Android Security: Threat Level None? - InformationWeek
04:30 PM
Eric Zeman
Eric Zeman
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Android Security: Threat Level None?

Security firms are fanning the flames of fear about mobile malware and viruses, while others accuse such firms of being scammers. Who's right, and who's wrong.

Earlier this week, Juniper Networks lit a fire with its report claiming that the amount of mobile malware has jumped 472% since July. According to Juniper's numbers, the number of malware samples collected in October jumped 110% compared to September, and 171% over what was collected in July.

"These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications," the company wrote in a blog post. "With no upfront review process, no one checking to see that your application does what it says, just the world's largest majority of smartphone users skimming past your application's description page with whatever description of the application the developer chooses to include."

Earlier this year, Symantec, too, warned of mobile malware in the Android Market. In its own blog post, Symantec said, "Android malware is on the rise. Android.Pjapps is another example of a Trojan with back door capabilities that targets Android devices. As seen with previous Android threats, it is spreading through compromised versions of legitimate applications, available on unregulated third-party Android marketplaces."

Symantec, of course, sells security software for both PCs and mobile devices.

[ Want to avoid Android App stinkers? See 10 Android App Flops. ]

Let's not leave out Kapersky Labs (which also sells security software.)

"When it comes to attacking smartphones, there were clear signs that cybercriminals have made Android their platform of choice," the company said in a blog post on Thursday. "Increasingly sophisticated operations by malicious programs were also noted in Q3 along with some tried-and-tested methods: innocuous QR codes are now being used to conceal malware and computers are facing threats even before their operating systems start as cybercriminals revisit BIOS infection methods."

Are you scared yet, Android smartphone owners?

Are you quaking in your boots? Are you ready to buy antimalware and antivirus software from these companies? Should your corporate IT department be licensing protection schemes in bulk?

Hold on just a minute.

Google's open-source Guru, Chris DiBona, had some harsh words about these reports and the companies that generate them.

"Virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS," he wrote on Google+. "They are charlatans and scammers. If you work for a company selling virus protection for android, RIM or iOS you should be ashamed of yourself."

So, is there a risk then? Yes, says DiBona, but it's not what you think.

"A virus of the traditional kind is possible, but not probable. The barriers to spreading such a program from phone to phone are large and difficult enough to traverse when you have legitimate access to the phone, but this isn't Independence Day, a virus that might work on one device won't magically spread to the other."

DiBona is right. While some malware and viruses have tried to make use of Bluetooth and Wi-Fi radios to hop from device to device, it simply doesn't happen the way security companies want you to think it does.

But DiBona has one more thing to say. "Policy engines, and those tools that manage devices from a corporate IT department are not the same thing at all, but sometimes marketers in companies that sell such things sometimes tack on 'virus' protection. That part is a lie, tell your vendor to cut it out," he wrote.

Now that we have a few different views on this topic, who do you think is right? Well, there's some truth to what the security vendors are telling us. Smartphones--and apparently Android devices in particular--can be infected with malware through careless use.

But DiBona is right, too. How do we know that he is? Because there haven't been mass break-outs or major epidemics of malware spreading from phone to phone to phone. It simply hasn't happened yet. Could it? Yes. Will it? Probably not anytime soon.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
12/15/2011 | 3:57:50 PM
re: Android Security: Threat Level None?
I would have to agree with ANON on this... The Android marketplace is what is spreading the applications that contain malware not the phones. Here's how it works. User buys an app, then user installs app on the phone. Once user launches the app, the app exploits vulnerabilities in the phone's operating system to gain root level privileges and do what it needs to. Operating systems have vulnerabilities. The problem is that this is still a relatively new frontier for public knowledge so people are not as informed about it as they should be even though vulnerabilities in the mobile operating systems are being discovered. This is not about viruses on mobile devices, it's about malware and trojans on devices. There are differences. There is also a stark difference in the way applications are reviewed and published between the two companies and that is part of the issue as well. I'm not saying that this type of issue couldn't happen on the IOS side of the world, However, until Android/Google start taking this seriously and implement a real application review process this could potentially have some nasty consequences for Android users.
User Rank: Apprentice
11/22/2011 | 7:32:35 PM
re: Android Security: Threat Level None?
I agree with the prior post that it's melodramatic to say the least to rant about 10s of thousands of people getting attacked. However he's right about the nature of the Android threat. It isn't the fact that viruses are contagious; it's that applications with malware are less likely to be detected in advance in the uncurated Android marketplaces than they are in curated ones, whether those be the Apple store or the Amazon marketplace for that matter.

