CNet is reporting today (http://news.cnet.com/8301-27080_3-20008518-245.html?tag=newsEditorsPicksArea.0) that a report from SMobile Security (http://threatcenter.smobilesystems.com/) has studied the growing Android app marketplace and discovered that 20% of the 48,000 Android applications allow access to end user sensitive or private data. The only end user authentication is the approval for download dialog box. What kind of sensitive information is accessible? CNet reports:
“And some of the apps were found to have the ability to do things like make calls and send text messages without requiring interaction from the mobile user. For instance, 5 percent of the apps can place calls to any number and 2 percent can allow an app to send unknown SMS messages to premium numbers that incur expensive charges...”
As Steve Jobs clearly has pointed out numerous times, he has pursued the iTunes App Store policy clearly to better control privacy access and quality. Many have argued against Apple’s sometimes onerous control over application access. However one can argue that Apple’s control increases quality and security of those applications they do make available. Would Apple allow an application that automatically makes calls and sends text messages from an iPhone? Doubtful. Frankly I struggle to understand the value of an application that does this in the first place. The closest thing Apple’s app environment has to this is the location aware apps that send your GPS coordinates back to the vendor. In every case, however you must approve every instance of an app sending your location; every time it sends it.
Quality control is a very important element of Apple’s solutions. Android is built around openness. Security increasingly seems to be a casualty of too much openness...
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment