Popular wallpaper apps deemed safe, Google says

Bad Wallpaper App

The developer of a series of Android wallpaper apps whose work was called into question last week over security concerns has been cleared by Google and is back in the Android Market.

We're only a week removed from the Android security saga that began at the Black Hat conference, and it looks like we have resolution that should put some of your fears at ease. It all started when Kevin MaHaffey, CTO of security firm Lookout, singled out Android wallpaper app developer "jackeey,wallpaper" and called it "a questionable Android mobile wallpaper app that collects your personal data and sends it to a mysterious site in China, (and) has been downloaded millions of times." VentureBeat was there and ran with the story, under the scary headline "Android wallpaper app that takes your data was downloaded by millions."

Later that day, Lookout amended its initial concerns, saying "there is no evidence of malicious behavior," though the data the apps were collected remained "suspicious." VentureBeat updated its story, which by this time was spreading like wildfire.

We contacted the developer, who explained that the data was collected "so I use the these to identify the device, so they can favorite the wallpapers more conveniently, and resume his favorites after system resetting or changing the phone." In other words, to remember user preferences. We published the developer's response in its entirety last Thursday.

That brings us to today. Google stepped in and took a look at things. And it found that indeed the apps weren't malicious or a threat to security, telling Computer World's JR Raphael "The developer's applications have been reviewed and the suspension has been lifted." The Android team did, however, point out to the developer that the method in which it was storing user preferences was unnecessary.

So in the end, this was a case of bad coding, not malicious intent. What can be done about this in the future? It'd be great if there were some sort of system to inspect apps before they hit the Market. Maybe not with walls as high as the app store, but something to check basic security and functionality up front. We're all about the Android Market being open to all. But with Android and the Android Market growing as quickly as they are, caveat emptor may not be the best policy any more. [Venture Beat, Computer World]

Phil Nickinson