To say that is not to be an Apple fanboi; it's to be accurate so that users can make educated decisions. At one point in the past year Android removed some 50 apps from the marketplace after complaints and uninstalled them from users' phones. One piece of malware required killing software on 300,000 phones. Add to this the fact that the phones don't always have the latest security patch and you've got risks there. OS changes don't push over the air and because of all the flavors, an update strategy like synching via iTunes isn't feasible. These things can't be glossed over.

The Android guru is right to point out the self-interested exaggeration of Symantec et al, but he doesn't address these other elements. My final take is that it's up to the consumer to know where the risk is; to read the fine print when downloading applications and pay attention tto their settings; and to ensure before purchase that the carrier has a credible strategy for distributing OS updates and security patches on a timely basis.

Speaking of fanbois, whoever trotted that tired epithet out of his back pocket and lobbed it at Mr. Zeman, pls take it back. This is fair and balanced reporting that if anything tells the folks carrying Androids that they are not at imminent risk of attack. It's a very fine piece of reporting.
User Rank: Apprentice
11/22/2011 | 12:04:46 AM
re: Android Security: Threat Level None?
This is a carefully chosen set of words to obfuscate the issue in favor of one company or another - as all marketing BS is. A "virus" connotes something that moves from system to system independently, exploiting some vulnerability to do so. Very 20th century. Malware that monitors keystrokes, steals data from banking apps, or makes expensive SMS/phone transmissions are the issue. Those are legitimately becoming a concern, and when organized criminals figure out a way to monetize access to smart phones, the emphasis will shift altogether. A/V companies produce malware protection. Parsing the word, "virus" and emphasizing the lack of automatic propagation is disingenuous.
User Rank: Apprentice
11/21/2011 | 2:23:53 PM
re: Android Security: Threat Level None?


Idiot fanbois.
User Rank: Apprentice
11/21/2011 | 1:53:04 PM
re: Android Security: Threat Level None?
Hey, look, an anonymous idiot says that the Android Market is spreading malware. There are "10's of thousands of people with malware on their phone RIGHT NOW"? Says who?

It's impossible for any piece of software to install itself on an Android phone. Read that again. Impossible. The user has to accept the permissions and then initiate the installation. The permissions page lists exactly what the software will be able to do. That's not something that a programmer can fake. It's part of the operating system and there's no way around it. If you don't want apps to have access to your personal data, then don't install apps that say they are going to access your personal data. It really is that simple. No app will ever have access to your personal data unless you have explicitly given it permission to access that data.

If these companies want to market and sell "stupid protection", there would be nothing wrong with that because that's all their software does. It protects you from your own stupidity. If you don't understand what the permission mean, then why are you installing software from some goofball developer that you've never heard of?

We all understand that you're an apple fanboy who hates the fact that Android is crushing your silly, locked-down operating system, but you really need to work on your presentation a bit because you're just making yourself look like a fool.
User Rank: Apprentice
11/21/2011 | 1:37:44 PM
re: Android Security: Threat Level None?
apparently you skipped the part where the Android MarketPlace IS THE MASS BREAK out point of malware... Phones are not spreading malware from phone to phone, but the point is that the Marketplace IS SPREADING malware to phone to phone... GET IT?????

no you shouldn't trust a security vendor, but what you did was instead trust a Android vendor????

trust neither one... trust the facts...

there are 10's of thousands of people with malware on their phones RIGHT NOW....growing exponentially... not from spread form their friends, but from spread of malware from the ANDROID STORES...

literally if you plug into an Android marketplace in China or Russia, or korea you have more than a 50% chance of getting malware or a stolen product, instead of a legit app...

in the US you have somewhere close to 5% chance.. but that figure is growing exponentially....

THAT is the threat....

Android is destroying Android.... no one else.
User Rank: Apprentice
11/21/2011 | 1:57:58 AM
re: Android Security: Threat Level None?
Good article. There was an article recently in Mac Observer that also questioned some of the common assumptions about Android malware. Worth a read.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
User Rank: Apprentice
11/19/2011 | 6:10:37 PM
re: Android Security: Threat Level None?
This is a great article! Finally a journalist that is asking the right questions about mobile anti-virus. I have been very suspect to the FUD around this, if anything it is about marketing hype, people assume that since their computer needs anti-virus so do their phones and these companies are taking advantage of this. I think one of the biggest offenders is Lookout Mobile Security, who not only have scammed the public, but also investors, as they have raised close to $80 million dollars on the hype and fears of mobile anti-virus. When it comes down to it though their software has done nothing to protect their customers, it is complete BS. However, they release their pretty infographics and the media love it and fan the flames.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll