14 DAY TRIAL // Google has removed the Android VTS (Vulnerability Test Suite) from the Play Store, an application that was created for the sole purpose of letting users know if their Android device has all the security patches in place to protect from the most known Android security vulnerabilities reported in the press.
The app, which we wrote about around the start of November, was open-sourced on GitHub, but its creator, NowSecure, added it to the official Play Store as well, so more users could install it without thinking it was malicious.
The app, even if quite useful, never reached download numbers as something like Angry Birds for example, but things didn't go smooth with Google's staff, and the honeymoon ended a few days ago, when the app was unceremoniously removed from the Play store.
The app's testing functions were a little bit too unfriendly with the Android kernel
According to Dr. Brian Sovryn from Zomia Offline Games, who contacted NowSecure asking why the app was removed, this is the email that NowSecure got from Google:
"Applications which cross a security boundary to perform a security test are prohibited from Google Play. After review, we found that the ping_pong.c, futex__check.c, and ZergRush.java tests crossed a security boundary to perform their tests, probing either the kernel or system_server/void. Other tests may ahve similar properties," read the email. "We hope these additional details clarify our rationale behind removing your app from the Store."
Yes, there's logic in Google's response, and judging that nobody from NowSecure went to Twitter or on the company's blog to criticize the decision, Google may have been right when taking it.
And to be fair, when we first presented Android VTS in our article, the developers had said the app was quite intrusive, and they've intentionally left some vulnerability checks out of the app because they had the potential of freezing the device.