes to the remote installation mechanism as soon as possible. As a minimum, a dialog should be displayed on the receiving device so that the user must personally accept the application that is being installed.'"

87 comments

Min score:

Reason:

Sort:

Minimum by Spad · 2011-02-04 07:01 · Score: 4, Interesting

Surely as a minimum you should just be able to turn off the ability to install apps remotely.
1. Re:Minimum by Charliemopps · 2011-02-04 07:19 · Score: 1
  
  if your account were compromised, couldn't they just turn it right back on?
2. Re:Minimum by Anonymous Coward · 2011-02-04 07:39 · Score: 0
  
  You should be able to turn it off *on your phone*.
3. Re:Minimum by John+Hasler · 2011-02-04 08:31 · Score: 1
  
  Not if you could turn it off on the phone. Of course, you should obviously have to authorize each installation manually from the phone anyway.
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
4. Re:Minimum by icebike · 2011-02-04 09:26 · Score: 2
  
  Installing apps remotely is a convenience factor that has a lot of merit.
  A simple confirmation on the phone should suffice.
  Perhaps, but a more sensible approach than turning it off is to make for a more secure environment by having
  better password management, and encrypted connections throughout the Google infrastructure.
  At a minimum everything you do on Google should be done over https, (the market is, but its not real clear how
  secure C2DM really is. It relies on your 'Google Talk' connection, and I simply have not had the time
  to sniff that traffic to see if its encrypted or not. Google Talk maintains some pretty resilient connections over
  3G,Edge,WIFI, etc.
  Its the WIFI ones you have to worry about, especially if you frequent open WIFI routers.
  
  --
  Sig Battery depleted. Reverting to safe mode.
5. Re:Minimum by Threni · 2011-02-04 09:49 · Score: 1
  
  Why isn't everything encrypted on Android all the time? And the web? I don't understand. It's not like it's financially or computationally expensive. Can people just not be bothered?
6. Re:Minimum by icebike · 2011-02-04 09:58 · Score: 1
  
  As far as the web, it is slightly more expensive computationally to create a secure connection than an open one.
  Scaled up to the size of Google, its a major issue, but on the other hand, Google has enough computing power to handle it. Does Slashdot?
  For most web pages it simply doesn't matter. But anytime you have to have an account and log in, it should be supported.
  
  --
  Sig Battery depleted. Reverting to safe mode.
7. Re:Minimum by sortius_nod · 2011-02-04 10:22 · Score: 1
  
  I have no idea why this wasn't implemented from the start. It seems like one of the most basic of "security" measures. Sure, if the device is compromised and has malicious code on it already this would probably become a useless security feature, but to compromise the device I have a feeling they'll be using this remote install. It won't take much to spoof Google's credentials and get malicious code on to the phone at this stage.
8. Re:Minimum by WarmNoodles · 2011-02-04 13:21 · Score: 1
  
  I have no idea why this wasn't implemented from the start. It seems like one of the most basic of "security" measures.
  Ya think?
  How about as a basic first security measure Google and Apple reach out to one of the following companies and commissioned work to add objective C and the Droid platform java and C++ validators to one or more of the code scanning platforms below. Companies are circa 2008
  Ounce labs analyzer
  IBM app scan source analyzer
  Fortify 360 analyzer
  Vericode service
  KlocWork analyzer
  And thousands of companies that specialize in manual and automated source code reviews
  And why they would allow adding arbitrary apps to thier respective app stores without having to present a certified scan from one of the above tools can only be attributed to some combination of apathy, stupidity, greed or just dammed effective marketing.
  Just have to shrug and roll my eyes every time I see a proud iPhone or Droid user gloat in carnal innocent malware bliss.
old debacle: convenience vs security by Superken7 · 2011-02-04 07:02 · Score: 4, Interesting

This is nothing new (the part about no user intervention), its called C2DM. Your google account would need to be compromised for an attacker to remotely install software on your phone.
IMHO this sounds like the old convenience vs security debacle. I prefer convenience in this case, since if someone compromises my goog account, I have much more important things to worry about. (like services trusting the ownership of my email account, private information, etc..)
"As a minimum, a dialog should be displayed on the receiving device so that the user must personally accept the application that is being installed."
Again, I don't agree. I don't care about that, I want CONVENIENCE. However, the point that he makes that your compromised account is now more valuable is still valid. I just don't agree on the solution.
Why not just opt out of remote phone installs? At least make the user validation of remote installs optional, for the ones who are more concerned about that?
1. Re:old debacle: convenience vs security by Dexter+Herbivore · 2011-02-04 07:04 · Score: 5, Funny
  
