Google opts to trigger 'remote kill' switch
Google (NASDAQ: GOOG) took the rare step late Saturday of invoking its "remote kill" switch to remotely erase apps from Android-powered devices infected by hidden malware. There were 58 malicious applications discovered on the Android Market earlier in the week, and they had been downloaded onto approximately 260,000 devices before Google took them off the market.
The apps contained an exploit that had been discovered in August and was patched before the Android 2.2.2 version was released. Most Android devices were using earlier versions of the OS, however, because the system updating is done by carriers and manufacturers rather than automatically by Google. Android devices tend to be left unprotected from this kind of exploit because the carriers and device makers don't have the same incentive to update devices after they've been purchased.
"The whole situation is pretty alarming for Android users," writes Jason Kincaid at TechCrunch. "[T]he fact that [Google] is unable to distribute system security updates is unnerving--Google can downplay Android's fragmentation issue all it wants, but when user security is at stake, we shouldn't have to rely on the carriers."
Rich Canning, Google's Android security lead, said in a blog post that he believed the attackers were only able to get device-specific information, such as the codes used to identify devices and the version of Android, but potentially they could gain access to other data.
As Seth Weintraub at Fortune notes, the remote kill switch--giving manufacturers the power to erase apps without a device owner's involvement--is fairly controversial. Users may not get up-in-arms over Google's use of the kill switch in this instance because the app was of low quality and there was potential for the attack to get worse, he writes. However, how the app ended up in the Android Market is a question some users will likely be asking.