or Connect
AppleInsider › Forums › Mobile › iPhone › Google's Android Market web store opens new malware threat
New Posts  All Forums:Forum Nav:

Google's Android Market web store opens new malware threat

post #1 of 91
Thread Starter 
Security researchers at Sophos are urging Google to remove automatic over-the-air installation of apps as a feature from its new web store, noting that it makes the silent addition of malware and spyware to Android users' devices far too easy.

Google announced its new web-based Android Market last week at its Android 3.0 Honeycomb introduction, as part of an effort to kickstart slow Android app sales, something the company said it was "not happy" about.

However, just days later security firm Sophos has issued a warning that says Google's implementation of app sales via its website is flawed because there is no acceptance step by users on their phone.

Unlike Apple's iTunes Preview website, which allows users to browse for apps on the web but then directs them to iTunes to securely complete their purchase, Google's new web-based Android Market allows users to select and buy apps directly on the web site and then have the apps remotely installed on their device, something that is touted as a unique feature.

What if somebody else installs an app on your account?

Purchased apps are then streamed directly to the user's handset and automatically installed. The problem, researchers say, is that there is no approval mechanism that would indicate to a user that apps are being installed. Therefore, if a third party were able to access a user's account information, they could easily install apps on the user's phone without that person being aware this was even happening.

Additionally, apps on Android have far broader access to features on the phone; Google leaves the security ramifications related to apps up to the user when the app is being purchased. For example, an app that wants the ability to read all data on the phone, send fee-based SMS messages, and track the user's location must note these requests in Android Market, leaving it up to the user to decide if those requests are justified or reasonable.

However, because the new web store makes it easy for a malicious third party to bypass these choices and simply install apps behind the users' back, Android users must now be extra vigilant to monitor what apps are installed on their phone, because there is no curation by Google and no installation approval on the device itself.

In contrast, iOS apps must first pass Apple's review process and then the user must manually download the apps through iTunes or directly from their iPhone via the App Store app; Apple never beams apps directly to users' devices for unattended, quiet install.

Fishing for Passwords

Android's new security problem requires users' passwords to be intercepted by a malicious third party. Apple's iTunes users have already been regularly targeted by multiple attempts to either guess, crack or simply "phish" their passwords by malicious users seeking to obtain access to their accounts.

The difference is that with iTunes account information, all a malicious user can really do is make unauthorized purchases. This has created a booming market for stolen iTunes account credentials, inducing Apple to take steps to require users to select harder to guess passwords and to verify their credit card information on new devices the first time they are set up. This has greatly reduced the value of stolen iTunes accounts, as it prevents thieves from making purchases using new devices unless they have the accounts' full credit card information.

In contrast, with a stolen Android Market account, malicious parties can not only make purchases, but also set up targeted, powerful malware that is "sold" to the user without their knowing and silently installed on their device wirelessly with no notification. These apps can then track the user, access their calling information, collect all kinds of sensitive information on their phone, and then upload it to foreign servers before the user is even aware that a new app was installed.

"The result of all this is that a Google password suddenly becomes even more valuable for potential attackers, and I would not be surprised to see even more Gmail phishing attacks as a consequence," Sophos' Vanja Svajcer wrote. "The phishers' intention may not be to use stolen account credentials for the purposes of sending spam but to install malware on the user's Android devices instead."

Oops I did it again

"Google should make changes to the remote installation mechanism as soon as possible," Svajcer warned. "As a minimum, a dialog should be displayed on the receiving device so that the user must personally accept the application that is being installed."

Until Google takes notice of the problem, Svajcer recommended that Android users choose a strong password. The millions of new Android users will also want to make sure they don't fall for phishing scams the way millions of iTunes users have. Rather than facing refundable unauthorized purchases, they could find their personal smartphone loaded up with malware, recreating the security meltdown similar to the one Microsoft faced with Windows XP.
post #2 of 91
We used to call this "drive by installs" back when people would surf the web with unpatched copies of Windows XP.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #3 of 91
I guess it's one more facet of being "open" (as in "leaving the door open")...

Why don't people realise Google's model is all wrong?!
post #4 of 91
Thanks for the 411 AndroidInsider!
post #5 of 91
Oh, another FUD and bashing post from Mr. Daniel.