  Open devices are like a girl with open legs, convenient but they have their own risks.
2. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 07:10 · Score: 0
  
  Thank you for taking the time to type out what was on my mind in a nice, clear method. Saves me having to say the exact same thing.
3. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 07:11 · Score: 0
  
  Not to forget guys with broken zippers. Ach.
4. Re:old debacle: convenience vs security by h4rr4r · 2011-02-04 07:12 · Score: 1
  
  Mod parent way the heck up.
  If you can get my google account sure it is worth more, but you can also buy stuff via google checkout which is a way bigger risk to me.
5. Re:old debacle: convenience vs security by geekoid · 2011-02-04 07:13 · Score: 2
  
  A pop would indicate to you that someone has compromised your account.
  Of course, in the end you say exactly what the person you are replying to suggested.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
6. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 07:13 · Score: 0
  
  Totally - http://en.wikipedia.org/wiki/Vagina_dentata
7. Re:old debacle: convenience vs security by staryc · 2011-02-04 07:15 · Score: 1
  
  Open devices are like a girl with open legs, convenient but they have their own risks.
  Open devices are like a guy with an open mouth, convenient but they have their own risks.
  Fixed.
  
  --
  The most perfidious way of harming a cause consists of defending it deliberately with faulty arguments. - Nietzche
8. Re:old debacle: convenience vs security by commodore64_love · 2011-02-04 07:21 · Score: 0
  
  >>>Open devices are like a girl with open legs
  Yeah but a phone can be thrown-out if it becomes "diseased". Not so with your willy.
  
  --
  "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
9. Re:old debacle: convenience vs security by Dexter+Herbivore · 2011-02-04 07:30 · Score: 1
  
  Hey, it works both ways, I'm just talking from a male perspective... don't be offended. Man-whores are just as damaging to sexual relations (and potentially health, HPV has awful consequences) as an "easy" woman. I'm sorry I didn't use non-specific gender assignation but that just seems like a load of (quoting Neal Stephenson here) bullshyte when I'm trying to make a general reference from a male perspective. I know plenty of women who can do damage with an open mouth too, but apparently saying that may be offensive!
10. Re:old debacle: convenience vs security by node+3 · 2011-02-04 07:36 · Score: 2
  
  "As a minimum, a dialog should be displayed on the receiving device so that the user must personally accept the application that is being installed."
  Again, I don't agree. I don't care about that, I want CONVENIENCE.
  This seems a bit much. A dialog box saying, "Install: [list of new apps]?", seems convenient enough to me. It's not even saying you need to type in your password, just accept new apps. You can even have a "Don't ask me again." checkbox if you really just want binaries from the Internet to be automatically installed.
  This is Security 101. Prompting should be default, and if it's to be allowed to be disabled at all, it should require some level of user acceptance.
  You talk about "your password is compromised already, you have worse things to worry about!", what about some guy hacking into a girl's gmail account and remotely installing some stalker malware? Or phishers hacking into your parent's account to do the same, but for banking fraud purposes?
  This is a bad default decision, but it's reasonable that there will be some mistakes when rolling something new out like this. It seems to me like you're only defending it because to do otherwise would require admitting a security weakness in Android.
11. Re:old debacle: convenience vs security by Onuma · 2011-02-04 07:41 · Score: 1
  
  Many surgeons and manufacturers of antibiotics may choose to disagree.
  
  --
  What else can happen when an unstoppable force collides with an immovable object?
12. Re:old debacle: convenience vs security by staryc · 2011-02-04 07:43 · Score: 1
  
  Sexual promiscuousness and speaking are both alright when done responsibly. I'm just reminding /. that there is a female population around here and therefore a female perspective to things, too.
  
