Hasta La Gadget!

Android users who go outside the official Android Market must be careful which apps they install. Photo (of an HTC Droid Eris) by Jon Snyder/Wired.com

Android enthusiasts have long championed Google’s “open” philosophy towards the smartphone platform. The recent appearance of a new Trojan horse in unofficial Android app venues, however, may cause users to think twice about how open they want the platform to be.

The app in question, Android.Walkinwat, appears to be a free, pirated version of another app, “Walk and Text.” The real version is available for purchase in Google’s official Android Market for a low price ($1.54).

If you download the fake app (from unofficial markets for Android apps) and install it, it redirects you to the actual app on the Android marketplace — but in the background, it sends the following embarrassing SMS message to your entire phone book:

Hey,just downlaoded [sic] a pirated app off the internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck. Dont steal like I did!

Egregious spelling and grammatical errors aside, the text message serves as a reminder of the risks to those willing to go outside of the official Market for apps.

“Someone downloaded the app, inserted their malware, and uploaded it onto other non-official marketplaces,” Symantec mobile team product manager John Engels told Wired.com in an interview.

In other words, if you go outside the official Market, things may not be what they seem, and there’s no guarantee that what you download is what you actually want.

Google maintains clear content policies on all apps that are uploaded to the official Android Market, and developers know well enough in advance what those policies are, and how not to break them. Whenever an app in clear violation of Google’s policies shows up in the Market — like, say, a piece of malware — Google’s Android engineers are often quick to quash it.

But if you’re not one for pesky rules and regulations and want to see what the non-Google-sanctioned markets have to offer, all it takes to access them on an Android device is for you to uncheck a box on a settings page, allowing your phone to install apps from “unknown sources.”

To a certain degree, this isn’t a huge issue for the novice user. Many outside applications are hosted on file sharing websites that users like your grandmother probably aren’t frequenting. And unless they’ve tried to install these outside applications by sideloading them, they’ve probably never unchecked the unknown source’s permissions box to begin with.

But last week’s debut of Amazon’s new App Store may have changed that. In order to install Amazon’s App Store on an Android device, you first must uncheck that permissions box. While there may be no immediate risks associated with downloading apps from Amazon’s App Store, it opens the door for users to allow other unofficial — and therefore riskier — apps to be installed on their devices, from other sources.

“As soon as you flip that switch and go away from the Android Market, which is the one place where most people go, then you are putting yourself at some risk,” security researcher Charlie Miller told Wired in a previous interview.

“The threat will persist so long as people continue to download pirated software from peer-to-peer networks,” Webroot threat research analysts Armando Orozco and Andrew Brandt told Wired.com.

They say sticking to the Android Market is your safest bet, but if you’re still compelled to go outside the official box for your apps, whether it be to Amazon’s App Store or another unofficial market, you should “scrutinize the permissions the App requests, and don’t install it if it wants access to certain functions (like the ability to send SMS messages) that the app shouldn’t need to access.”

But doesn’t staying within the confines of the Android Market defeat the purpose of choosing a platform with such an “open” philosophy? If you want a stricter, closed system with stringent regulation on its apps via a review process, you might as well buy an iPhone.

“Android users enabling sideloading doesn’t necessarily lead to piracy or installation of apps from unsafe sources,” says Alicia diVittorio, a spokewoman for Lookout Mobile Security. “In fact, it’s great to have another source for consumers to download apps from a reputable brand like Amazon.”

Indeed, Amazon’s Appstore isn’t a great deal different from Apple’s App Store: Both companies require an intense review and approval process before making any developer’s submitted applications available for purchase.

Essentially, there’s an inherent risk that comes with downloading apps for a device with an attitude of openness like the Android. Even the official Market is susceptible to infiltration by malware, as evidenced by the swath of malicious apps pulled from the store earlier this month.

But in a relatively free and open domain such as Android’s, the risk remains the price of admission.

