Do you have an Android phone? Do you buy apps from Amazon? Security vulnerability!

Mar. 26th, 2011 11:44 am
thewayne: (Default)
[personal profile] thewayne
Amazon requires that your phone be set to allow apps from untrusted sources, which can open your phone to exploits. Google's app store does more inspecting, but is still not invulnerable. Amazon won't consciously allow compromised apps through, but you never know. And Amazon doesn't have a remote kill switch to remove installed apps that are found to be compromised like Google does.

http://www.wired.com/gadgetlab/2011/03/amazon-app-store-security/
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2011-03-26 10:58 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Maybe it's just me, but I thought one of the things you were supposed to do when you roll a product out is to make sure that it is actually secure and only does the things you want it to do. Am I missing something?

Date: 2011-03-27 04:10 am (UTC)
From: [identity profile] thewayne.livejournal.com
I'm not sure. It's possible that Amazon wasn't considering others running app stores, they were anticipating a monoculture like the iTunes Store, and Amazon's store doesn't measure up?

Date: 2011-03-28 04:12 am (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Huh. Well, if that's waht they wanted, they should have released the Kindlephone and gone that way.

Date: 2011-03-28 05:12 am (UTC)
From: [identity profile] thewayne.livejournal.com
The Android is a peculiar beast. They claim it's F/OSS, but it is only 'sorta'. You have full access to the code, but part of the F/OSS ethos is that you're allowed to post fixes and improvements back in to the original repository. Google doesn't allow that, you can examine the code and write new stuff but you can't directly apply fixes. So it's kinda neither fish nor fowl.

Not really apropos of what you were saying, I just needed to say this.

The iOS model is totally closed, but the Android model is not totally open, contrary to popular belief. Part of this, I'm sure, is because the code deals with cellular radios, and that part needs to be uber-tightly controlled.

Life is weird.

Date: 2011-03-28 06:06 am (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
True. It's a partially black box - and I would think that Google has a manner that bugfixes and the like can be submitted back to them for inclusion in the next fix / release. Not that they'll necessarily take them and acknowledge it, but there should be such a manner.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

June 2025

S M T W T F S
123456 7
891011121314
15161718192021
22232425262728
2930     

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 10th, 2025 01:41 am
Powered by Dreamwidth Studios