The December 2022 issue of IEEE Spectrum is here!

Close bar

Imagine someone going to a nightclub. After being frisked by a bouncer at the door, he gets an ink stamp on the hand indicating that this person paid the cover charge and was vetted by security. What if the other patrons could be immediately imperiled if that person is allow to exit and reenter without being checked again? Something akin to that scenario has happened, but with Google Play as the venue and an Android app as the once-benign but subsequently nefarious partygoer. reported that researchers at Trustwave’s SpiderLabs discovered a security flaw that allowed them to introduce a cloaking program that kept Google’s malware detection, called Bouncer, from detecting updates to the app. The ethical hackers were able to update the app—an SMS blocker originally designed to allow a cellphone user to block text messages from specific phone numbers—11 times without Bouncer tossing the app from the Google Play Android marketplace.

According to the CNET article, none of the added functions contained in the updates had anything to do with blocking texts. In fact some of the updates modified the software so that it is capable of accessing data—including photos, contacts, call records, and the contents of text messages—on a handset. Other updates were even more nefarious, turning a handset into a zombie that automatically connects to a predetermined website to get instructions for participating in distributed denial-of-service attacks.

The researchers, who eventually removed the cloak, letting Bouncer detect the malicious code in a subsequent update, say they have alerted Google and will meet with Android researchers this week at the Black Hat and Defcon security conferences in Las Vegas. They will share the details of their hack in a session called “Adventures in Bouncerland.”

The Conversation (0)

Why the Internet Needs the InterPlanetary File System

Peer-to-peer file sharing would make the Internet far more efficient

12 min read
An illustration of a series
Carl De Torres

When the COVID-19 pandemic erupted in early 2020, the world made an unprecedented shift to remote work. As a precaution, some Internet providers scaled back service levels temporarily, although that probably wasn’t necessary for countries in Asia, Europe, and North America, which were generally able to cope with the surge in demand caused by people teleworking (and binge-watching Netflix). That’s because most of their networks were overprovisioned, with more capacity than they usually need. But in countries without the same level of investment in network infrastructure, the picture was less rosy: Internet service providers (ISPs) in South Africa and Venezuela, for instance, reported significant strain.

But is overprovisioning the only way to ensure resilience? We don’t think so. To understand the alternative approach we’re championing, though, you first need to recall how the Internet works.

Keep Reading ↓Show less