We've talked a lot in the past about the rather large number of security risks that have existed on Android, and Google's Play Store in particular. While part of the reason that so much bad can happen on Android is due to its openness, something I appreciate a lot, Google still takes security and privacy on its platform extremely seriously. In fact, company chairman Eric Schmidt adamantly said last year that despite all of the malware on Android, the OS is still a more secure than iOS.
I'm sure that point can be debated for a while, but what's hard to argue is the fact that Google's already put many protections in place. People can't install out-of-market apps by default, for example, and scanners introduced last year add an extra layer of protection in case people do install out-of-market apps. Well, that's all fine and good, but what about the apps in the official marketplace? As it happens, those can still prove to be a real risk, at least on the privacy front.
Tiny Flashlight+LED Has Been Downloaded At Least 100 Million Times
If you've ever downloaded a free flashlight app, for example, you might want to pay attention. Security expert Gary Miliefsky, president and founder of SnoopWall, has found that many flashlight apps are not too honest. While some are mentioned by name, it's not explicity stated that they're the ones at fault. Tiny Flashlight+LED, for example, is one that's mentioned, but its developer at the link below has said that his app does not spy on anyone.
Nonetheless, the guilty apps are common enough that Gary's gone ahead and advised the US government on the issue. Here's where the real problem may lay: It seems that a lot of these apps are not exactly breaking any laws here. If you delve into their terms and conditions, you'll find out what apps will spy on you. But who reads those?
SnoopWall's Privacy Flashlight Promises To Not Spy On You
Gary says, "We’ve all become victims of installing many apps on our smartphones and tablets that do much more than the service they should provide. We have opened a Pandora’s Box to online predators, cyber criminals and spies – all through these apps we foolishly trust."
As Gary's company is responsible for some privacy-centric apps, his coming forward with this information likely has two goals: Clue us in, and promote his apps. Interestingly enough, SnoopWall offers an app called 'Privacy Flashlight', dubbed "The only one you should trust to light your way." To date, that app has received over 10,000 installs - a far cry to the hundreds of millions of downloads the other flashlight apps have received.
Once again, it's important to know what you're installing, and what risks you're being opened up to. Google's done a great job with Android security and privacy up to this point, but it needs to do more. It shouldn't be so easy for developers to sneak information out of people's devices, and I am not sure the blame can realistically be placed on the users when the app comes from an official source.