Hasta La Gadget!

It’s a common problem, really. You crack open your app haven of choice, stumble around for a few moments, and back out in frustration — it’s yet another round of Angry Birds instead of toying with something new. If Yahoo has its way, said scenario will no longer be a part of your routine, with the company’s App Search wizardry aiming to nix the guesswork so often associated with finding the proverbial needle in the haystack. It’ll be available on the PC (and momentarily, for iPhone and Android platforms), and will differ from those other app search alternatives by providing an all-in-one place that combines description, price, overall star rating from users, and screenshots. It’ll also pester you with daily, personalized recommendations of the iPhone and Android apps you should consider based on the apps you’ve downloaded, but only if you’re into that kind of thing. Head on past the break for the full spill, and feel free to Ctrl+F for the good stuff.

Continue reading Yahoo App Search, AppSpot make sense of App Store and Android Market

Yahoo App Search, AppSpot make sense of App Store and Android Market originally appeared on Engadget on Thu, 16 Jun 2011 02:00:00 EDT. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

Researchers spotted a number of malicious applications on the Android Market. (Photo: Jim Merithew/Wired.com)

Google recently removed at least 10 applications from the Android Market, all of which contained malicious code disguised as add-ons to one of the most popular apps of all time.

Each of the removed apps posed as a cheat or an add-on to Angry Birds, the much-lauded mobile application created by Finnish game development studio Rovio.

A number of the apps in question contained a spyware program called Plankton, which connects to a remote server and uploads phone information like the IMEI number, browser bookmarks and browsing history.

“Market descriptions for these apps included the statement ‘brought to you free sponsored by Choopcheec Platform,’” Lookout Security spokesperson Alicia diVittorio told Wired.com. “[They include] a link to an EULA that does seem to accurately describe the behavior observed to date. We do not see these as desirable behaviors and classify it as Spyware.”

Xuxian Jiang, an assistant professor of computer science at North Carolina State University, initially discovered the malicious applications last week, and reported them to Google on June 5. Google suspended the questionable applications the same day, “pending further investigation.”

Jiang found malicious programs other than Plankton in his research. YZHCSMS, for example, is a Trojan horse virus that jacks up your phone bill by sending large amounts of SMS messages to premium numbers. Jiang says apps containing the virus were available on the Android Market for at least three months before Google pulled them.

Jiang found a similar application, DroidKungFu, circulating Chinese application markets before YZHCSMS made its way to the Android Market. “DroidKungFu can collect various information about the infected phone, including the IMEI number, phone model and Android OS version,” according to a Lookout Security blog post.

For many app developers, the Android Market offers a freedom not found in other application retail outlets. Unlike Apple’s strict application review process, apps submitted to the Android Market are published almost instantaneously. Many appreciate the freedom given to push programs out to the public at such a speed.

However, the Android Market’s app submission process comes at a cost. Google’s lack of vetting applications lends the Market to security vulnerabilities like these. Google mostly relies on a self-policing community — including researchers like Jiang — to spot offending apps, which means malware can sit in the market for months before someone spots it.

With a relatively open submission process like Android’s, this obviously isn’t Google’s first run-in with malicious app removals. Google pulled nearly two dozen malware-infected applications in early March, but not before close to 200,000 downloads occurred.

Going outside of the official Android Market for apps can be even riskier. Because users are able to download applications from alternative app markets — a feature unavailable to iPhone users — many have popped up over the past two years. Without Google’s moderation capabilities in these outside markets, users are more susceptible to downloading malicious apps. A Trojan with “botnet-like capabilities” popped up in early April, for example, highlighting the risk in going to alternative markets for applications.

Google has already made some tough moves to tackle fragmentation, but it’s clearly still wary of the problem. It’s just tweaked the Android Market web store to show users which apps are compatible with which of their gadgets. Of course, compatibility screening was already in place for users who accessed the Market from within their device, but this update should still be of use to those who surf the web store, especially if they’re rocking multiple handsets or a phone-plus-tablet combo.

Android Market web store now checks which apps are compatible with your devices originally appeared on Engadget on Fri, 10 Jun 2011 06:27:00 EDT. Please see our terms for use of feeds.

Permalink Android Central  |   | Email this | Comments

Ideally, we’d do our smartphone software shopping free from the specter of malicious apps masquerading as useful ones. This past weekend, however, 26 apps in the Android Market were discovered to be packing pernicious code called Droid Dream Light. Apparently, the dastardly devs who made the malware took existing apps and modified them to send details (including IMEI and IMSI info) about the infected handset to a remote server upon receiving a call. The code can also download and cue new package installations, but it needs user approval to do so. Google promptly pulled the offending apps, but their appearance serves as another reminder to be careful when downloading software on your smartphone — prudence demands minding your app permissions, lest your little green bot start stealing your personal info.

More malware in the Android Market: Google removes 26 deleterious app doppelgangers originally appeared on Engadget on Wed, 01 Jun 2011 18:19:00 EDT. Please see our terms for use of feeds.

Permalink The Inquirer  |  The Lookout Blog  | Email this | Comments

If you’re an Android gamer, chances are you’ve heard of Nesoid, Snesoid, Gensoid, N64oid, Ataroid, Gearoid and Gameboid: they’re all video game console emulators developed by yongzh, and many ranked among the most popular paid apps on the Android Market. This week, they’ve got something else in common, too — they’ve all been abruptly removed. Following a complaint from Sega, two emulators were nixed late last month, but we’re hearing that Google has since revoked yongzh’s developer privileges, just like PSX4Droid comrade-in-arms ZodTTD. We’re currently reaching out to both yongzh and Google for comment, and hope to hear back soon, but it’s looking like a bleak week for the emulation community.

Update: We got in touch with yongzh (or Yong Zhang, as he’s known in real life) to discuss the matter, and he confirms that his developer account has been removed and his apps pulled without warning — cutting off his primary source of income and leaving him with an inbox stuffed with worried email from customers. He has, however, already migrated a number of emulators to third-party app store SlideME, where they’ll be free for a while, allowing existing customers to get updates without paying a second time, and likely helping a number of new individuals to mooch off his troubles. He’s not too optimistic about his prospects at SlideME, though.

Android Market’s most popular emulators disappear without a trace (update) originally appeared on Engadget on Sun, 29 May 2011 12:10:00 EDT. Please see our terms for use of feeds.

Permalink   |  yongzh (Android Market)  | Email this | Comments