Russia pulls alleged 'Svpeng' kingpin Russia's Ministry of the Interior has gone public about the March 24 arrest of a 25-year-old and four others it believes was the leader of a gang of cyber-scum behind the “Svpeng” money-draining malware. The Android malware is believed to have netted a near million-dollar haul within Russia alone (50 million rubles), hitting …
If google hadn't become so EVIL, then they would be taking stronger action to improve Android security. Here's an obvious idea:
SHOW US THE MONEY.
If the developer has a legitimate business model, then it is much more likely that the developer is not a crook. No, it's not a guarantee, but it's the most important data to know, and in some cases it could be pretty close to a guarantee.
Each app on the Google Play website should include a tab for "Financial Model", maybe they should just call it the "Money" tab. The developer gets to say his piece, perhaps by just selecting from one of the most popular financial models, and then the google would say their piece at the bottom, in a place where the developer can't mess with it.
Concrete example of what a developer might say: "This is a free trial version of the <foobar> service, which is doing extremely well."
Concrete example from the google: "We can confirm that the <foobar> service is making substantial revenue."
Of course the more details the developer is willing to divulge, the more basis we would have to decide how much we trust the developer, but even in this simplistic case, we would know that the developer has some legitimacy and would lose that "substantial revenue" if the software is discovered to be malware in disguise. Based on my experiences on Google Play, right now it is almost impossible to get any idea about an app's legitimacy or finances, even though most of them seem to be using minor variations of a few basic models...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
