In this story on ArsTechnica.com, I find it funny, annoying, and pointless that people point out that there are some malware apps in the Google Android app store. The Google app store (now called “Google Play”) is nothing more than a consolidated place for apps that would otherwise be available on the creator’s on web sites. But, unlike the web, Google can and does take down apps that are proven to be malicious. Just like on Windows, it’s the user’s responsibility to not download junk from sources they don’t trust and to use common sense. It’s the difference between freedom on an open system vs. a closed system. With freedom, there are risks. With a walled garden, there are fewer risks (not zero), but much less freedom. Each has its own merits and no one can be blamed for which they choose. I personally choose freedom. I’m a big boy and I’m educated and can manage my own risks. But that’s just me.
See also: Understanding what Android actually IS
Take this quote from the ArsTechnica.com story:
“The apps, which were reported here by McAfee researcher Carlos Castillo, masqueraded as video players offering trailers of Android games and anime content. In the background and without warning, they also obtained the phone number and a unique identifier of the infected device and sent the information in clear text to a remote server under the control of the software developers”
Whenever you install an Android app, you’re given a list of the phone’s data and features the app is requesting access to from the OS. So, I call bull sh!t on “and without warning”. If you’re downloading a video player and the app store says it asks for access to your contacts, you simply refuse to let the app be installed. I have refused the installation of several apps based on this simple logic — apps whose function has nothing to do with what it’s requesting access to. Simple. BTW, the “unique identifier” is normal for all apps that have ads to support them. Not much different than a web site getting your IP address or a Windows/Mac/Linux desktop app that sends your MAC address and/or other hardware IDs, but unlike Windows/Mac/Linux desktop apps, Android apps can’t be installed without you being told, point blank and openly, what they’re requesting access to from the OS.
Pointing out that there are malicious Android apps is no more relevant than pointing out there are malicious Windows apps or malicious Mac apps or malicious Linux desktop apps. Yep. We know that. That’s the price of freedom — risk. And, for people that “don’t know any better”… I call BS on that too since the app store shows you what any Android app you’re about to install is requesting access to. It’s usually a very small list and takes only seconds to see and decide. I have no pity for morons that blindly click “Allow” and neither should you. If you’re intelligent enough to read and install an app, you’re smart enough to decide if a video player should have access to your contacts. Hint: The answer is “NO!”
See these images?
You’ll find an actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.
Check back later for updates too!