By Ondrej Krehel, Identity Theft 911

is a regular morning stop for consumer tech news and I can’t stop thinking about its recent posts on the .

It all started when Google from the Android Market, the app store for the Google smartphone OS. It later came out that there were 56 malicious apps affecting at least 260,000 users. The apps were up to all kinds of no good, including uploading phone information to third parties and setting up backdoors so new software can be remotely installed.

Then Google flipped the kill switch.

This company-installed backdoor—Apple and Microsoft phones have them, too—allowed Google to remotely access its users’ phones and delete the offending apps. It went one step further by installing a new security patch. Think of it as an auto-update and auto-delete, over which you have no control.

Good for Google, keeping its customers safe and all, but still it kind of makes me want to take a shower. There’s something just plain creepy about a computer service provider stepping in and doing the dirty work for you. Exploiting a backdoor to patch a backdoor seems too much like fighting fire with fire. Eventually someone might get burned.

Ondrej Krehel, Chief Information Security Officer,
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.

Image: , via

Leave a Reply