In the most recent thread on banking technology and how it goes catastrophically wrong, Dave Bell linked to an article in The Register about the possibility of an Android spam botnet. Interesting stuff.
Terry Zink, who blogs about cyber security on the Microsoft Developers’ Network, posted an entry entitled Spam from an Android botnet. He writes that, based on the header and footer information from spam sent from compromised Yahoo! accounts, he suspects that there’s a botnet running on Android mobile devices.
Geo-location of the IP addresses points to phones in Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela. As Zink says:
I’ve written in the past that Android has the most malware compared to other smartphone platforms, but your odds of downloading and installing a malicious Android app is pretty low if you get it from the Android Marketplace. But if you get it from some guy in a back alley on the Internet, the odds go way up.
I’ve also written that users in the developed world usually have better security practices and fewer malware infections than users in the developing world. Where are almost all of those countries in the list above? Mostly in the developing world.
The Reg article prints Google’s denial, suggesting that the headers and footers have been altered, and that the botnet is really run from PC’s. Zink says he considered that possibility, but finds the Android botnet explanation more plausible.
But before those of us with iOS devices get too smug, let’s remember that a walled garden doesn’t so much prevent problems as monopolize the industry of problem provision. Because the other mobile-app story from the last few days is on Apple devices, and comes via Instapaper’s Marco Arment. He released a new version of his app on July 4, and it didn’t go so well.
Last night, within minutes of Apple approving the Instapaper 4.2.3 update, I was deluged by support email and Twitter messages from customers saying that it crashed immediately on launch, even with a clean install.
Arment’s team had tested the app. Apple had tested the app. But the app that people were downloading was crashing on launch. It took a couple of hours (during which time Arment garnered a lot of one-star reviews from his keenest users) for a working binary to be available on Apple’s servers.
And Instapaper wasn’t unique. Arment named 114 apps with the same problem before he quit keeping the list up to date, having proven that it was a pattern. Goodreader was also affected, and also blogged about the issue. Yet another prominent victim was the Angry Birds franchise, so this is visible to the casual app-user community as well as the iOS power users.
According to the Guardian, Apple have acknowledged and fixed the problem today (July 6). They’ve also deleted the one-star reviews.
In a statement, Apple said: “We had a temporary issue that began yesterday with a server that generated DRM code for some apps being downloaded, it affected a small number of users. The issue has been rectified and we don’t expect it to occur again. Users who experienced an issue launching an app caused by this server bug can delete the affected app and re-download it.”
Arment disputes the characterization of “a small number of users”, and that the problem arose on July 5. So there’s still some truth yet to come out.
And users with in-app data will be reluctant to delete and reinstall, since they’ll lose their data if they do so. (Apple have apparently reset the update flag on the damaged apps now, so that users can dowload working versions and not lose their data.) (Goodreader’s blog entry explains how to get around the issue with their app.)
Without wanting to be seen to be obsessed about that Economist article, I’d just point out that the much-lauded “pay with your mobile phone” revolution will work a lot better after we get serious and clear-minded about the risks of these computers we’re carrying around and depending on. That includes finding ways to ensure that the software on them is genuinely reliable.