See Also:

• Google Launches Android Market Web Store, Improves Payment System …
• Google Pulls PlayStation Emulator From Android Market
• Your Froyo Tablet Probably Won’t Support Android Market
• Google Removes Flash App From Android Market
• Android Market Apps Hit With Malware
• Independent App Stores Take On Google’s Android Market

Tired of Intel’s Core i5 taking a beating on your X-Slim X360‘s battery life? Join the crowd. For those less concerned with playing Crysis 2 and more concerned with a solid overall machine, MSI’s new X370 looks to strike a lovely balance. The 13.4-inch ultraportable gets a 1366 x 768 resolution display, AMD’s hot-off-of-the-presses Zacate E-350 APU, Radeon HD 6310 graphics, HDMI / VGA outputs, a pair of USB 2.0 ports, an internal card reader, 802.11b/g/n WiFi, Bluetooth 2.1+EDR, gigabit Ethernet, a 1.3 megapixel camera and (nearly) as much DDR3 memory as you can stuff into it. You’ll also get a 320/500/640GB hard drive, a 4- or 8-cell battery and a chassis that weighs 3.08 pounds with the smaller of the two cells. Naturally, Windows 7 (64-bit) is the OS of choice, but the company’s stopping short of providing a hard price or release date — here’s hoping it falls somewhere between “cheap” and “price mistake.”

MSI slips AMD’s Fusion into 13-inch X370 ultraportable, hopes you’ll notice originally appeared on Engadget on Fri, 01 Apr 2011 10:42:00 EDT. Please see our terms for use of feeds.

Permalink Hot Hardware  |  MSI  | Email this | Comments

Oh, sure, it was easy to pick on Apple for all those frustrating App Store rejections over the years, but Google’s had its own run-ins with apps being pulled under unfortunate circumstances, and now it’s time for WP7 users to get a taste. Microsoft has pulled is thinking about pulling Imagewind from the Windows Phone Marketplace, an app that basically pulls random images en masse from the Twitter-stream, splaying them all over your touchscreen. MS indicated that, without some sort of filter to weed out seedy images, the app has to go. Somewhat curiously it’s actually been chilling in the Marketplace since March 3rd, and it was only upon reviewing a recent update that someone in Redmond said “Hey, waitaminute!” Imagewind is now gone and honestly we can’t say that its rejection is completely arbitrary — displaying all images the all the time is not necessarily a good thing for sensitive eyes — but it still stings, doesn’t it?

Update: We got a note from Roger at Smarty Pants Coding to let us know that he’s received a “grace period” for the app. It’s still available for download, but it could be a limited time thing…

Update 2: Another note from Roger. The stay of execution has been… unstayed. The app is no more. Break out the trumpets.

Microsoft removes Imagewind from Marketplace, WP7 gets first bitter taste of rejection originally appeared on Engadget on Fri, 01 Apr 2011 10:17:00 EDT. Please see our terms for use of feeds.

Permalink Neowin.net  |  Smarty Pants Coding  | Email this | Comments

Even tiny robot hands have to have some fun sometimes–albeit of the tiny variety. The da Vinci surgical robot has taken some time out from its busy schedule of performing remote surgery demos to handcraft a little bit of simple origami. In order to show off the ‘bot’s true skills, Jim Porter, a surgeon based out of Seattle has used da Vinci to craft a paper airplane that’s less than the size of a penny.

The world’s most adored across-the-pond mobile retailer has just received its first batch of LG superphones, a gem by the name of Optimus 2X. As you well know by now, the company’s playing this up as the planet’s first dual-core smartphone, and while we’d hoped that the Tegra 2-based device would be everywhere by now, at least it’s sticking to its scheduled release date over in Europe. Those interested in picking one up can get a SIM-free version headed their way for £449.99, while a free-on-contract affair can be had with T-Mobile, Vodafone and a host of others. Your credit card’s been awful naughty of late — dish out a little punishment by visiting the source link below.

[Thanks, Robert]

LG’s dual-core Optimus 2X superphone now available from Expansys originally appeared on Engadget on Fri, 01 Apr 2011 09:29:00 EDT. Please see our terms for use of feeds.

Permalink   |  Expansys  | Email this | Comments