An unauthorised app that lets Android users chat on Apple’s closed iMessage network is causing a big stir. It’s had viral downloads in the tens of thousands amid claims that it could be spreading malware; but the Chinese developer who developed the app tells us everything is cool.
[TechCrunch has opted not to include a link to the app page because of the security concerns]
It’s the latest security scare for Google’s popular mobile operating system, whose Play store in 2012 accounted for 79% of all smartphone malware – meanwhile Apple’s highly protected iOS App Store consisted of just .7% malicious apps.
While the controversial Android-based iMessage app has successfully bridged the messaging gap between the two disparate ecosystems, developer Jay Freeman discovered the app achieved this in a relatively insecure manner, which includes processing data on a remote third-party server in China. The questionable techniques used to send the messages between the two disconnected platforms are not best practice, and also mean that Apple can’t simply block the app based on its IP address.
“Clearly, this is suboptimal from a security perspective,” Freeman wrote on his Google+ page.
According to the app’s Google Play page, it was released earlier this month by Daniel Zweigart and has been downloaded over 10,000 times and features 132 one-star reviews — almost double the amount of five-star reviews.
TechCrunch contacted the developer Huluwa via an email address listed on the website, and received a response from a Chinese developer, Zengyi, who explained that Zweigart is a friend who lent him his Google Play account.
Zengyi said the app was not malware and he plans to release a new version that will process data on the phone, adding the app required strong permissions, such as the ability to install components in the background, “to ensure a message that can be received at any time.”
“Because some information is difficulty dispose [sic] in android, so we need a server,” Zengyi wrote in broken English. “Now, I find a way, I think it will help me not use server.”
During an iMessage chat (when he used his Android device) Zengyi said he plans to make the source code publicly available on GitHub.
Freeman said the developer’s responses on the Google Play page have raised more questions than answers.
“The developer is even responding to reviews about login issues asking only for user’s Apple IDs, which makes it sound like even the authentication must be under his direct control (where it can be logged and debugged given only the username),” Freeman wrote.
A lengthy discussion on Hacker News flags several security issues about how the app works, and generally warns users against entering their Apple user ID on the app.
In August 2005, Google acquired Android, a small startup company based in Palo Alto, CA. Android’s co-founders who went to work at Google included Andy Rubin (co-founder of Danger), Rich Miner (co-founder of Wildfire), Nick Sears (once VP at T-Mobile), and Chris White (one of the first engineers at WebTV). At the time, little was known about the functions of Android other than they made software for mobile phones. This began rumors that Google was planning to enter…
Started by Steve Jobs, Steve Wozniak, and Ronald Wayne, Apple has expanded from computers to consumer electronics over the last 30 years, officially changing their name from Apple Computer, Inc. to Apple, Inc. in January 2007.
Among the key offerings from Apple’s product line are: Pro line laptops (MacBook Pro) and desktops (Mac Pro), consumer line laptops (MacBook Air) and desktops (iMac), servers (Xserve), Apple TV, the Mac OS X and Mac OS X Server operating systems, the iPod, the…
Google provides search and advertising services, which together aim to organize and monetize the world’s information. In addition to its dominant search engine, it offers a plethora of online tools and platforms including: Gmail, Maps, YouTube, and Google+, the company’s extension into the social space. Most of its Web-based products are free, funded by Google’s highly integrated online advertising platforms AdWords and AdSense. Google promotes the idea that advertising should be highly targeted and relevant to users thus providing…