Gartner analyst David Willis, who is chief of research for mobility and communications and who runs Gartner’s Senior Research Board, said to Schmidt: “If you polled many people in this audience they would say Google Android is not their principal platform […] When you say Android, people say, wait a minute, Android is not secure.”
Schmidt didn’t miss a beat, replying, “Not secure? It’s more secure than the iPhone.”
I don’t know if it’s more or less secure – all I do know is that there is no evidence pointing either way. People sometimes pretend that something is evidence, like reports that there are more malware variants targeting Android than there are variants targeting iOS – which has absolutely nothing to do with which of the platforms is more secure. For instance, we had a report from antivirus peddler F-Secure a few months ago, which stated that 79% of malware families targeted Android. Great. Too bad it didn’t actually tell us anything about infection rate, the statistic which would actually tell us something.
Only 1% of malware families might be targeting platform Xyz, but if that 1% of malware managed to infect large numbers of devices, it’s a far bigger deal than the 99% of malware families targeting platform Abc but only managing to infect a small number of devices. This simple fact seems – sadly unsurprisingly – lost on most bloggers and journalists.
So, lots of talk about how Android is supposedly insecure (almost always pointing to reports from… Antivirus companies), yet no proof that actually backs this statement up. Let me just repeat this common mantra: if you install antivirus on your smartphone, be it Android or iOS, you’re wasting space and processor cycles on absolute total pointlessness.
Schmidt saying that Android is more secure than iOS is just as completely and utterly idiotic as saying the reverse. Both are just fine as they are. And in case you still haven’t seen the memo, despite decades of evidence: antivirus companies are scum. Do not trust them. Ever.
Why do people write malware? I presume they do so quite a lot of the time for rational reasons, some I am sure do so for the pleasure of doing harm but almost all malware seems to have been written to make money via a rationally calculated scheme.
So given that Android’s market share advantage is perhaps just two to one at best I presume that the decision of malware writers to put about a hundred times as much effort into targeting Android reflects the rational belief of those malware writers that they will get much better results from targeting the Android ecosystem.
Personally I think it self evident that any mobile ecosystem that is designed in such a way so that without any sort of a technically difficult or awkward hack it allows end users to download and install apps and software that have not been curated and security checked is inherently less secure than those mobile ecosystems that are designed to try make sure all apps and software are curated.