[huggyface]

This is definitely fodder for the "walled garden" proponents to justify closed and heavily vetted architectures.

This is justification for some control, not total control. It is not all or nothing, and Google has shown startling negligence in even the most rudimentary of protections.

Seriously, name collisions and similarity should automatically yield a human review.

[jen_h]

This is definitely happening (the Temple Run clones on the Market come to mind here), but in this case, the malware's not on the Market, I don't believe - it's being distributed on other sites. So I'm not sure the walled garden stuff matches here - you can download cracked iOS ipas all over the 'net, too.

The unfortunate thing here is that users are going to try to install this stuff by hook or by crook not caring from whence they get it. It's tough for developers or for Google to police this (although, with control of a search engine, you've got that - but policing search results this way is also a slippery slope. You could lock down side-loading, but that's draconian and easily subvertible anyway. You'd be surprised at the number of non-computer savvy folks who are rooted/jailbroken).

I'm not sure what the solution is - education helps (and wide proliferation of this particular malware campaign helps get the issue in front of the public a bit), community self-policing helps (see Cydia, Cyanogenmod communities), but when someone wants something and can't find it for whatever reason, they'll do anything they can to get it, no matter how dangerous.

Seriously, I once had a woman email me very upset--someone emailed her an apk off a pirate site and she was having a heck of a time getting it to download and install on her Blackberry Torch! Please help!