  --
  The most perfidious way of harming a cause consists of defending it deliberately with faulty arguments. - Nietzche
13. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 07:57 · Score: 0
  
  I don't care about that, I want CONVENIENCE.
  Does that mean you leave your car and home unlocked too? That few seconds it takes to lock and unlock those are just intolerable right? Far better to just leave the doors unlocked do anyone get into them, after all it's more convenient to clean up the mess after it happens than prevent it (or at least make it more difficult). It is attitudes like this that cause so many security issues in the first place...along with a lack of understanding of the consequences.
14. Re:old debacle: convenience vs security by Dexter+Herbivore · 2011-02-04 08:00 · Score: 1
  
  I quite seriously apologise for any possible offence caused by my remark, please don't take it out of context. I cannot emphasise enough how sorry I am if I have caused offence. It was a comment made without due concern for the sensitivities of other genders and I do understand that. I made a *joke* without proper concern for gender stereotypes without qualifying myself properly. My intention was not to harm but merely to amuse.
15. Re:old debacle: convenience vs security by meloneg · 2011-02-04 08:05 · Score: 1
  
  Unfortunately, your analogy falls down badly. Compromising my google account is the equivalent of having my keys. This is more like asking (on the other side of the door) if I really mean to open that door.
16. Re:old debacle: convenience vs security by xiando · 2011-02-04 08:16 · Score: 4, Insightful
  
  This is nothing new (the part about no user intervention), its called C2DM. Your google account would need to be compromised for an attacker to remotely install software on your phone.
  The "account" part is less important. What really matters is that Google can remotely install software on your phone. Google itself may be compromised in one way or another. It should simply not be possible to install anything on any device without notifying the user on that device.
  
  --
  9/11: Never forget it was a false-flag operation
17. Re:old debacle: convenience vs security by bemymonkey · 2011-02-04 08:18 · Score: 2
  
  Agreed, it's a feature implemented for our convenience. This so called researcher is blowing things way out of proportion...
18. Re:old debacle: convenience vs security by bemymonkey · 2011-02-04 08:21 · Score: 1
  
  What malware? The only apps that are installable are the ones on the Android Market, where any malware will be flagged by users right away...
19. Re:old debacle: convenience vs security by node+3 · 2011-02-04 08:26 · Score: 2
  
  What malware? The only apps that are installable are the ones on the Android Market, where any malware will be flagged by users right away...
  You just said, "What malware? The malware that's on the Android Marketplace?"
  Yes, that malware.
20. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 08:31 · Score: 0
  
  Well the three females in the /. population please forgive us, we usually talk to the basement geeks, and the attention hoggers that use female names to get attention!
21. Re:old debacle: convenience vs security by John+Hasler · 2011-02-04 08:36 · Score: 1
  
  Or what about people who don't use their Google accounts for anything important?
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
22. Re:old debacle: convenience vs security by SadButTrue · 2011-02-04 09:50 · Score: 1
  
  This is Security 101. Prompting should be default, and if it's to be allowed to be disabled at all, it should require some level of user acceptance.
  This sounds like the Vista security policy. It is really, really wrong. Prompting always is pretty much the same as never prompting. If you prompt for the same action over and over people just accept the prompt as part of the action and stop reading them. It's just the way we work.
  
  --
  grape - the GNU free, open source rape
23. Re:old debacle: convenience vs security by amRadioHed · 2011-02-04 10:11 · Score: 1
  
  I don't particularly want the prompting, but I think in this case it wouldn't really be a problem. Sure you would pretty much expect and ignore the dialog every time you installed an app from the web, but I think I'd notice if I had to dismiss that prompt while I'm walking down the street nowhere near another computer.
  
  --
  We hope your rules and wisdom choke you / Now we are one in everlasting peace
24. Re:old debacle: convenience vs security by hawaiian717 · 2011-02-04 10:24 · Score: 1
  
  but it's reasonable that there will be some mistakes when rolling something new out like this
  No, it's not reasonable. Making security mistakes like this mean that security wasn't included in the architecture design from the beginning. Yes, lots of people treat security as an afterthought, and no, it's not a good thing.
  
