A walk through the Android Software Development Kit and libraries will show you some interesting scenery. You can, for example, see how a few strokes of code will allow you to write an application that can access an Android device’s contact list and phone, in the background.
And it might show you how to write an app that will launch the device’s email service and even send emails.
The Android SDK hiking tour will also provide a distance marker with instructions on how to put together an app that will launch a device’s text-messaging feature to both receive and send data.
If you’re an upstanding citizen and software developer, you can use that information to create powerful, secure, productive and “gee whiz” apps of the kind that have made Android one of the fastest-growing operating systems of all time. If you’re a hacker or a criminal, however, you can use Android to launch vicious, destructive attacks on individuals and, potentially, infrastructure.
Last month more than 50 Android apps were found to contain malware called DroidDream, ranging from gaming apps to a currency converter app to a scientific calculator app, according to security software maker Lookout.
Lookout reported that the Trojan known as DroidDream used two exploits called “exploid” and “rageagainstthecage” to infect Android-based devices.
Lookout said it found that hackers had used exploid to deploy itself looking like a legitimate “calling plan management” app and began hitting the market via what it said were Chinese app markets.
Eventually, Lookout said, a version of that app turned up in the official (and more mainstream) Android Market. A further review found this app turned out to be, essentially, a dud because it didn’t have the code to fully exploit a device.