Accused malicious Android app developer says the story is “bull****”
July 30, 2010 | by Andrew Kameka
Security companies often issue headline-grabbing reports about the threat of malicious activity. Those headlines sometimes don’t have much of a story to go with them, and people get caught in the crossfire.
That’s what one developer says happened to him when Lookout insinuated that several Android apps were potentially malicious. After a VentureBeat story on those findings said his app was collecting personal data and sending it to a “mysterious server in China.” the blogosphere was set ablaze with stories of malicious apps compromising data from “millions” of people.
The only problem with this narrative is that it’s not exactly true. While some apps make suspicious requests for data, there are occasions when it’s completely legitimate – as we noted in yesterday’s PSA on security permissions. Jackeey Wu, the accused developer, has defended himself in a statement to AndroidTapp.com citing that very issue. According to Wu, Lookout and VentureBeat wrongly suggested that his apps steal information that would be impossible to obtain since his app did not have permission to access that type of data. The suspicious permissions requested were done so because of user request and had legit reasons.
AndroidTapp has posted Wu’s comments in full to illustrate a line-by-line defense on the supposed security concerns. Meanwhile, Lookout has attempted to distance itself from the accusations by posting a clarification on its blog, but the damage may have already be done. Google has removed Wu’s apps from the Market to investigate the claims, and it’s quite possible that it will find nothing malicious in these apps. If that proves to be the case, a developer’s reputation may have been irreparably damaged.
If Google finds nothing malicious VentureBeat should be forced to publish a front page retraction.
This whole firestorm is more likely apple biased media jumping at a chance to publish one decent justification of the iron fisted restrictions of the app store. I mean, it's not like users of this app have had hundreds of dollars charged to them in bogus app store sales.. oh wait, that was an Apple problem, so it was forgiven.
I agree with what Brian said. I have used the Background program since I first got my Android phone, never had any problems with it.
we are likely to see more of those stories…
I totally agree with brian. Apple gets forgotten but any other company is backfired.
My recent post 7 Tips To Be Safe When Downloading Apps From Android Market
If a wall paper app is requesting more than usual permissions, just don't download it. It is really up to the end user to look at what permissions the app they are downloading wants to access.
Many times, free apps use the internet permission because their app uses advertisements. Also, there is nothing wrong with grabbing device data. The developer wants to know screen sizes so he can deliver better wallpaper options.
If this is true and Google decides to ignore this I'd put in for a lawsuit if I was that developer. That developer's livelihood is at stake here. As a large company, Google needs to be rather careful what they say. You can't just say anything to the press. Slander is rather expensive these days!
I agree, if the permissions being asked seem unreasonable then it's best not to download it. This type of compromise does seem likely to only grow though. If it isn't true, the developer does deserve an apology.