  --
  End of Line.
25. Re:old debacle: convenience vs security by aitan · 2011-02-04 10:24 · Score: 1
  
  The user is notified.
  After the application is installed you can see a new entry in the notification bar, so if you didn't ask to install it you will notice right away that something is wrong.
26. Re:old debacle: convenience vs security by node+3 · 2011-02-04 11:50 · Score: 1
  
  This is Security 101. Prompting should be default, and if it's to be allowed to be disabled at all, it should require some level of user acceptance.
  This sounds like the Vista security policy. It is really, really wrong. Prompting always is pretty much the same as never prompting. If you prompt for the same action over and over people just accept the prompt as part of the action and stop reading them. It's just the way we work.
  What you're really saying is that security is the same as no security. Why lock your door? You're just going to unlock it every time someone comes to it, right?
  I can't see how you can reasonably equate prompting with not prompting in this case. Vista is a red herring. We're not talking about prompting every time a user does something remotely admin-like. We're talking about prompting whenever the OS wants to install software from the Internet. This is much more like Windows prompting before installing third-party software. The problem with UAC (in Vista far more than in 7) is that it came up so much that it was essentially something you just learned to click in order to use your computer. That's not what we're talking about here. Software install and update prompts have been normal for a decade now.
  This whole argument against prompting is extremely silly. If anyone other than Google was doing this, there'd be an uproar. But since it's Google, I guess we'll let this slide, right?
  This is Security 101. You don't let third party binaries on your system that you didn't ask for.
27. Re:old debacle: convenience vs security by node+3 · 2011-02-04 11:55 · Score: 1
  
  but it's reasonable that there will be some mistakes when rolling something new out like this
  No, it's not reasonable. Making security mistakes like this mean that security wasn't included in the architecture design from the beginning. Yes, lots of people treat security as an afterthought, and no, it's not a good thing.
  I didn't say it was a good thing, I said it was reasonable.
  My proof is that people are fallible. What's unreasonable is expecting absolutely no security hitches ever. When something like this happens (and it's wise to always count on something like this happening), what's important is how it's dealt with. This situation only really becomes unreasonable if Google does nothing about it, or takes too long to do so.
28. Re:old debacle: convenience vs security by SadButTrue · 2011-02-04 11:58 · Score: 1
  
  This is Security 101. Prompting should be default, and if it's to be allowed to be disabled at all, it should require some level of user acceptance.
  This sounds like the Vista security policy. It is really, really wrong. Prompting always is pretty much the same as never prompting. If you prompt for the same action over and over people just accept the prompt as part of the action and stop reading them. It's just the way we work.
  What you're really saying is that security is the same as no security. Why lock your door? You're just going to unlock it every time someone comes to it, right?
  Nope, What I am saying and what I did say was that obtrusive warnings and no warnings are roughly the same. Which you agree with in your next paragraph.
  
  --
  grape - the GNU free, open source rape
29. Re:old debacle: convenience vs security by node+3 · 2011-02-04 13:34 · Score: 1
  
  Nope, What I am saying and what I did say was that obtrusive warnings and no warnings are roughly the same.
  No, you said warnings and no warnings are roughly the same. Specifically, "Prompting always is pretty much the same as never prompting."
  
  Which you agree with in your next paragraph.
  No, I said prompting too often can train the user to just click them away. Obtrusiveness is a necessary aspect of security prompts. Prompting for every little thing isn't. If that's what you really meant, or at the very least, what you mean now, than we agree enough on that topic at least.
  And I also stated, however, that this is a red herring, because remote app installs aren't going to happen so often as to become automatic responses.
30. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 14:03 · Score: 0
  
  But in this case, the prompting is useful because the app is being pushed to the phone, and the prompt gives you the opportunity to acknowledge that you did it and you want the app, or someone else did it and you don't want it. If I'm at a desktop installing something, I always know I'm installing it and I don't need to think about it.
31. Re:old debacle: convenience vs security by ChunderDownunder · 2011-02-04 14:08 · Score: 1
  
  Obligatory
32. Re:old debacle: convenience vs security by Anonymous Coward · 2011-02-04 20:02 · Score: 0
  
