informa
/
Vulnerabilities/Threats
News

Google Finds Flaws In Android Security Report

SMobile Systems' suggestion that two-thirds of Android apps are 'suspicious' fails to consider Android's security mechanisms, Google says.
It's fair to say that the iPhone app review process presents an opportunity for risk mitigation that Google's Android Market doesn't have. Apple spends a small amount of time vetting every iOS app submitted while Google relies on its user community to flag bad apples, so to speak.

But there's more to phone security than app security, as AT&T's recent iPad security breach suggests. Android's application sandboxing and permissions system should also be considered.

Last August, when the Android Market had eight times fewer apps, Google told the FCC that approximately 1% of apps uploaded to the Android Market subsequently had to be removed.

Hering says that his company sees different threats on different platforms.

While noting that there are more application-related attacks on the Android platform, he observed that iOS 4 patched some 60 vulnerabilities.

With regard to mobile security, "the sky is not falling," he said. "But we are seeing more and more threats. Security in the mobile space is absolutely a growing problem."

Six months ago, he said, his company was detecting four pieces of malware per 100 phones per year.

Today, that figure is about nine pieces of malware.

"The doubling of malware and spyware in the last six months is significant," he said.

The challenge going forward, he suggested, will be determining what is malware and what is not, because more and more apps will make use of APIs that interact with sensitive information.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5