Both had hidden functionality that the stores' respective app police failed to spot. How did that happen? Who can say.
What it does show is that there's no guarantee on either platform that the app you downloaded, digitally signed or not, won't have a payload that does something that you didn't agree to. And that payload might conceivably compromise your personal info.
The "Flashlight" app wasn't discovered by Apple. In order to deliver its benefits to the end user, the user needed to know how to access it, and once the info was out there, it was only a matter of time before somebody blogged it. That's how Apple became aware of it, and subsequently pulled it.
Click for info.
That app, for those unfamiliar with it, enabled tethering on the iPhone. A rather innocuous payload to be sure, but still forbidden by Apple. It could quite easily have been far less benign though, and there's no guarantee that there's not a smarthone app already doing the self same thing with your privacy right now. On either platform.
However, having pointed out what ought to have been obvious to everybody who bothered reading the report, the real kicker is that my iPhone likely puts me at as much risk of data theft as any smartphone user out there, and that fact is rather less deserving of glee and much more deserving of caution. Especially using free app downloads.
Let's be careful out there.