For those of you who haven’t used Cerberus before, it’s a security suite that comes into play when your device is stolen or lost. You can have selfie camera images sent to your email when a wrong password is entered, enable Android Wear integration, receive coded SMS messages if mobile data is switched off in order to perform actions, send screenshots and do a whole lot more. You can even protect Cerberus from factory resets which will allow it to persist across Android versions and continue to hide and keep collecting data. If you’re interested in how far this can go, you should check out the short film/documentary “Find my Phone” below:
As you can see, the application is very powerful and relies heavily on the guise of being unseen.
Yet Google, who recently have also taken issue with applications using accessibility services, have now emailed Cerberus to tell them that their application is in violation of the developer rules. This is because applications when tracking the user should show a notification. While the concern is understandable, it does defeat the entire point of Cerberus if the app has to display a notification when the device is stolen and is being stealth tracked.
What’s more, Google does not appear to be in the mood to give any leniency.
LastPass, the password manager available across many platforms had released a statement saying that Google’s enforcing of the accessibility usage will not affect them, implying that they have some room to wiggle.
LastPass is working with Google and to confirm, there is no immediate impact to our Android users. Our development team works very closely with Google to deliver an intuitive password experience for Android users. Google has assured app development partners, including LastPass, that they’re focused on a long-term solution that meets user needs and their accessibility requirements.
If LastPass has permission when in direct violation of the rules, Cerberus should be able to do so too especially when the application in question is hugely beneficial to users. In the above documentary, you can see that the device is tracked while in use by the thief for months. Such a powerful application for users should be allowed some leniency, especially when the Android Device Manager provided by Google is so lacklustre.
It is currently unclear on the course of action the developers of Cerberus will take. Their options at this stage include displaying a notification, removing the stealth functionality or stop distributing their app through the Google Play Store. Google’s concerns are not entirely unfounded either, as Cerberus can be a very powerful tool that can be misused when in the wrong hands. So it does remain to be seen how the situation progresses.Source: Cerberus Google+