If my GMail account is compromised, the least of my worries is auto installing of Android apps.
post #6 of 91
I'm not sure if Appleinsider is going for objectivity but this article doesn't really help if it is. I love Apple products more than anyone, while it may be true that Android is more likely to have phishing going on, if you give out your password to your iTunes account, bad things can also happen. Is installing apps remotely worse? It could give them more information, but both systems still rely on the user keeping a secret password and people can still be phished through email and websites even on the iPhone. Besides, remote app installing is something Apple could easily add too and users would still need to keep their password a secret as always. The only thing this article is really bringing up is that Android doesn't curate apps and that doesn't really have much to do with remote over-the-air installing. In the end, Apple relies just about as much on users keeping their passwords a secret. Android a bit more, but again, this article doesn't really seem to make this site look good.
post #7 of 91
I'm so glad I'm an Apple user. I don't have to bother with researching through too many options, an the iTunes layer keeps us all protected from this kind of crap. I'd take a flashless phone over an insecure one any day.
post #8 of 91
Google must scare the bejesus out of you Apple fanboys, since you now seem to spend more time bashing Google and Android than talking about Apple products.

I would suggest that Sophos actually use the web-based Android Market before criticizing it. Any app that is downloaded to an Android phone shows up in the notification bar and the user must manually clear the notification to make it go away. It's hardly an "unattended, quiet install." Then again maybe the editors at AppleInsider don't understand a properly functioning notification system, because Apple has failed in its implementation on iOS.

I used to enjoy AppleInsider, but you've all gone round the bend with your slavish worship of all-things Apple and willingness to bash Google without even considering whether or not your arguments make sense.
post #9 of 91
Quote:
Originally Posted by zencowboy View Post

but you've all gone round the bend with your slavish worship of all-things Apple and willingness to bash Google without even considering whether or not your arguments make sense.

I think you then need to extend that flattery to Sophos as well.
(But then again, it is pretty much accepted wisdom that one should take security alerts from security software companies with a large pinch of salt.)
post #10 of 91
Sure, you can install apps remotely.
But they can't run for the first time on their own.

So if a random app appears to have been randomly installed on your phone, first of all change your Gmail password, but secondly, don't open it and uninstall it.

Problem solved.
post #11 of 91
Quick fix with a dialogue message on androids part. The idea itself is fairly good, but again why not just go and download the app straight from the phone instead of going on the web. I don't think I bought a single app from iTunes itself in recent memory, it's all been through the phone. But as I said the concept is interesting from purely technological point of view.
--SHEFFmachine out
Da Bears!
Reply
--SHEFFmachine out
Da Bears!
Reply
post #12 of 91
Quote:
Originally Posted by Gwydion View Post

If my GMail account is compromised, the least of my worries is auto installing of Android apps.

I agree with that (not least since I do not own any Android device ) but this is still an example that there rarely is such thing as a free lunch (ie, there is often enough just one more thing to think about with any given new feature).
post #13 of 91
Quote:
Originally Posted by Gwydion View Post

Oh, another FUD and bashing post from Mr. Daniel.

If my GMail account is compromised, the least of my worries is auto installing of Android apps.

I don't see it as FUD. He's just reporting what this security researcher is reporting. This is the kind of thing people want to know. We each have our own risk aversion, if it doesn't bother you, so be it, but people want to know what's what...

AI also reports negative news about Apple. Relax.
2011 13" 2.3 MBP, 2006 15" 2.16 MBP, iPhone 4, iPod Shuffle, AEBS, AppleTV2 with XBMC.
Reply
2011 13" 2.3 MBP, 2006 15" 2.16 MBP, iPhone 4, iPod Shuffle, AEBS, AppleTV2 with XBMC.
Reply
post #14 of 91
Quote:
Originally Posted by zencowboy View Post

Google must scare the bejesus out of you Apple fanboys, since you now seem to spend more time bashing Google and Android than talking about Apple products.

// snip //

I used to enjoy AppleInsider, but you've all gone round the bend with your slavish worship of all-things Apple and willingness to bash Google without even considering whether or not your arguments make sense.

Agreed. This site, along with others like electronista, have become full-time Android-bashing sites. It's almost as if the Apple fanboys are immature children who are upset that their device is no longer the only hot thing on the scene. Seriously, I've seen an incredible amount of ridiculous, hypocritical, contradictory pseudo-arguments on here in the past few months defending everything Apple does as perfect and everything Google and Microsoft do as horrible and yucky. It's a shame.
post #15 of 91
Quote:
Originally Posted by zencowboy View Post

Google must scare the bejesus out of you Apple fanboys,

That depends.

