Rasanya terjemahan salah dah, dugaan saya article nya yang ini:
http://androidandme.com/2010/06/news/google-can-giveth-apps-and-google-can-taketh-apps-away/
We’ve known that Google had the ability to remotely remove apps
obtained from the Market since before the G1 first hit users hands,
but until this week it had gone completely unused.
What apps were so dangerous that they caused Google to forcibly yank
them from users’ devices?
The early reports indicated that they were simply apps that did
nothing and while that is technically true it isn’t really the whole
story.
The apps in question were released into the Market by Jon Oberheide
from a security startup, Scio Security. One of the apps appeared in
the Market as a picture viewer with images from the soon to be
released Twilight Eclipse, but the real purpose of the app was to
expose what Oberheide deems to be a security flaw and that is the
ability to have an app retrieve new executable code without the users
permission once it is installed. Now in this instance Oberheide had no
intention of doing anything malicious, but obviously this concept
could potentially be exploited by less scrupulous folks.
Oberheide was contacted by Google after he spoke about his app at
SummerCon last week and was asked to remove the app from the Market,
which he did. While Google indicated that most users had already
removed the app — apparently it didn’t deliver what the Twilighters
were looking for — they went ahead and decided to make this a teaching
moment of their own by hitting the kill switch, also known as
“REMOVE_ASSET,” and thus pulled the app from anyone that hadn’t gotten
around to deleting it themselves. The notifications in the post image
are what a user sees when this happens on their device.
Google reported on their use of the feature and why it is a necessary
tool in their developer’s blog.
"The remote application removal feature is one of many security
controls Android possesses to help protect users from malicious
applications. In case of an emergency, a dangerous application could
be removed from active circulation in a rapid and scalable manner to
prevent further exposure to users. While we hope to not have to use
it, we know that we have the capability to take swift action on behalf
of users’ safety when needed.
This remote removal functionality — along with Android’s unique
Application Sandbox and Permissions model, Over-The-Air update system,
centralized Market, developer registrations, user-submitted ratings,
and application flagging — provides a powerful security advantage to
help protect Android users in our open environment" Rich
CanningsAndroid Security Lead
Interestingly Oberheide in looking further into the event found that
Google has a companion intent to “REMOVE_ASSET” named logically enough
“INTALL_ASSET.” While the reason for the former is readily apparent it
is a little less clear why Google would require the latter (perhaps
some of our more developer minded readers might have some ideas). If
you are interested in additional detail you can hit up the source link
below for Oberheide’s own blog post on the the whole incident.
Personally I’m fine with Google having this capability in the name of
security and they have probably earned our trust by implementing it
only once in nearly two years, but I’m curious to see if most Android
owners agree with me. Does it bother you that Google can either wipe
an app from or add an app to your phone as they see fit or do you find
it comforting that that they can close the flood gates on a potential
security threat if necessary?
On 27 June, 20:00, Afiadi S13RA <[email protected]> wrote:
> Kayaknya sih SOL
>
> Sent from my white spica with sinyal TELKOMSEL ya lumayanlah
>
> On Jun 27, 2010 7:32 PM, "syaifudin zuhri" <[email protected]> wrote:
>
> Gaya mikocok banget!
>
>
>
> > On 27 Jun 2010 14:07, "Suwanto Afiadi" <[email protected]> wrote:
>
> > om Agus sepertinya ed...
>
> > Agus Hamonangan wrote:
>
> > > INILAH.COM, Jakarta- Google pekan ini menghapus 2 aplikasi di ...
> > ...
>
> > "Indonesian Android Community [id-android]"
>
> Join:http://groups.google.com/group/id-android/subscri...
>
> --
> "Indonesian Android Community [id-android]"
>
> Join:http://groups.google.com/group/id-android...
--
"Indonesian Android Community [id-android]"
Join: http://groups.google.com/group/id-android/subscribe?hl=en-GB
Moderator: [email protected]
ID Android Developer: http://groups.google.com/group/id-android-dev
ID Android Surabaya: http://groups.google.com/group/id-android-sby
ID Android on FB: http://www.facebook.com/group.php?gid=112207700729
