Linked by Thom Holwerda on Tue 8th Oct 2013 17:08 UTC
PDAs, Cellphones, Wireless

Gartner analyst David Willis, who is chief of research for mobility and communications and who runs Gartner's Senior Research Board, said to Schmidt: "If you polled many people in this audience they would say Google Android is not their principal platform [...] When you say Android, people say, wait a minute, Android is not secure."

Schmidt didn't miss a beat, replying, "Not secure? It's more secure than the iPhone."

I don't know if it's more or less secure - all I do know is that there is no evidence pointing either way. People sometimes pretend that something is evidence, like reports that there are more malware variants targeting Android than there are variants targeting iOS - which has absolutely nothing to do with which of the platforms is more secure. For instance, we had a report from antivirus peddler F-Secure a few months ago, which stated that 79% of malware families targeted Android. Great. Too bad it didn't actually tell us anything about infection rate, the statistic which would actually tell us something.

Only 1% of malware families might be targeting platform Xyz, but if that 1% of malware managed to infect large numbers of devices, it's a far bigger deal than the 99% of malware families targeting platform Abc but only managing to infect a small number of devices. This simple fact seems - sadly unsurprisingly - lost on most bloggers and journalists.

So, lots of talk about how Android is supposedly insecure (almost always pointing to reports from... Antivirus companies), yet no proof that actually backs this statement up. Let me just repeat this common mantra: if you install antivirus on your smartphone, be it Android or iOS, you're wasting space and processor cycles on absolute total pointlessness.

Schmidt saying that Android is more secure than iOS is just as completely and utterly idiotic as saying the reverse. Both are just fine as they are. And in case you still haven't seen the memo, despite decades of evidence: antivirus companies are scum. Do not trust them. Ever.

Thread beginning with comment 574108
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Why do people write malware?
by some1 on Tue 8th Oct 2013 18:24 UTC in reply to "Why do people write malware?"
some1
Member since:
2010-10-05

Where do you see "hundreds of times"? F-Secure number that Thom quoted is 79%, which matches perfectly Android's global market share.

Reply Parent Score: 1

Tony Swash Member since:
2009-08-22

Where do you see "hundreds of times"? F-Secure number that Thom quoted is 79%, which matches perfectly Android's global market share.


That would make sense as an explanation if the distribution of malware by OS basically followed market share. It doesn't. iOS has an installed base (Apple says is 700 million iOS devices sold) probably somewhere between a quarter to a half of Android's installed base and yet the iOS share of malware is 0.7 percent. Only 0.3 percent of malware affects Windows Mobile and BlackBerry combined.

BTW I used the word hundred not the plural hundreds. Based on Android having 79% of malware and iOS having 0.7% that means that Android has just about 113 times more malware than iOS and 263 times as much as Windows Mobile and BlackBerry combined (and Blackberry is an attractive target because of it's enterprise penetration).

I repeat the questions I posed in my original post. Making the reasonable assumption that the bulk of malware is written and distributed for a rational purpose, i.e. to make money illicitly, why would the writers of said malware devote 113 times as much effort in making malware for Android than iOS or 263 times as much as targeting Windows Mobile/BlackBerry?

Even if Thom's rather speculative claim that the high malware count for Android is the result of a sort of malware inflation caused by the need to write different malware version to cope with Android OS fragmentation is really true (evidence?) is it also true that there over a hundred times more versions of Android in use than iOS?

It seems to me that fans or defenders of the Android mobile OS strategy are in a state of denial about the security repercussions of the openness that they prize so much in Android. It may be that this is really not a big deal, that all that malware is not leading to criminals stealing data and money but the imbalance of malware distribution is real and does not reflect market share. If it is true, as Thom seems to imply, that all that malware circulating in the Android ecosystem is not actually leading to any real world actual security issues than I wonder why the writers of the malware actually bothered to write it and to continue to write it. Malware on Android is increasing and not decreasing as one would assume it would if it was mostly ineffectual.

Reply Parent Score: 2

JAlexoid Member since:
2009-05-19

is it also true that there over a hundred times more versions of Android in use than iOS?

Variations - yes. But then again, iOS is not a homogenic as you might think. While the HAL and libraries are common, there is a reason why there was/is no jailbreak for A6 and later processors.


It seems to me that fans or defenders of the Android mobile OS strategy are in a state of denial about the security repercussions of the openness that they prize so much in Android.

Please, please, please... no-one is in denial about the fact that a user is stupid. And having a mechanism to sideload software is a very lucrative attack vector.
And then look at how this malware is distributed... all reports that we have seen target China, Russia and the likes. iOS install base there is nowhere close to being a quarter of Android's.

Malware on Android is increasing and not decreasing as one would assume it would if it was mostly ineffectual.

One would assume that if one did not read any of the reports by the same anti-virus companies. Which, based on that statement, you have not.

Reply Parent Score: 2

JAlexoid Member since:
2009-05-19

It's quite clear that more people write malware for Android than iOS. On iOS the goal for hackers is jailbreak. You could consider jailbreak malware, thus probably evening out the numbers.

Reply Parent Score: 2

jared_wilkes Member since:
2011-04-25

If people are claiming rooting apps are non-malicious on Android (a very poor assumption -- far easier to inject a malicious rootkit into a seemingly benign or useful rooting tool than it is to add a malicious rootkit payload into a non-rooting app), jailbreaking iOS certainly isn't malware either.

Edited 2013-10-09 13:47 UTC

Reply Parent Score: 2