  This is a bad default decision, but it's reasonable that there will be some mistakes when rolling something new out like this.
  REASONABLE?!?
  If iOS allowed this, the flames of a thousand slashdotters could be felt on the other side of the galaxy.
  BTW, this is NOT news. I'm too lazy to look up the article right now; but Android's remote INSTALL capability was discussed last year on /., around the same time that Google demonstrated that they could REMOVE apps just as easily.
  And, considering that this is a fundamental DESIGN flaw (not a bug), and that Android has had HOW many revisions and been out for HOW long, and had HOW many "Open Source Forever!" eyes look at it, I don't think Google deserves even the slightest "pass" on this inexcusable and fundamental security flaw. After all, who in their right mind would design such a feature into a "mobile" OS (or ANY OS for that matter), and not make it either ALWAYS prompt the user, and/or user-defeatable?
  Seriously? Who?
33. Re:old debacle: convenience vs security by commodore64_love · 2011-02-05 06:45 · Score: 1
  
  >>>Open devices are like a girl with open legs
  Yeah true but a phone can be thrown-out if it becomes "diseased". Not so with your willy. An open unprotected phone is less deadly and less of a concern.
  
  --
  "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
34. Re:old debacle: convenience vs security by CheerfulMacFanboy · 2011-02-05 10:25 · Score: 1
  
  Unfortunately, your analogy falls down badly. Compromising my google account is the equivalent of having my keys. This is more like asking (on the other side of the door) if I really mean to open that door.
  Unfortunately you analogy falls even worse. It would be like asking for your approval if you actually wanted to use that brand new appliance that has been delivered to your house while you were away - because you will not remote install apps on your phone even remotely as often as you will open your door.
  
  --
  Fandroids hate facts.
it's safe for me! by s0litaire · 2011-02-04 07:03 · Score: 1

"The new web-based Android Market retrieves the details of Android devices registered to the Google address, and automatically installs software onto the associated smartphones with no user interaction required on the phone itself"
That's only a problem if the site works!!
So far I've tried 3 times with 3 different apps and i've not been able to remotely install an app via the web page on my Android phone...

--
Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
1. Re:it's safe for me! by Anonymous Coward · 2011-02-04 07:07 · Score: 0
  
  Works flawlessly for me.
  Nexus One, 2.2.2, running newest (the 15 minute refund, UI revamped) version of the market.
2. Re:it's safe for me! by pvera · 2011-02-04 07:45 · Score: 1
  
  What carrier? I have installed at least 3 so far with no issues, this is a Samsung Intercept (2.1) with Virgin Mobile USA.
  
  --
  Pedro
  ----
  The Insomniac Coder
3. Re:it's safe for me! by s0litaire · 2011-02-04 08:20 · Score: 1
  
  I'm on UK "Three" Network.
  Running CynogenMod 6.1.3
  With Market 2.2.6
  Looks like it's a problem with some versions of Rom's people are using. Stock, and "sense" based roms seem to work, but custom ones it's hit or miss wither it works.
  
  --
  Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
4. Re:it's safe for me! by psyclone · 2011-02-04 08:34 · Score: 1
  
  Why would you use the website on your Android phone and not the Market app?
  The only purpose for the [ugly] market.android.com website is to bypass the phone for app research and installs.
  Though if you're browsing a website not on the phone, why not use AppBrain instead? At least it supports rudimentary sorts and filters.
  I'd really love to browse a market by filtering-away apps that require permissions X (where X includes reading browser history, contacts, etc.). Then I could sort by number of downloads as well as ratings. (Not just average rating but number of ratings.)
  The android market is a joke, both on the device and off.
5. Re:it's safe for me! by s0litaire · 2011-02-04 08:54 · Score: 1
  
  Did i say i was using my mobile to access the website?
  I'm using the site on my laptop. (phone is charging on the other side of the room.)
  p.s.
  It does not work even if I use the site on my mobile.
  
  --
  Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
6. Re:it's safe for me! by idontgno · 2011-02-04 11:43 · Score: 1
  
  Thank God I'm running CM7.1 nightlies!* Hell, the built-in stuff doesn't work all the time! Certainly this remote-installing nightmare-hell of malware is guaranteed to fail!
  *Or was, until I broke my smartphone's screen... <sad>. Can you imagine how hard it is to use a touchscreen OS when you can't see what's on the screen?
  
