Amazon may be trying to challenge the Android market with its recently launched Android Appstore but the application marketplace faces a major security hurdle, especially for novice owners. Android is designed from its core to support the Android Market and is set to prevent the installation of applications obtained outside the official market. This restriction can be toggled on and off in the settings on most Android handsets, except for those on AT&T which removes this option. This restriction was put into place to prevent users from installing malicious applications which may steal information and compromise a user’s handset.
The Amazon Appstore exists outside the official Market and requires users to open their handset to third party application markets. When installing the Amazon Appstore on a handset, owners must deliberately turn off Android’s built-in protective measure. For advanced users, this is not a problem as they are savvy enough to turn this security measure back on and restore the handset to its original, secure state when they no longer wish to use the Amazon Appstore. These savvy users also know how to prevent their handset from being compromised in the first place by avoiding apps with an unknown or suspicious origin.
Novice users may overlook this setting and continue to use their Android handset with the ability to install any application on their phone. This always-on setting opens up a handset to potential attack. It is possible that malicious emails or instant messages may be used to trick the handset owner into installing an application that unknowingly scrapes their data and compromises their handset.
Unless Amazon can work out a deal with Google to include native support for its Appstore, the online retailer’s effort in the app marketplace may be mixed. Amazon may rake in some dough but it sets itself up for a bad reputation if a group of inexperienced users end up compromising their handset after they install this third-party Appstore.
[Via The Anywhere Blog]