- UPDATE as of December 16, 2015: The Google Play Team has responded to our appeal stating that the
ping_pong.c
,futex_exploit_he.ck.c
, andZergRush.java
tests are part of what is keeping VTS for Android out of the Google Play app store. We’ll continue to distribute the app via GitHub for people to install while we consider our options. We’ll update this post as developments warrant.
The Google Play Team notified us Monday evening of their decision to remove our Vulnerability Test Suite (VTS) for Android app from Google Play. We disagree with their reasoning for the suspension. As part of the appeals process, we believe the Google Play Team will come to realize that VTS for Android is clearly not malicious, and is a valuable research tool that should be published on the Google Play Store.
We make the purpose of the app very clear and make the source code publicly available. Anyone can analyze the source code and see it doesn’t have any malicious intent.
We developed the VTS for Android app as an informational tool that helps researchers and the public test their devices for the presence of publicly known vulnerabilities. The app does not exploit any of the vulnerabilities for which it tests, nor does it negatively impact the device or user privacy. In building innocuous vulnerability tests, we keep the user in mind and take steps to avoid affecting system stability as part of the testing process.
We will update this blog post as warranted by any developments in our appeal. In the meantime, tech-savvy users can download the androidVTS.apk on GitHub.
Related Content:
- November 18, 2015
My Device is VulnerableINow What - October 29, 2015
Android VTS Now on Google Play - September 14, 2015
Announcing Android Vulnerability Test Suite