So the other day we discussed that the Android market is filled with apps that have vulnerabilities – things like the ability to make calls without your knowledge, get cozy with your personal info…the fun stuff. And earlier today Simmons praised Google for remotely wiping apps from end users devices (which were junk but not malicious) and which he took comfort in “knowing Google’s got [his] back.” OK so real malicious code stayed, crap app wiped. Anyway, Brandon Watson of MS addressed the benefits of a stringent Marketplace in a blog posting today. He notes:
What is being lost in this discussion is that there is no curation of the Android marketplace. For all the grumbling and grousing about the Apple AppStore, their review process would likely catch these abuses. There is no such level of certification for the Android marketplace. Customers don’t want to think about needing anti-spyware software for their phone, as the article implies is one solution for Android.
The Windows Phone Marketplace certainly believes in the curation model, and we have placed user security as a top priority. This is one of the main reasons that we have our app certification process, and why (UDPATE: “at least in version 1”) apps are run in sandboxes, with no access to any data other than its own isolated storage, or the ability to communicate with other apps.
So remote wiping is nice and all but what’s better is catching it before it’s on my phone and before there are vulnerabilities…Goog take a look around. You can learn from your friends.