I'm calling non-event because everytime the Media reports these "Emerging Critical Threats" like the sky is falling, a month down the track nothing happens.
Maybe, at most 1000 people in china infect their device by manually enabling side-loading for pirated apps and the rest of the world gets on with life.

I'm suggesting its not sophisticated or unknown because it just asks for permission through the intended API, i.e Not A Bug. I didn't mention anything about how the user perceives the question, that completely out of scope. If I come to your house and ask to steal all of your stuff and you say "Yes" because you didn't understand the question, that still doesn't make it a sophisticated robbery, thats just a normal robbery. We'll call it a user misunderstanding shall then we?

The method of obtaining install permissions and privilege escalation don't look particularly "unknown".
It seems as though the app just asks for it and waits for the user to say yes.

Did I miss something or does this look like every other non-event Android malware except with a new crypto scheme?
http://www.securelist.com/en/blog/8106/The_most_sophisticated_Android_Trojan

It seems that the video game has appeared in the Steam Online store before a method has been devised to download it.
http://store.steampowered.com/app/212680

Just how recursive is this issue?

I think that's 3 days later?

I seem to remeber something very similar after Hurricane Katrina a few years back.

http://science.slashdot.org/story/05/09/25/1850228/armed-dolphins-released-into-gulf-of-mexico

Rather than using the Phone to do the monitoring and polling, I'd consider using a service on the network at work and then make your phone a client of this service.
An example would be to use Nagios to do the monitoring and then use one of the countless Nagios Clients available to read the monitoring state from the service. You'll get the added bonus of knowing what happens if your Network coverage goes away to fill in the blanks after the event and be able to escalate to someone else if you're not available.

over 3 months uptime....So no Windows Updates then?

for what its worth, solve it from the command line in bash with the following.
wget -qO - http://pro.sony.com/bbsc/jsp/forms/generateCaptcha.jsp |grep "</b></span></td>" |sed -e s/\<b\>//g |sed s/\</" "/g |awk '{print $1}'
(Yes its a bit messy but what do you want for 5 mins work.)

Anyone else want to have a go? (in perl maybe?)

When it comes to "for profit" companies: If you're not paying for anything then chances are, you're whats for sale.

Yeah, That sounds like the one. About 12 months ago a bunch of PDP-8 machines still in original packaging came up for auction around the place that were perfect for hobbyists and collectors.
I think I remember reading that Steve Gibson of GRC purchase a handful or so.

Wasn't this like a system they used before GPS that was still in minimal use until recently?
I vaguely remember they still had PDP-8's still in storage as replacement parts

Although its a bit old and things may have changed since then, this article shows how basic the detection is (video within):
http://nakedsecurity.sophos.com/2010/06/18/apple-secretly-updates-mac-malware-protection/

Keep in mind its sophos's own site/blog so there's a definite conflict of interest potential.

Here's the rest over at apples site:
http://configuration.apple.com/configurations/macosx/xprotect/1/clientConfiguration.plist

Just search for defender

Why can't they just use something unique to mix it with an email address like, oh I don't know, The console ID directly pulled from the hardware.

One assumes an attacker can't steal those in bulk easily. (artificially created replay attack possibly?)

They seem to be pretty good at finding it to use against George Hotz (yes I know it turned out to be the previous owner but it shows they know the mappings).

I see Fox News did a fantastic job on spelling in their link.
usama-bin-laden-dead-say-sources

almost 10 years and they didn't get it right.....sigh