Android Malware Sees Explosive Growth
The Android vs. iPhone smartphone race is a lot like the Windows vs. Mac rivalry. On one side is a broadly licensed operating system used by many manufacturers. On the other is a locked down and expensive hardware platform.
However, according to Internet security firm Kaspersky, Android favors Windows in another, more sinister way: It's become a playground for malware creators. Kaspersky recognized 70 different types of malware last month, according to its chief technology officer Nikolay Grebennikov, as reported by Bloomberg News. . In September last year Kaspersky recognized just two. We should always be wary when a firm trying to sell us a cure hypes up the disease, but, if true, the figures indicate explosive growth.
Getting malware onto Android phones is easy. Once a developer has signed up to the Android Marketplace, which costs just $25, they can start releasing software straight away and there are no checks on the apps they create. This is in stark contrast to Apple's App Store, for which each program made available is individually scrutinized by an Apple engineer before release (and there's a $99 joining fee).
However, Google has put in place a number of protection systems. Apps run in a "sandbox" environment, for example, which hives them off in memory and should mean they're unable to compromise the entire phone.
Additionally, apps sold via the Google Marketplace can be killed remotely by Google, should they later prove to be malware.
Thirdly, whenever any software is installed on a user's phone, the user is informed of what hardware components of the phone the software will use. An app might need to use the Internet connection and cause the phone to vibrate, for example, and the user will have to agree to this.
However, all of this is clearly not enough. Last month malware creators managed to infect an estimated more than 400,000 phones with the DroidDream malware. In this case, they didn't even go to the expense of creating a new app. As initially spotted by a contributor to the social networking site Reddit, malware creators simply stole several existing apps , then rebranded them and added in the rootkit exploit before making them available under new names. Again, the Marketplace has no protection against this kind of piracy.
One of the original developers of a stolen app, CodingCaveman, was aware his app had been stolen but was unable to get a response from Google. It was only after the scandal hit the headlines that Google apologetically responded to him.
Essentially, the difference between the Google and Apple approach to app stores is that Google places the responsibility for security on the phone and its user, whereas Apple attempts to prevent security being an issue for users. A cynic might suggest that Android's approach to security is to close the barn door after the horse has bolted.
Apple's way of doing things is expensive but effective--having people check over every app that's released is labor-intensive. However, Google's approach provides significantly more freedom and openness, and ultimately more customer choice.
However, if 20 or so years of Windows domination have proved one thing, it's that users simply can't be trusted to take care of their computers. Most users are idiots. It's taken until Windows 7 for Microsoft to engineer this into their systems, and it would be a shame if we had to wait that long for Google to come to the same conclusion.
Sadly, Google isn't showing much movement on the issue. In a posting to the Google Mobile blog last month, all Android Security Lead Rich Cannings would say is that "security is a priority for the Android team" and that Google is "committed to building new safeguards to help prevent these kinds of attacks from happening in the future." Google did respond to the DroidDream outbreak by releasing a clean-up tool, but it shouldn't have to resort to such extraordinary measures.
The above article was originally published at: http://www.pcworld.com/businesscenter/article/226193/android_malware_sees_explosive_growth.html