Which model phone? HTC, Samsung, Huawei, ZTE, etc., etc.?

Which (probably non-updated) version of Android?

So far there's a lot more confusion than fright.
post #16 of 91
Quote:
Originally Posted by derekmorr View Post

Agreed. This site, along with others like electronista, have become full-time Android-bashing sites. It's almost as if the Apple fanboys are immature children who are upset that their device is no longer the only hot thing on the scene. Seriously, I've seen an incredible amount of ridiculous, hypocritical, contradictory pseudo-arguments on here in the past few months defending everything Apple does as perfect and everything Google and Microsoft do as horrible and yucky. It's a shame.

You know, your posts might be taken more seriously if you could refrain from your frequent use of the invective "fanboy". Just a suggestion.

And to be fair, the Apple fans need to curtail their use of "fandroid/phandroid".

Using any of these does nothing to encourage intelligent discussion.
post #17 of 91
Quote:
Originally Posted by penchanted View Post

You know, your posts might be taken more seriously if you could refrain from your frequent use of the invective "fanboy". Just a suggestion.

I'd refrain from it if the posts here warranted it. I didn't use it in the past, but as the comments on here became increasingly shrill and closed-minded, it seemed appropriate. No matter. I've given tired of trying to talk sense into anyone here. It's a hopeless endeavor, since folks ignore evidence, have double standards, and, when all else fails, just make things up.
post #18 of 91
I honestly have no idea about how Google's security is in relation to others. However, the WiKi Leak documents revealed that Google lost tons of user data by being hacked most likely by the Chinese government. That likely includes stuff like Gmail and all that personal information Google collected by copying people's wi-fi communications. .

I don't know if it is related, but my stepfather recently was locked out of his gmail account because somebody gained access. Since then they have been sending spam to friends using his actual account. Moreover, he not too long after got a call from his Visa card folks asking him did he make a purchase in India for about $17, 000 for clothes. The guy is pushing ninety. He hasn't bought anything other then underwear and socks in years.

Further, the biggest annoyance with Google is its customer service really really stinks. You can't call Google on the phone. At least the company tries to make it real hard for you to do so. My step father never could get back into his account because there was nobody at Google to get on the phone and Google would only respond to him with form letters. The original Nexus One purchasers also had nobody to call for help because Google didn't have customer service people and T-Mobile said Google didn't provide it support documents. This was the same problem my step dad used to have with his Windows computer (he now happily uses a Mac). He'd call up Dell to ask about a problem. Dell would say, call Microsoft it is a Window's problem. Microsoft would say call up Dell, as it is responsible for the support. With Apple you know who to call.

Further, the benefit with Apple is there is always somebody at Apple to talk to. I once wrote Jobs an email. A day later one of his assistants called and personally addressed my issue. I had a five year old Mac that had repeated problems and technically was out of warranty. Apple paid to have the Mac fixed. I can always understand Apple's support people as well.
post #19 of 91
Quote:
Originally Posted by derekmorr View Post

It's a hopeless endeavor, since folks ignore evidence, have double standards, and, when all else fails, just make things up.

Welcome to Planet Earth.
post #20 of 91
I was taught in first grade name calling is childish. Apparently, you weren't taught the same thing. Otherwise, you wouldn't address people as "fanboys."

Further, the website is called "Appleinsider." That means people here are probably fans of Apple. There are plenty of sites you can find where bashing Apple and Microsoft are full time occupations.



Quote:
Originally Posted by derekmorr View Post

Agreed. This site, along with others like electronista, have become full-time Android-bashing sites. It's almost as if the Apple fanboys are immature children who are upset that their device is no longer the only hot thing on the scene. Seriously, I've seen an incredible amount of ridiculous, hypocritical, contradictory pseudo-arguments on here in the past few months defending everything Apple does as perfect and everything Google and Microsoft do as horrible and yucky. It's a shame.
post #21 of 91
Originally Posted by derekmorr
Agreed. This site, along with others like electronista, have become full-time Android-bashing sites. It's almost as if the Apple fanboys are immature children who are upset that their device is no longer the only hot thing on the scene. Seriously, I've seen an incredible amount of ridiculous, hypocritical, contradictory pseudo-arguments on here in the past few months defending everything Apple does as perfect and everything Google and Microsoft do as horrible and yucky. It's a shame.

Quote:
Originally Posted by penchanted View Post

You know, your posts might be taken more seriously if you could refrain from your frequent use of the invective "fanboy". Just a suggestion.

And to be fair, the Apple fans need to curtail their use of "fandroid/phandroid".

Using any of these does nothing to encourage intelligent discussion.

derekmorr, if you follow his posts, is an obvious troll and/or techtard who thinks everything should be free and hates apple's success and business model. He just hangs around here waiting to pounce on insightful conversation and insight.
post #22 of 91
Quote:
Originally Posted by derekmorr View Post

I'd refrain from it if the posts here warranted it. I didn't use it in the past, but as the comments on here became increasingly shrill and closed-minded, it seemed appropriate. No matter. I've given tired of trying to talk sense into anyone here. It's a hopeless endeavor, since folks ignore evidence, have double standards, and, when all else fails, just make things up.

We can only hope that your poor tired self goes away...
post #23 of 91
Ignorance and obvious bias on the authors part, but given the site, I'm looking past that.

As many have said, when you remotely install an app, it puts a big old notification in the notifications panel saying the app has been installed... unless you manually launch the app, the app can't do a single thing, much like when you install an app on an iPhone... until you launch it, its just idle data on the phone. It absolutely does not install anything without the user knowing... so everyone here who hasn't actually gone through the process yourself, you have no warrant commenting on the process.

If Apple had done this very thing, the Apple crowd would be praising Steve for creating something that didn't exist before... but Apple has no intentions of being so forward thinking because of the chain that attaches your phone to the overpriced machines they sell. Devices are becoming more wireless in everything they do with each passing day... Apple needs to accept that.
post #24 of 91
Guys, this is an Apple fansite.

If you don't like reading disparaging opinions of Android and Google, I'm sure you'd be much happier elsewhere.
post #25 of 91
I was curious how long it would take [brain]DED to cover this story. This "research" showed up on other tech sites a couple of days ago, and was immediately shot down as sheer idiocy. Clearly, some malicious person obtaining the password for your Google, Amazon, iTunes, bank, business mail, etc. accounts could be a problem, but not any more so for Google than for anything else. The fact that some "empty suit" decided to fake competence and spread some FUD does not mean that we should eat up the BS. DED seems to disagree.
post #26 of 91
Quote:
Originally Posted by Quadra 610 View Post

Guys, this is an Apple fansite.

If you don't like reading disparaging opinions of Android and Google, I'm sure you'd be much happier elsewhere.

This article showed up on the news widget on my Nexus S which brought me here... the reason I felt compelled to respond is because the article is only telling part of the story... reading it without knowing first-hand how the process works leads you to believe your life is in danger if you have an Android phone which is completely not true. People are merely adding fact to the loopholes in the story.
post #27 of 91
Quote:
Originally Posted by AppleInsider View Post

...addition of malware and spyware to Android users' devices far too easy...

But that's OK, because Apple is Evil and Google is Open.

Quote:
Originally Posted by otosnede View Post

Ignorance and obvious bias on the authors part, but given the site, I'm looking past that.

Uh, you're not 'looking past' anything if it's the very first thing you say. You're pathetic, but given who you are, I'm looking past that.
post #28 of 91
Quote:
Originally Posted by zencowboy View Post

Google must scare the bejesus out of you Apple fanboys, since you now seem to spend more time bashing Google and Android than talking about Apple products.

I would suggest that Sophos actually use the web-based Android Market before criticizing it. Any app that is downloaded to an Android phone shows up in the notification bar and the user must manually clear the notification to make it go away. It's hardly an "unattended, quiet install." Then again maybe the editors at AppleInsider don't understand a properly functioning notification system, because Apple has failed in its implementation on iOS.

I used to enjoy AppleInsider, but you've all gone round the bend with your slavish worship of all-things Apple and willingness to bash Google without even considering whether or not your arguments make sense.

Scare us? Don't make me laugh. Tell Google to crank out some hardware sweetie, then we can talk about the possibility of uncontrollable sweats.
post #29 of 91
Quote:
Originally Posted by Mister Snitch View Post

But that's OK, because Apple is Evil and Google is Open.



