Google Has An Android Kill Switch

Posted Jun 25, 2010

Google Inc. (NASDAQ:GOOG) had removed a phony Twilight-related application from any Android mobile phone that downloaded it using a “kill switch.” In a talk at the SummerCon event, security researcher Jon Oberheide created a pair of Android applications to show how easy it is to infect a large number of phones that run on the Android OS.  Jon used hidden software that turns devices into a “botnet” through a fake Twilight Eclipse that promises pictures from the upcoming movie.

Android security lead Rich Cannings used a “remote application removal” option, or “kill switch” for the Android Market for the first time to remove the application.  The fake Twilight Eclipse botnet applications were mostly deleted by the 300 people that downloaded it, not finding what they were looking for.

What makes Oberheide’s case interesting is that he proved Android needs more scrutiny.  If the fake Twilight app had pictures in it, then Android users would not delete it.  And if he did not discuss the Android vulnerability at the SummerCon event, Google would not use their “kill switch.”