Android has developed a reputation for being a very insecure mobile platform, ripe for malware infection. Galen Gruman of InfoWorld went so far as to call Android a “malware cesspool”.
Is this reputation deserved? Yes and no. Google Play (a.k.a. Android Market) is known for not closely vetting its apps for malware, and there are many unofficial Android stores where apps, often dodgy, can be purchased cheaply.
The consensus among the security analysts is that Apple does a better job of weeding out apps with malware before they get to the App Store, while Google is seen as reacting after the malware has been discovered in the wild.
Despite Android reputation as a malware magnet, subscriber numbers continue to climb. According to the latest figures from Gartner, Android has a 56% market share, up sharply from a 36% market share at the same time last year. This compares with iOS, which has a 23% market share, compared with a 17% market share at the same time last year.
So if Android is such a malware cesspool, why does its popularity continue to grow? Certainly price is a factor. Android-based phones tend to be cheaper than iOS-based devices. The variety of handset options and applications is no doubt attractive to buyers as well.
Either Android’s horrendous reputation for malware does not discourage users from buying one or the user experience with Android in terms of security does not correspond to its reputation.
At the same time, Apple’s once stellar reputation for strong security has been shaken by recent events, such as the massive Flashback malware infection of Macs earlier this year and the Find & Call malware discovered on the App Store this month. Kaspersky Lab founder Eugene Kaspersky has warned that iOS devices could increasingly come under malware attack because Apple does not allow companies to develop endpoint security for iOS due to the closed nature of its software development kit.
While Apple’s security reputation has been tarnished, Google has taken a number of steps to shore up Android’s security flaws. In February, it unveiled Bouncer, an automated app scanning service to rout out malware on Google Play.
Bouncer performs a set of analyses of Android applications, whether new or already on the market, as well as developer accounts. Bouncer led to a 40% decrease in Android malware downloads in the second half of 2011 compared with the first half, according to Google.
Other Android security features implemented by Google include sandboxing, which places a wall between applications and other software on the device; a permissions system, which enables users to manage the permissions granted applications; and remote malware removal.
Another reflection of the reputation versus reality phenomenon regarding Android security was the report earlier this month of an Android botnet. Researchers from Microsoft (which is pushing Windows Phone as a competitor to Android) and Sophos claimed to have uncovered a botnet using infected Android mobile phones to send spam from compromised Yahoo Mail accounts.
Google, however, said that its analysis indicates that “spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using.”
The Microsoft and Sophos researchers admitted that was a possibility, but questioned why spammers would want to pin the spam on Android devices. The debate remains unresolved but it highlights the rush to blame Android’s security flaws before all the facts are in.
This is not to say that everything is hunky-dory with Android’s security or that iOS devices are sieves just waiting for malware to infect them. But this discussion does show that Android’s reputation for being a malware cesspool might not be wholly deserved.