Uh, you're not 'looking past' anything if it's the very first thing you say. You're pathetic, but given who you are, I'm looking past that.

I can feel the love (:
post #30 of 91
Quote:
Originally Posted by otosnede View Post

I can feel the love (:

You earned it.
post #31 of 91
Quote:
Originally Posted by Mister Snitch View Post

You earned it.

Thank you
post #32 of 91
Quote:
Originally Posted by 8CoreWhore View Post

I don't see it as FUD. He's just reporting what this security researcher is reporting. This is the kind of thing people want to know. We each have our own risk aversion, if it doesn't bother you, so be it, but people want to know what's what...

AI also reports negative news about Apple. Relax.

Not Daniel. It never is apple's fault! No really!
post #33 of 91
Quote:
Originally Posted by AppleInsider View Post

Purchased apps are then streamed directly to the user's handset and automatically installed. The problem, researchers say, is that there is no approval mechanism that would indicate to a user that apps are being installed. Therefore, if a third party were able to access a user's account information, they could easily install apps on the user's phone without that person being aware this was even happening.

Why would there need to be when you approved it online? Duh.

Quote:
However, because the new web store makes it easy for a malicious third party to bypass these choices and simply install apps behind the users' back, Android users must now be extra vigilant to monitor what apps are installed on their phone, because there is no curation by Google and no installation approval on the device itself.

Still hard to do when all installed apps are listed on your account online. They can't hide.

Quote:
In contrast, with a stolen Android Market account, malicious parties can not only make purchases, but also set up targeted, powerful malware that is "sold" to the user without their knowing and silently installed on their device wirelessly with no notification. These apps can then track the user, access their calling information, collect all kinds of sensitive information on their phone, and then upload it to foreign servers before the user is even aware that a new app was installed.

Like mentioned, installed apps do not auto run, and still include all the security warnings.

Quote:
Until Google takes notice of the problem, Svajcer recommended that Android users choose a strong password. The millions of new Android users will also want to make sure they don't fall for phishing scams the way millions of iTunes users have. Rather than facing refundable unauthorized purchases, they could find their personal smartphone loaded up with malware, recreating the security meltdown similar to the one Microsoft faced with Windows XP.[c][url=http://www.appleinsider.com/articles/11/02/06/googles_android_market_web_store_opens_new_malware _threat.html]

Oh no, an android user will just restore the phone and sync to the cloud. The horror, the horror.

I expect nothing less from Daniel. Maximize your opponents flaws, pretend yours don't exist.
post #34 of 91
Quote:
Originally Posted by FreeRange View Post

derekmorr, if you follow his posts, is an obvious troll and/or techtard who thinks everything should be free and hates apple's success and business model. He just hangs around here waiting to pounce on insightful conversation and insight.

Thank you for proving my point. I was wondering how long it would take.

See ya later, folks. I wish I could say it's been fun, but it hasn't.
post #35 of 91
Quote:
Originally Posted by otosnede View Post

This article showed up on the news widget on my Nexus S which brought me here... the reason I felt compelled to respond is because the article is only telling part of the story... reading it without knowing first-hand how the process works leads you to believe your life is in danger if you have an Android phone which is completely not true. People are merely adding fact to the loopholes in the story.

I am a big fan of technology. I'd rather hear both sides. Is there some kind of notification on new software being installed when you buy software from the android market website? I didn't see any when I watched the Google webcast announcing the new feature but I could have missed it.

OK, so I crack someone's Android Marketplace password. In order to install malicious software it would have to exist in the Android Marketplace somewhere right? Are the apps in the Android Marketplace reviewed and approved? How malicious can I make my software?

Let's just assume I was also able to get my malicious software into the Android Marketplace. The app would get installed on the other person's phone. In order for it to behave maliciously would it have to be executed by the user or can I get it to run after installation or at boot without the user knowing?
post #36 of 91
Quote:
Originally Posted by franktinsley View Post

I'm not sure if Appleinsider is going for objectivity but this article doesn't really help if it is. I love Apple products more than anyone, while it may be true that Android is more likely to have phishing going on, if you give out your password to your iTunes account, bad things can also happen. Is installing apps remotely worse? It could give them more information, but both systems still rely on the user keeping a secret password and people can still be phished through email and websites even on the iPhone. Besides, remote app installing is something Apple could easily add too and users would still need to keep their password a secret as always. The only thing this article is really bringing up is that Android doesn't curate apps and that doesn't really have much to do with remote over-the-air installing. In the end, Apple relies just about as much on users keeping their passwords a secret. Android a bit more, but again, this article doesn't really seem to make this site look good.

