[liberationtech] Fwd: Android apps used by millions vulnerable to password, e-mail theft

[Scott Elcomb]

On Mon, Oct 22, 2012 at 12:00 PM, Yishay Mor <yishaym at gmail.com> wrote:
<snip>
> Their research paper didn't identify the programs, except to say they have been downloaded from 39.5 million and 185 million times, based on Google statistics

Just one quick comment: Assuming one download per person, the
researchers are leaving tens-to-hundreds of millions of consumers open
to abuse.  In a free market, poor products should be punished.  As
consumers, we should know which products are affected so that we can
remove them from our device(s) until the problems are fixed.

There is no indication that the researchers have or will attempt to
contact the affected app's authors*; allowing consumers to continue to
use these products is ethically reprehensible, IMHO.

* I'm unable to read the actual paper; the link provided returns a
simple "Access Denied" message.

Best regards,
--
  Scott Elcomb
  @psema4 on Twitter / Identi.ca / Github & more

  Atomic OS: Self Contained Microsystems
  http://code.google.com/p/atomos/

  Member of the Pirate Party of Canada
  http://www.pirateparty.ca/