The smartphone press has Android security in its sights these days. Many of their stories delight in comparing Android to Windows for being a malware target. They are often hysterical about the rogue malware apps that are found on the Google Play Store and instances of Android hacking. The sensationalization is enough to make some people wonder if they should abandon Android. Others get an Android security app and always look over their backs.
To Windows users, the sensational reporting around Android malware must seem very familiar. They’ve seen it all. As even Windows beginners know by now, it doesn’t take anything more than a quality free antivirus program and basic care to stay away from Windows viruses. Much the same applies to the Android platform, too. The rogue Android applications that the magazine reports scream about are usually so badly made that most people wouldn’t ever take them seriously enough to install them. We all need to step out of the Android danger distortion field that the magazines promote these days and get a reality check.
Where do these reports actually come from?
Android experts suspect that many of the scary reports about Android malware come from the makers of smalltime Android security apps who wish to create a willing market for their products.
Many people believe that the Google Play Store doesn’t screen the apps that it lists at all. In truth, though, the Play Store does have a stringent app vetting process. Google keeps screening existing apps too. If they find that an app isn’t what they thought it was, they remove it from the Play Store and remotely delete it from users’ phones, too.
In truth, most Android malware infections happen to people who get their apps from places other than the Google Play Store.
This doesn’t mean that you should go without security software on your phone
The malware makers are getting smarter all the time. In one recent attack on Android users in Russia, a fake ad network called BadNews got dozens of Russian apps into the Play Store. The apps were designed to begin acting only when they had been downloaded and installed by millions of users. The Android antivirus vendor Lookout quickly discovered the problem and reported it to Google that then went on to suspend the developer and all the offending apps.
Given the way the creators of malware seem to get more creative with time, it could possibly be a good idea to install the security app. This would be for just-in-case purposes, though. Being even reasonably careful using your Android phone today nearly guarantees that you will be safe.
Right now, malware isn’t the biggest reason you would want a security app
While high-tech hackers are certainly a danger, most people should worry about a more old-fashioned risk – low-tech thieves. When you have someone steal your phone, it could possibly result in identity theft. Most people have their entire lives stored on their phones. The thief could easily get at a Social Security number, a bank account number or anything else.
While iOS offers inbuilt antitheft features (you can remotely lock or wipe your phone’s data, should someone steal it), Android doesn’t have such inbuilt features at this point. You need security apps for such remote control.
Most Windows users have no need to buy antivirus software – the free versions are just as good for most purposes. It isn’t quite the same on Android, though. The security apps mostly only offer their remote phone locking and wiping features on their paid versions.
Certainly, Apple’s universe has fewer security threats. In some important ways, though, the iOS platform can be viewed as more vulnerable – Apple’s iTunes App Store doesn’t have a great selection of security apps that protect against phishing attempts.
by combofix.org staff