Skip the navigation

Google throws 'kill switch' on Android phones

March 7, 2011 02:24 PM ET

That app, which will be installed automatically no later than Tuesday on all Android phones whose owners had downloaded one or more of the malicious apps, prevents attackers from accessing any additional information by undoing the root access the malware obtained by exploiting vulnerabilities.

The Android Market Security Tool March 2011 does not patch the underlying bugs that were exploited by the malware-infected apps, said Mahaffey, but does appear to remove traces of the malicious code that aren't erased when the apps are uninstalled. Lookout is continuing to dig into Google's tool for more insight into its workings.

According to Google, Android 2.2.2 and earlier contains the bug, but later versions, including Android 2.3, aka "Gingerbread," do not.

Unlike Apple, Google does not distribute its own mobile operating system updates, whether security-related or otherwise, but relies on carriers to do so. Google launched Android 2.3 in December 2010, but as of mid-February, the bulk of Android phones -- nearly 90% by Google's numbers -- were still running older, and thus vulnerable, versions of the operating system because carriers often take months to roll out Android updates.

Analysts have also blamed Google's lax app publishing policy for allowing the infected software onto the Android Marketplace.

"Google will change its model," said John Pescatore, a security analyst with Gartner Research, referring to Google's current practice of not vetting the apps listed in the market. In contrast, Apple closely reviews all apps that it places in its App Store, which is also the only sanctioned outlet for the iPhone.

"Google's search engine tells users when it suspects a site might be distributing malware," Pescatore noted. "That's what the market wants in a search engine and in mobile. People don't want to say, 'Oh oh, should I download this app?' They just want to say, 'That's a cool app, I'll download it.'"

Pescatore also knocked Google for resorting to pushing the security tool to users after the fact. "That's the worst of both worlds, if Google says 'We'll continue to let anything in the Market, but then says, 'Download this [anti-malware] app,'" said Pescatore. "Don't force us back to the bad ways of the PC.

"It's so much better to keep the bad stuff off in the first place," Pescatore said. "Come on, Google."

Mahaffey, however, applauded Google's decision to automatically install the tool. "Hats off to Google," he said today.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at Twitter @gkeizer or subscribe to Gregg's RSS feed Keizer RSS. His e-mail address is gkeizer@computerworld.com.

Read more about Security in Computerworld's Security Topic Center.



Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!