This is what makes no sense to me whatsoever. Assuming you are correct and it is spyware then the following has happend:
1. Someone has developed spyware for Android that is undetectable.
2. No one in the world knows about this and it has not be detected by Google or any other groups that specialize in detecting malicious apps and security exploits.
3. This spyware has somehow acquired root privileges on a user's phone with no interaction with the user. (This alone is virtually impossible unless you want to tell me that someone got physical access to her phone, rooted it, installed the malicious app and returned it to her without her knowledge.)
4. This spyware shows no indication to the end user at all that it is even installed.
None of those things are even remotely likely. In fact, all of them are extremely unlikely. The odds of all of them happening is virtually impossible. I suspect you are merely trying to advertise the two apps you keep mentioning over and over. One of them does not even run on Android according to it's own web site. The other one is extremely dubious IMO as the entire first page of google is just them spamming their own programs benefits. If you dig, you can find pages of user comments saying the program either doesn't work as described or doesn't work because they can't get physical access to the phone to install it.
Good points. I'll go through it to the best of my knowledge.
1. I think it's detectable, but I am not very knowledgable of the intricacies of the Android. I am talking to my girlfriend on a landline as we go through the menus - not very efficient. Plus I am a novice on android and don't know what should be in the system or not.
2. Well the SMobile guys have info on it:
MobiStealth | Juniper Global Threat Center
MobiStealth
Affected Operating Systems: Android, BlackBerry
Aliases:
Discovery Date: 2010-01-13
Overview: MobiStealth is a spyware application for Android and BlackBerry platforms
Detailed Information: MobiStealth is a spyware application that currently runs on Android and BlackBerry devices. MobiStealth has the ability to completely hide itself from detection by the intended user. MobiStealth has the following capabilities:
Call Recording
Call History
Call Duration
On Demand Surround Recording
Location History
On Demand Location Information
Alternative Location Retrieval Method
Email Logging
Web History
Bookmarks
Picture Logging
Video Logging
Contact Details
Text Message / SMS Logging
Reverse Phone Lookup
SIM Change Notification (Only Applicable to GSM Phones)
Encrypted Communication
Phone Wipe
For Android, MobiStealth arrives as mobistealth.apk and installs on the device as EmailClient. MobiStealth hides itself from detection by the intended target in that no application icon is visible in the application drawer on the device. However, viewing the list of installed applications through Settings > Applications > Manage applications will reveal the existence of the EmailClient application. For BlackBerry, MobiStealth arrives as .zip file that contains the following files:
EmailClient.cod
EmailClient-1.cod
mmv2.jad
Once installed, MobiStealth exists on the device as EmailClient and does not offer an application icon as it is completely hidden from the user. MobiStealth can only be installed on a target device with physical access. Detection and Removal: Detected and removed with SMobile VirusGuard virus definitions from 2010-01-13
3. I am pretty sure he got ahold of her phone. He has already hacked her e-mail although I wouldn't call it hacking really as she is the type of clueless user who used her birthday and pet names for password. I've gotten her to stop that nonsense.
4. See the answer to 2 again, to wit "MobiStealth has the ability to completely hide itself from detection by the intended user."
Again, I do think that the stalker somehow got a hold of the phone. Some people don't have their phone duct taped to their bodies. I've left mine on countless occasions, I was never that paranoid before. Also I read those reviews as well, but you'll notice that even the negative one's say they got some data off the phone but they were upset that the results were inconsistent - partial voice, partial email, etc. But there are other packages out there as well and I haven't traced them all down. I am not sure if it is mobistealth or flexispy or one I haven't heard of. But that's why I came here in, I admit, an agitated state. I didn't realize that the other users (not you, as you've been helpful) would go into psycho gang attack mode on me for suggesting something was wrong with the android!
Note: Again - I LIKE the android!!!
I am only interesting in finding facts myself. And if this exploit is at all possible it is worth knowing about.
Final note: most people will never be the target of stalking, but for the small percent who are the target, it is worth having some info. And my hope is that these sick people who write this software will fail because people will have counter-measures installed to stop it. If this thread helps people to be cautious then that can't be a bad thing.