ADOTAS – Last week, a smartphone security software firm released an inflammatory report suggesting that a fifth of the apps in the Android Market collect data that could be used for evildoing by evildoers. The media picked up on it, but failed to note (at first) that 1) apps need permission to access such data and 2) SMobile Systems had deep ties with AT&T, which you may have heard is the exclusive carrier of the iPhone and doesn’t offer any competitive Android phones.
Instead yelling “Smoke!” when there’s no fire, perhaps SMobile should be looking closer to home: Apple announced that Vietnam-based developer Thuat Nguyen had been booted from the App Store along with his apps after he took 42 of the top 50 rankings in the eBooks category over the holiday weekend — though most of them were spurious titles, and almost all in Vietnamese.
Apparently 400 iTunes accounts were hacked and used to buy Nguyen’s “works.” Though Apple said in a release that Nguyen had violated the developer license agreement “including fraudulent purchases,” the company is mum to admit actual fraud occurred.
“Developers do not receive any iTunes confidential customer data when an app is downloaded,” Apple made sure to comment.
Of course, that was followed by a paragraph telling users whose credit card numbers of iTunes passwords to call their financial institutions immediately. To further allay concerns, apparently Apple is going to ask for credit card CCV verification more often.
But how did Nguyen get into those 400 iTunes accounts? That may be a small percentage of iTunes accounts, but it certainly raises great security concerns. And while the App Store may have been breached this time, similar safety questions need to be examined regarding the Android Market.