Summary: New case of disinformation about Google’s Linux-based mobile platform; other noteworthy cases of FUD
Android Wallpaper Apps Falsely Accused of Spyware and Stealing Sensitive User Data [FUD]
Wow! A recent VentureBeat article put the blogosphere and smartphone industry on its heels when a reported score of wallpaper Android apps were accused of being malicious. The wallpaper apps created by “jackeey,wallpaper” and “IceskYsl@1sters!” are indeed the same developer under separate accounts, and accused of sending private sensitive user data to servers in China to a website www.imnet.us. The worse part about all of this is no one, I mean no one fact checked accurately. VentureBeat, The Wall Street Journal, CNET, Yahoo! News, Fast Company, Fortune, PC World, Computerworld, Gizmodo, AppleInsider, etc. the list goes on and on and everybody jumped the gun in reporting the issue. No one asked the developer about it nor really looked into the methods Lookout used in building it’s report called the App Genome Project.
There are also reports like “That Cute Android Wallpaper May Be Sending Your Data to China” (which blames the application, not Google).
What’s a nice app like “My Little Pony” doing in Shenzhen? Delivering the personal information of millions of Android users to a mysterious website, that’s what. The App Genome Project has found that a large proportion of mobile apps — not just this one — contain third-party code with the ability to interact with sensitive data in a way that may not be apparent to users or developers, but their intentions may not be malicious.
We ought to watch out for FUD that confuses the platform and the binaries that run separately on top of it. There are snakes in the grass. Speaking of which, two Microsoft partners/proponents (Mitchell Ashley in particular) still run IDG’s “open source” show; yes, it’s just them two supposedly representing “open source”. We also warned about it two weeks ago. Their latest episode is about Suricata and for some background see this article (“Snort Creator Slams Open Source IDS Suricata”:
Martin Roesch, the creator of Snort, by some accounts the world’s most-used intrusion detection system (IDS), recently launched a war of words against Suricata, the new open source IDS.
Furthermore, he disputed the Sourcefire performance tests. “Those stats are ridiculous, and they refuse to publish” details of the equipment and configuration used, said Jonkman. “We know that we’re not, right now, cycle for cycle, faster than Snort … but we’re getting six times the performance as Snort on the same hardware, with version 1.0.” Version 1.01 was released yesterday.
It sure seems like some FUD is making the rounds here. █