  --
  Welcome to the Panopticon. Used to be a prison, now it's your home.
7. Re:it's safe for me! by s0litaire · 2011-02-04 12:02 · Score: 1
  
  I'm keeping clear of the Nightlies at the moment.
  I'm waiting for a stable beta of CM7 (probably when HTC bring out a stock Gingerbread for the desire HD)
  
  --
  Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
8. Re:it's safe for me! by Skythe · 2011-02-04 16:27 · Score: 1
  
  Have you turned sync adapters on? (Power control widget's 2nd last icon). If you have sync disabled it won't work.
Really? by MrHanky · 2011-02-04 07:03 · Score: 1

When you install software on your phone, it shows up in the status bar. It's not like someone can install things secretly.
1. Re:Really? by geekoid · 2011-02-04 07:15 · Score: 2
  
  True, but who is looking at their status bar 24/7?
  Especially if the program being maliciously installed is designed to remove itself from the status bar.
  Seriously, root kits have been removing themselves from lists and logs since 1984.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
2. Re:Really? by NatasRevol · 2011-02-04 07:47 · Score: 1
  
  Can't Sleep.
  Status Bar Will Eat Me. /simpsons
  
  --
  There are two types of people in the world: Those who crave closure
3. Re:Really? by h4rr4r · 2011-02-04 07:49 · Score: 1
  
  The notification stays until you clear it. If there are apps with rootkits in them in the market then you have bigger problems.
4. Re:Really? by MrHanky · 2011-02-04 07:55 · Score: 1
  
  No one, of course. But don't you have to run an app to, well, run it? Unless you restart your phone, evidently: Some apps do start up at boot even if you never started them before, but I've never noticed one start at install. Then again, I'm not entirely sure how the .apk packages work.
5. Re:Really? by maxwell+demon · 2011-02-04 07:58 · Score: 1
  
  So you think an app with a rootkit which you have to explicitly install is a bigger problem than an app with a rootkit which installs itself without user interaction?
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
6. Re:Really? by h4rr4r · 2011-02-04 08:14 · Score: 1
  
  No, I would say they are the same problem. The issue is then an app with a rootkit and how you got it does not matter.
7. Re:Really? by maxwell+demon · 2011-02-04 08:31 · Score: 1
  
  I would say they are not the same problem. I can protect myself against an app with a root kit by not installing it. I can't do that if it installs itself.
  Now you will probably counter that I usually won't know that there's a root kit in the app. Which is only partially true: While you never can be completely sure about it, there are apps which are more likely to have root kits than others. Moreover, generally the set of apps you knowingly install will be quite limited. An attacker would have to put the root kit into an app which you would want, but where you don't already have an equal or even better app. With an app which installs itself, the attacker doesn't even need to make the app appear interesting. I'll get it even if I don't want to.
  
  --
  The Tao of math: The numbers you can count are not the real numbers.
8. Re:Really? by pointybits · 2011-02-04 08:47 · Score: 1
  
  Apps can include background services, but by design they can't start the services on install, they are only allowed to start them when the application is run for the first time, or when the device is rebooted. However they can hook system events on install so the app can be launched when the phone receives an SMS for example.
9. Re:Really? by brunes69 · 2011-02-04 11:01 · Score: 1
  
  That's not possible for a few reasons. First, you would need root-access to the Android OS. Second, even if you have rooted your phone, any time an app asks for root a big box takes over the phone and you HAVE to accept it within 5 seconds or that app is blacklisted from ever asking for root again.
10. Re:Really? by Tacvek · 2011-02-05 07:34 · Score: 1
  
  That assumes you have installed Koush's or ChainsDD's Superuser app, which admittedly pretty much all rooted "ROM"s and pretty much all instructions for rooting a phone contain, so in practice it is always installed. However, please note that any app that exploits a kernel flaw to gain root could bypass the superuser application.
  
  --
  Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
summary is misleading by Anonymous Coward · 2011-02-04 07:03 · Score: 1

They can only do this if they steal your password first -- not that they will silently install an app, and then swipe your login details.
Re:Fourth Post! by Stenchwarrior · 2011-02-04 07:04 · Score: 1

Damnit!

