The past week provides a stark reason for the displeasure. Researchers and security advocates have long directed the same criticism at Google’s process for reviewing Android apps before making them available in its Play marketplace. “As automated reviews are frequently missing malicious extensions and Google is very slow to react to reports (in fact, they rarely react at all), this leaves users in a very sad place,” Palant said. Google took a different approach by using an automated review process, which Firefox then copied. In the days before Chrome, when Firefox had a bigger piece of the browser share, real people reviewed extensions before making them available in the Mozilla marketplace. “I’m not a fan of Google’s approach,” extension developer and researcher Wladimir Palant wrote in an email. Google has removed many but not all of the malicious entries, the researchers said, but only after they were reported, and by then, they were on millions of devices-and possibly hundreds of millions. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from the company’s official marketplaces have included functions for snooping on user files, manipulating the contents of clipboards, and injecting deliberately unknown code into webpages.
No wonder Google is having trouble keeping up with policing its app store. Photo Illustration by Miguel Candela/SOPA Images/LightRocket via Getty Images reader comments 131 with
0 kommentar(er)
