Google flips Android kill switch, destroys a batch of malicious apps
When 21 rogue apps started siphoning off identifying information from Android phones and installing security holes, Google yanked the lot from Android Market, and called the authorities to boot. But what of the 50,000 copies already downloaded by unwitting users? That’s what Google’s dealing with this week, by utilizing Android’s remote kill switch to delete them over the air. But that’s not all, because this time the company isn’t just removing offending packages, but also installing new code. The “Android Market Security Tool March 2011” will be remotely added to affected handsets to undo the exploit and keep it from sending your data out, as well as make you wonder just how much remote control Google has over our phones. Yes, we welcome our new Search Engine overlords and all that, so long as they’ve got our best interests at heart, but there’s a certain irony in Google removing a backdoor exploit by using a backdoor exploit of its own — even one that (in this case) will email you to report what it’s done.
While it is good that Google can do this, it is a little disconcerting that they can. One can only hope that they continue to be good players in all of this.
Having backdoors often make it easier for miscreants to enter unawares.