--
Loading...
The bigger security issue by Mike+Buddha · 2011-02-04 07:12 · Score: 5, Funny

The bigger security issue that aflicts all Android phones is that of pocket-based or belt-holder-based security. The vast majority of Android users falsely secure their devices by carrying them in their pockets or on belt holders. If a hacker were able to remove the phone from the pocket or belt, they could covertly install malicious apps, make phone calls, check call log, spam sms messages, etc.
Google needs to address this gaping hole in Android security.

--
by Mike Buddha -- Someday the mountain might get him, but the law never will.
1. Re:The bigger security issue by Anonymous Coward · 2011-02-04 08:17 · Score: 0
  
  The bigger security issue that aflicts all Android phones is that of pocket-based or belt-holder-based security. The vast majority of Android users falsely secure their devices by carrying them in their pockets or on belt holders. If a hacker were able to remove the phone from the pocket or belt, they could covertly install malicious apps, make phone calls, check call log, spam sms messages, etc.
  Google needs to address this gaping hole in Android security.
  They have addressed this issue Mike. It is called a passcode, or a screen lock pattern. If you own an android and don't have these security measures installed, then you deserve to have your data taken from your phone. It is super easy to set up.
2. Re:The bigger security issue by mdm-adph · 2011-02-04 09:22 · Score: 1
  
  WHOOSH
  
  --
  It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
3. Re:The bigger security issue by Anonymous Coward · 2011-02-04 15:11 · Score: 0
  
  Yah, smartphones need to be set up so they only work when a user's brain wave scan matches that of their registered user.
4. Re:The bigger security issue by BitZtream · 2011-02-05 08:43 · Score: 1
  
  The difference is, if someone takes it off my belt I'll know it.
  If someone malicious attacks google or your google account, you end up with software on your phone without any prior knowledge.
  So go ahead, take my phone out of my pocket, install malicious app on it, and put it back in my pocket ... I'm pretty sure I'll know, unless you happen to get it during the 7 or so hours a night when its not in my hand or my pocket ... but instead laying next to me on my nightstand ... I'm pretty confident I'll know you did it.
  On the contrary, Google can install things all day long and you may never notice since it or anyone else with the right information can do it wirelessly. Doesn't have to be Google, just has to be someone that finds an exploit. THIS IS WHY STATICLY CONFIGURED REMOTE ACCESS AND CONTROL IS BAD. Not just because Google can do it ... but because ANYONE with the right info can do it to millions of devices.
  Perhaps you shouldn't talk about security, even if you're trying to be funny.
  Of course, its important to note, since most people are new to smart phones in general that they pretty much all had some sort of setup like this done via the carriers since cell phones started. Its also important to notice that AFAIK Apple was the first to more or less take all control away (not that they didn't maintain it for themselves) from the carriers (at least initially).
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
5. Re:The bigger security issue by Mike+Buddha · 2011-02-05 15:27 · Score: 1
  
  Perhaps you shouldn't talk about security, even if you're trying to be funny.
  You're absolutely right. I've learned my lesson. Some subjects are just too serious to have anything remotely funny said about them. Having programs installed on your phone due to a hypothetical security flaw is one of those subjects. Are there any other purely hypothetical situations that should not be made light of, or should we treat all FUD with the same level of respect and dour consternation?
  
  --
  by Mike Buddha -- Someday the mountain might get him, but the law never will.
It's Always Worked This Way by Anonymous Coward · 2011-02-04 07:19 · Score: 1

This is the way the Android Market app has always installed apps on the phone. The process is async. The Market app sends a request to google, google authorizes it, then pushes the app to your phone. The web site is using the same mechanism.
Before you write another story, make sure it's actually been cracked first.
Did not know this by Anonymous Coward · 2011-02-04 07:25 · Score: 0

Wow Security Researcher Vanja Svajcer did you notice this by being paid a ton of money or just when you tried to install something from Android Market for the first time. Wish I could get the big bucks to write about something every Android owner already realized!
I'm going to go look at how if someone dials your phone number, and your phone rings without your intervention...must be a security breach
Silent install is needed by Anonymous Coward · 2011-02-04 07:28 · Score: 0

