Home / News / Software News / Google Flicks Remote Android Kill Switch

Google Flicks Remote Android Kill Switch

David Gilbert

by

Google Flicks Remote Android Kill Switch

The issue of fragmentation in Android has caused some, well, fragmented views among mobile phone users. Some feel it’s not a problem while others see it as a potentially fatal flaw in the operation system. Whatever your view, the security issues thrown up by the recent discovery of malicious apps in the Market will worry everyone.

Last week we reported on 21 malicious apps being removed from the Android Market. Over the weekend Google confirmed that there were actually 58 apps involved, which 260,000 people had downloaded. Last week Google removed the apps from the Market within minutes of hearing about them. Over the weekend, to safeguard those who had downloaded the apps, Google flicked a remote kill switch which removes the offending apps from people’s handsets without the users to do anything. Google will also be issuing a fully automated Android Market security update to infected devices that should remove the rootkit (Android Market Security Tool March 2011). All affected users will be receiving email notifications about the situation as well.

Apparently the apps were able to gain root access to the handsets they were downloaded to, however Google believes only the handsets' IMEI numbers were obtained rather than any personal information that could have been gathered. The problem for Google though, is it cannot automatically patch the security hole that was exploited by the malicious apps as it requires a system upgrade to resolve. It is up to the carriers and phone manufacturers to send out such an update.

The problem only affects devices running Android version 2.2.1 and lower as Google actually fixed the problem in more recent versions of the platform. However, because of the fragmentation of Android and the delay in getting updates out to devices, the vast majority of Android devices are currently running versions 2.2.1 or lower.

While this attack on Android devices doesn’t seem to have caused too much damage to the handsets affected, what it has damaged is Android’s reputation and if these apps can get into the Market in the first place, then Google needs to change the way it pushes out updates or risk the security of its customers' mobile devices.

Source: Google Mobile Blog and Tech Crunch

Lockhart

March 7, 2011, 3:40 pm

Does the kill switch work on rooted phones too I wonder?

Tim Sutton

March 7, 2011, 6:29 pm

The Android fragmentation issue is really starting to worry me. It's so inefficient and leads to so many potential issues.

Kaurisol

March 7, 2011, 7:51 pm

Fragmentation didn't really matter with dumb or feature phones, but I do believe that Google need to use separate layers so that they can update the underlying OS without having to wait for the phone manufacturer or network to release their patches.

Hans Gruber

March 8, 2011, 1:02 am

@Kaurisol - agreed. Sooner the better. I wish it was easy to root my own phone without fear of bricking it.

Seems very suspicious and odd that these malware apps could gain root? I wonder if it relates to... Well, I remember being able to temporarily root my Legend phone using an app but it was kind of pointless as I couldn't change any files, just read the ones on the phone. Proof of concept though I guess, which may have later been exploited if it was the same technique employed.

comments powered by Disqus