A Chinese mobile security solutions provider warned today that the proliferation of apps now available in the Android Market means that increasingly more malicious software–viruses, spyware, malware, and the like–now threaten Android phones.
NetQin Mobile said in July that it found the program called “Carrot App,” a tip calculator, will read all of a phone’s SMS messages and send them hourly to a designated email address; another version of the app can also “overhear” voice conversations on the phone. Today the company noted the 11-fold growth in the number of apps made available in in July 2010: 18,600 as opposed to the 1,669 apps in July 2009. Considering that one in five apps are able to access personal information, that’s a lot of potential for attacks against Android phones, NetQin said.
China is a particularly nurturing place for dangerous computer programs to flourish, since many people buy counterfeit software and thus can’t access effective anti-virus programs. Mobile security would be just as much of a concern in that country, so it’s easy to dismiss NetQin’s statement as fear-mongering to drum up business.
But the company has a point: There is a danger, and more importantly there is a perception of danger that may be greater than the reality. So, while Android apps are a great way to brand one’s company, and while they also offer potential mobile revenue, app-makers need to take steps to ensure consumers of their product’s safety. Consumers also need to do their part.
Any app that can access personal information must be clear and up-front about the fact. Even better, perhaps, are apps that don’t require such information, or only require a limited amount. Meanwhile consumers should read through the app’s permissions statement, looking for this disclosure, before downloading. It’s like double-opt-in all over again.