There's plenty of businesses -- small to large -- that can make good use of silent installs of apps on a users phone so that capability should not be taken out. My company, in fact, has been selling software for years with the ability to remotely administer a company employee's mobile phones. Rather than having to manually install software on all your employees' phones you just send out a silent install of new or updated software to all of them.
In the decade that I've been doing mobile device software I've seen many mobile os'es come and go and many seem to make the same naive mistakes at first. One naive mistake is to believe the user needs to approve everything that goes on with the phone (Windows Mobile 7 is really, really bad about that which is one of many reasons it is a doomed OS even though I quite like the UI).
I would agree with a security measure of making sure apps have to explicitly ask for permission to do silent installs of other apps in their install package and I'd be perfectly happy with this causing an extra impossible-to-ignore dialog to come up that the user has to agree to in order to allow the install.
1. Re:Silent install is needed by Onuma · 2011-02-04 07:52 · Score: 1
  
  Agreed.
  
  I think there should be a default level of "silence" depending on the programs to be installed. Make it optional to have everything, nothing, or specific programs bring up a prompt based on user preference. It sounds like a fairly easy solution, really.
  While I'm running a recent version of the Blackberry software, I've got Google Sync allowed to do some things with everything else requiring my assent. Android designers should have taken a cue from an extremely successful portion of wireless market.
  
  --
  What else can happen when an unstoppable force collides with an immovable object?
and a secure solution would look like what? by xanthos · 2011-02-04 07:54 · Score: 1

Lets help Google out here and describe what a secure solution should look like.
Do you follow Apple's walled garden approach and only run officially signed code?
Do you follow Msft's signed code approach where you warn but let them run anyway?
Do you download to a quarentine area and force the user to accept it to run it?
others?

--
Average Intelligence is a Scary Thing
1. Re:and a secure solution would look like what? by h4rr4r · 2011-02-04 08:51 · Score: 1
  
  Sandbox every app, then have the user allow specific permissions. This would mean however than a user could avoid adds in a free app by not letting it talk to the network.
Oh come on by shoehornjob · 2011-02-04 08:11 · Score: 1

As a minimum, a dialog should be displayed on the receiving device so that the user must personally accept the application that is being installed.
That'll never work. Can you say drive by attack? Users don't look at these things and criminals know it. That's why people get their pc's infected with all sorts of nasty bits. Oh yeah 800 viruses and spyware found on your computer!!! Click here to clean your pc. Google needs to make it right not just put a band aid on it.

--
"We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
1. Re:Oh come on by John+Hasler · 2011-02-04 08:40 · Score: 1
  
  That'll never work. Can you say drive by attack? Users don't look at these things and criminals know it.
  So what you mean is "That'll never work for fools."
  
  --
  Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
2. Re:Oh come on by shoehornjob · 2011-02-05 01:46 · Score: 1
  
  So what you mean is "That'll never work for fools."
  Ok....you got me there but Google still needs to make it right.
  
  --
  "We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
Ahhh yes by WillyWanker · 2011-02-04 08:38 · Score: 1

Ahh yes... today's security DDDDDOOOOOOOOOOOOOOMMMMMM!!!!! Really, isn't anyone else sick to death about these things that NEVER affects ANYONE?
1. Re:Ahhh yes by Mike+Buddha · 2011-02-04 14:33 · Score: 1
  
  FUD affects everyone. If Apple is going to withstand the onslaught of Android, the FUD's going to have to fly fast and thick. Potential insecurity! Fragmentation! Beware!
  
  --
  by Mike Buddha -- Someday the mountain might get him, but the law never will.
just don't let someone access your account by mshenrick · 2011-02-04 08:43 · Score: 1

make this an optional security feature and just do the same as you would your facebook account, don't let other people on it!
Is this an Apple or HP announcement? by Earl+The+Squirrel · 2011-02-10 03:40 · Score: 1

I was watching this on engadget and couldn't tell from the images whether I watching an Apple or HP announcement.
This picture ... change TouchPad to iPad and put the guy in a black turtleneck....sure looks like the iPad announcement.. Look at this picture from the original iPad announcement... sure looks similar to me.
This e-mail app looks pretty damn close to the iPad one.
This keyboard sure looks almost identical to the iPad.
In general, I saw this as a rehash of the Apple and Google approaches to a common OS for Phone and Pad. Can't speak to either on "pc" though both have leaked rumors at least of having their OS on some form of a PC. To me this was a big "yawn" from a late comer to this space.