Google uses remote delete to remove Android apps from smartphones - Update

Google has, for the first time, used the "Remote Application Removal" security feature implemented in Android to remove apps from users' smartphones. The two applications in question were created by Jon Oberheide to demonstrate how easy it is to inject malicious applications into Android smartphones and jailbroken iPhones.

Although the researcher had removed the applications from the Android Market, some users still had the apps installed on their phones, prompting Google to delete them remotely. In such cases users are notified that the deletion will occur. Google points out that the removed applications didn't cause any damage, having been designed to show how easy it was to infect smartphones rather than to cause any malicious infection.

Other mobile device vendors also reserve the option for remote deletion and some have even exercised this option. In mid 2009, Amazon deleted the Kindle eBooks "1984" and "Animal Farm" by George Orwell, because the vendor in question wasn't licensed to distribute them. After a flurry of protests, Amazon promised that it would avoid such deletions in the future. Apple is also capable of remote deletion of installed applications from iPhones, but has not made use of this option so far.

Originally, Google developed the remote deletion feature to prevent the spreading of real malware and protect users. The vendor hopes that the option will never be needed on a large scale.

Android does incorporate security features; it offers a sophisticated rights management system that allows users to determine which applications are allowed access to which functions and resources. During installation, an application must request permission to access such components as the GPS module, the calendar or the SMS text feature.

Smartphone security vendor SMobile has analysed about 48,000 applications offered at the Android Market for their requested access rights to establish whether there are any signs of malicious behaviour. However, it's almost impossible to tell whether an app is malicious or useful just by looking at the rights it requests, requests such as for access to the address book, to the calendar or to the password memory. Interestingly, a total of nine applications, of those examined on the Market, request permission to completely disable an Android smartphone (android.permission.BRICK).

Correction: An earlier version of this story incorrectly identified the author of the applications. Oberheide has detailed what the applications did and discusses how they were removed from the phones in a blog posting.

(crve)