Where is there a problem with "objectivity" in this article? It lays out a fairly serious security flaw discovered in Google's web store design, and relates this to how iTunes/iPhones work, clarifying that this problem is limited to Android.

It also brings up iTunes security issues of the past year, hardly flattering for Apple.

Given that millions of Mac and iPod users use Android smartphones, what is wrong with AppleInsider reporting on an issue that is important to them, and clarifying that it is not relevant to iOS users?

You say this article "doesn't make the site look good," but you apparently don't even understand the issues being described. Perhaps the lack of objectivity is not AI, but you and Fandroid patrol who attack every DED article, regardless of its objectivity or its factual basis.

Sounds like Dilger is right in pointing out that Android is no threat because its supporters are so afraid of any flaws that they make a smokescreen of attacks at the sources of the reports rather than publicizing the flaws so they can be fixed. This results in a weaker, not stronger platform.

"We'll know when Android has legs because it will stand on its own." A good read:

Why Apple Can't Be Too Worried About Android 3.0 Honeycomb Tablets Taking Away iPad Sales
post #37 of 91
Quote:
Originally Posted by derekmorr View Post

Thank you for proving my point. I was wondering how long it would take.

See ya later, folks. I wish I could say it's been fun, but it hasn't.

Somehow I don't buy your declaration. You'll be back. Your ilk is attracted to Apple centric sites like moths to a flame. You simply can't help yourself.
post #38 of 91
It's almost comical how consistently I can guess when it's one of Daniel's articles just from the headline.
post #39 of 91
Quote:
Originally Posted by sprockkets View Post

Why would there need to be when you approved it online? Duh.

Poor reading skills? If you can't handle Dilger's writing, perhaps you could just go to the security site and read it directly. It's the same message though. If an account is compromised (and millions of accounts are fished all the time), you're not just facing apps you didn't pay for that you need to ask to be refunded. You're ACTUALLY GETTING THEM INSTALLED ON YOUR PHONE!

That's a very serious design flaw, one Google should have anticipated.

Quote:
Still hard to do when all installed apps are listed on your account online. They can't hide.

Yes, and malware doesn't exist on Windows because everyone can see it in their Registry. How moronic, a new low for you, anonymous troll/Dilger-hater.

Quote:
Like mentioned, installed apps do not auto run, and still include all the security warnings.

That's your reaction? Not, "Whoa, Google should fix this," but "NO PROBLEMS!!!!! PAY NO ATTENTION!! ANDROID IS FLAWLESS!!!"


Quote:
Oh no, an android user will just restore the phone and sync to the cloud. The horror, the horror.

Seriously, that's your solution? After you've had malware installed on your phone, you "just" reinstall everything? Hey, worked for Windows XP, didn't it?

Quote:
I expect nothing less from Daniel. Maximize your opponents flaws, pretend yours don't exist.

I see you are as grossly hypocritical as Google is in the whole Bing situation. Pot kettle black.
post #40 of 91
Quote:
Originally Posted by Archos View Post

Perhaps the lack of objectivity is not AI, but you and Fandroid patrol who attack every DED article, regardless of its objectivity or its factual basis.

You make some good points in your post. However, I don't think that calling people fandroids moves the discussion forward. Especially when the person your talking to says they are a fan of Apple.

I think the part that strikes me as sensationalist in the AI summary is this "These apps can the track the user, access their calling information, collect all kinds of sensitive information on their phone, and then upload it to foreign servers before the user is even aware that a new app was installed."

Is this true? I don't see anything in the sophos article that says that the user wouldn't have to also execute the application for it to perform the malicious actions described in the AI summary. The sophos article says by cracking the username password the person will be able to "retrieve the details of Android devices registered in your name as well as the details of all the Market applications you have already installed." But that's all it says the cracker can do other than install it, unless you actually execute the app. I don't have an android phone and haven't ever installed an android application. Do you know if you can get an Android application to startup after installation without user interaction?
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Google's Android Market web store opens new malware threat