Google’s liberal policies towards the Android platform and its Google Play store have come under fire, both from app developers who allege rampant piracy on the platform, as well as security researchers who have demonstrated a major new security vulnerability.
According to Tom’s Hardware, an Android developer has criticised the Android platform for allowing users to pirate software by downloading and enabling apps without going through the Google Play store, without facing any Digital Rights Management (DRM) restrictions. The criticism comes less than a week after developer Madfinger Games decided to re-release one of its apps as a “free to play” game, due to alleged rampant piracy on Android devices.
Meanwhile, according to H Online, security researchers at TrustWave’s SpiderLabs have demonstrated some alarming new vulnerabilities in Google’s automated app screening program at a Las Vegas security conference.
The researchers uploaded a seemingly benign Android app on to Google Play, passing Google’s Bouncer screening program. Once accepted into Google Play, the researchers claim they were able to release new versions of their app, with malicious new features, without the subsequent versions being screened by Bouncer.
The researchers also demonstrated a technique where they were able to use JavaScript to add malicious new features to a previously benign app, after a user downloaded it from Google Play.
Where RIM and Apple have been routinely criticised for their heavy-handed approach to blocking apps, Google has attempted to maintain a more open platform for app developers and consumers. However, the latest news points to two of the major downsides of Google’s approach.
Comments