Digital Turbine's Ignite Gives Carrier Bloatware A Boost
Bloatware, a not so loved term used to describe unwanted software on your smartphone or tablet, the mobile equivalent of spam. It has been a long bemoaned blight in the mobile world and yet very little seems to be done about it because the powers that be simply would not allow things to change. In fact, things might get even worse, thanks to Digital Turbine's new Ignite product, which not only gives carriers the ultimate bloatware tool, it also potentially bypasses Android's security measures.
Carrier-branded, and sometimes even OEM-branded, software, a.k.a. bloatware, are some minor ways for these companies to get some revenue. In some cases, they do offer value-added service, but in most cases, they just take up space and sometimes even consume bandwidth. Traditionally, getting these apps and services onto devices, or even updating them after launch, takes a lot of time and testing. For users, it's just delaying the inevitable. For carriers, it's wasted money.
Digital Turbine Ignite tries to take the element of time out of the equation by making it easier for carriers to push out such apps and even updates without having to undergo the usual time-consuming process of pushing out OEM or device updates. It may sound innocent enough, as innocent as bloatware can be, but it's the actual implementation that is quite worrying.
First you have DT Ignite itself, an app that is installed on Android devices without your knowledge or approval, pretty much like any bloatware. Ignite uses a load of system permissions, which only adds to the problem. The most frightening part is that Ignite can apparently install carrier's apps without informing the user and without asking for permission. Android has such security measures in place precisely to combat the threat of malware and DT Ignite, and carriers, seem to be so willing to throw all that out for the sake of a few apps and some revenue. DT Ignite, if compromised, could very well become a vehicle for malware to get into the system. Heck, given how it works, you might even call Ignite a kind of malware itself.
For now, DT Ignite's circle of influence is quite small, limited to carrier branded devices and limited only to some carriers, which include Verizon, for one. But considering how Ignite works, it can, and probably should, be considered a security threat, one that Google should definitely look into.
VIA: Android Authority