Tuesday

Android Apps (In)Security

Android Apps are getting quite a bit of attention lately because of the potential of installing apps carrying malware, or displaying other unwelcome behavior. The Apple App Store is a pretty strictly monitored source for the iPhone and iPad; the Google Play app store software is scanned for problems by Google, but there are also other online sources for Google Apps that can be accessed by Android devices, so the potential for malarkey is increased.


android



In addition to scanning the Google Play contents, Google's very latest version of Android includes an "Application Verification Service", which is supposed to confirm an apps security status before it's installed and block it if it is deemed untrustworthy. This would include apps not downloaded from Google Play. There are a couple of problems though; first, in it's current iteration, the service just does not work very well. A study found it only identified 15% of the malware samples presented to it - pretty dire.


Second, this service (even assuming it does improve drastically) is only available on the most recent Android version - and frankly vendors would rather you buy a new device than issue timely updates to existing software. Many Android devices in use today (including my smartphone purchased a few months ago) run Android 2.3, which is now almost two years old, and there's little likelihood those would ever be updated to the current Android 4.2.


So, Google is trying, but for now I would say a malware scanner is definitely in order for Android users until this situation comes to order. There are plenty of free scanners available, and these give a little extra peace of mind.

No comments :