Open is good, except when it’s wiping your phone’s resources through a little swipe and stealing your data. This is how many Android owners likely feel right now as there have been problems with Android apps containing malicious code, hitting the Google Marketplace. The problem, some charge, is that Google isn’t vetting its apps like Apple does. For many Android users, however, there is a lot of appeal to this. But for those being infected by malware, this is not a good thing.
It’s the permissions, stupid
In true geeky Android fashion, experienced users are quick to point out that if the end user would just take a moment to look at both the permissions the app is asking for, in addition to seeing if the feedback on the offending apps is positive, this could have been avoided. Speaking as someone who also loves open source software and an open way of making apps available, both of those are the dumbest statements I’ve ever heard. Unless Android is begging people to be tech savvy only, no one outside of the geek community has any idea what the hell to even look for. Explaining otherwise only feeds my argument.
Malware defense with anti-virus software
Around 2005, I said loud and clear that we would have a day when this happens. We would witness a world in which mobile devices would be hit with malware in much the same way as their desktop counterparts. It appears I was right, if only differing on the delivery mechanism. This leads me to wondering if the security suite software now being sold on Android doesn’t suddenly start making a lot of sense? Probably not.
Then again, here’s something that does. Create a cheap security sweep app that looks at all of the apps installed on your Android device, then gives you an outline in plain English as to which apps might be putting you at risk. Whether this is just based on permissions or even looking at log files of what the apps have been running over the course of the week, this data would be worth its weight in gold.
Best of all, it wouldn’t mean having to start vetting the software. No, all Google has to do is offer this functionality or support someone who is willing to develop themselves. I can’t speak for everyone, but it’s sure a lot better than what we’ve been doing and that is playing damage control. I own an iPhone, so I am unaffected by this stuff. But for the rest of you, are you sure you want your parents installing such generic titles as “Chess” or “Photo Editor,” among others with really harmless sounding names? We’d better do something, or this is going to bite Google in the backside with casual, non-geek users very quickly.