Full FeedHow Google and T-Mobile plan to protect the network from malicious apps
When Apple introduced its App Store, many were angered by their decision to make the store a closed universe. They cited security concerns and they did not want AT&T’s network to be damaged due to a rogue application.
T-Mobile’s G1 Android phone pushes “open” as one its huge selling points. How do Google and T-Mobile create a safe environment with all this openness? I did some digging and found some answers.
How do you protect the network?
The question: “How do you protect your network if someone has created a malicious application that is eating up all your bandwidth? If some dummy downloads a ‘Dancing Bear’ application and it turns out to be a spambot, what will T-Mobile or Google do?”
T-Mobile’s Response
When I asked one T-Mobile person involved in network engineering, I was brought to another person for an answer. The second person thought it was a good question. That’s when we started talking to third T-Mobile guy.
Third T-Mobile fellow let me know that T-Mobile will be able to monitor your usage using technologies they already use in determining how data you use. I mentioned how the people who will be hit are probably not going to using their own account to make a spambot.
He understood the point and said that T-Mobile could use its monitoring to stop the application. How exactly this stopping would happen was not fully explained. T-Mobile could also pull the application from the market to avoid repetition. They directed me to the Google folks.
Google’s Response
Speaking to Google, I could tell they had thought this out for a while. The Google representative was quite confident that they had the proper solutions in place.
Each application must tell the Google Market what APIs and resources it will use. If you download “Dancing Bear” and it turns out that it wants to use your address book, you may get suspicious. I was also told that each application is separate from others unless they are signed with a particular code that enables them to work together.
If you download separate apps, they cannot secretly work together to create some kind of evil Voltron and wreak havoc. Google is trying to make sure no one can sneak a malicious application into the marketplace.
I tested out an installation of an application. If you tap install, you are given a notification of what resources the application wants to use. The application I was using was going to change the appearance of parts of the system. That’s exactly what the notification told me—this will modify system settings and images. The notification is pretty much in plain English and does not feature any weird “Application will use API Resource Parameter #7867 Alpha” kind of messages.
The rep and I tried to find an application that requested multiple permissions, but we couldn’t find any. He remembered that the applications on the server for the demo did not have any of the less-baked applications that require permission to play with multiple APIs.
Sounds like a challenge to me.
Google’s foray into an operating system opens them up to the same challenges that Microsoft and Apple have faced for a long time. Someone will try to bust your system—even if it is just for fun, someone will try.
Keep up with the latest gadget goodness! - 
Subscribe to our feed
Macworld 2010
"Apple may not be at Macworld 2010, but Appletell is, bringing you news, photos and videos directly from the show floor and special events. Join us February 10-14 to see what new products 2010 has in store for Macintosh, iPhone, iPod and iPad (yes, iPad) owners."
Palm Pre Information & Updates
Palm just introduced their next-gen smartphone, the Palm Pre, and next-gen operating system, Palm webOS. Gadgetell's got the latest Pre and webOS information and news for you right here.
I’m still curious how they plan to handle the fact that different Android phone makers don’t have to all use the same specifications (they can use different hardware capabilities or features). Thus, unlike the iPhone where all apps are compatible…they might end up having different Android phones that can’t work together when it comes to the applications. Has there been any mention of how they will be overcoming difficulties because of this?
on September 23, 2008 at 04:20 PM - LINKSince this is the first Android phone, there was no mention of different hardware causing issues yet. I get you—how exactly can an Android application take advantage of all kinds of different hardware? Maybe not all applications will run on all phones. It very much is a computer that is a phone. Not all apps can run on every computer, either.
on September 23, 2008 at 04:28 PM - LINKWhat worries me here is that the article suggest that T-Mobile does not know how apps on the Andriod will function and referred you to Google. When users start to use these phone and have problems that are software related will they be told to call a Google support line?
on September 24, 2008 at 11:43 AM - LINKKhurt -
I kind of got that feeling when I spoke to 2/3 of the T-Mobile guys.
Since they are the PR guys and not necessarily the technology guys, they might not have been aware of the solutions at the announcement.
I would imagine that Google will prep the T-Mobile folks more and more before the official launch in Ocotober. Let’s see how this goes.
on September 24, 2008 at 11:48 AM - LINK