Android malware protection: a guide for the paranoid
Having an open operating system is cool - this allows us to tweak it any way we want, customize it, install software that lets us do things that we can't do on other platforms, but all of this openness has its downsides as well. For example, there is no app review processes whatsoever before an app gets uploaded to the Google Play store. This means that a developer can concoct a malicious app, and then very easily make it available to the millions of Android users around the world. Another example is the fact that there are a lot of parties involved with the platform's development. Carriers, for instance, very often have control over what software updates are pushed to devices and when. As a result of this, many phones and tablets are left running dated software with built-in security flaws or weaknesses. Ultimately, what this all means is that with Android, we get a flexible OS with great possibilities, but also an OS that's highly-vulnerable to attacks. Google recently incorporated a new Google Bouncer technology into Google Play, designed to stop malicious apps from popping up in the store, but devs have already found ways of counteracting this. For example, an app may seem perfectly clean, but once it's installed onto a device, it may trigger the download of its dangerous part.
Now let's spend a few moments to discuss the possible ways that malicious software may exploit your infected handset. Of course, almost anything is possible, but among the most popular ones are sending messages to premium phone numbers, stealing personal data that might be on your phone, execution of different commands remotely like full data wipe, for example. Obviously, one can run into quite a bit of trouble, should their Android phone get infected.
As we said in the beginning, the number of apps carrying some malicious code is still quite low, but the forecasts are not good, as they are predicting a growing interest in development of Android malware, probably due to the system's ever-increasing popularity (and open nature). That's why we decided to come up with a small guide for those of you worried about the security of their mobile device.
Android malware protection: a guide for the paranoid
1. Checking permissions
2. Install from Google Play
3. Always update your software
4. Consider installing an anti-malware app
5. Don't store account passwords
Of course, nothing can fully guarantee that you'll never fall victim to malware software, but we believe that in case you follow these basic rules, the chances of you getting some of these nasty pieces of malicious code on your device will be minimized. Now, tell us - are you worried about the security of the data on your mobile devices?
1. arcq12 (Posts: 733; Member since: 13 Oct 2011)
and who's that douchebag who said that anti-virus developers should be ashamed of themselves?!?
2. G8_sy_ (Posts: 2; Member since: 31 Jan 2012)
It's already started... I work at an authorized SPRINT repair and retail. Within the past 2 weeks we have had an increase of people with infected phones. 12 total people by my count. It's not a huge number compared to the volume of service we do however, it is a huge increase over the very few we have seen previously.
6. atheisticemetic (Posts: 377; Member since: 18 Dec 2011)
and as a rep you can teach them some form of common sense. If they come in once for the problem, educate them to not have that problem again.
12. Adianshadows (Posts: 66; Member since: 22 Nov 2011)
as a premium retailer rep for VZW for 2-3 years now i have yet to see anyone come in with malware on their phones, i have however had a couple of sprint customers who were porting in and their phone had malware on it...
3. Evil_SaNz (Posts: 258; Member since: 20 Oct 2011)
I never understood this: everyone says iOS is immune, but still I see jailbreaks. Jailbreak is an evident exploit of Apple's ecosystem and the threshold from being friendly or being malware is really thin. Everyone is 100% sure that all repositories are from friendly hackers? I'm not.
11. Ray.S (Posts: 264; Member since: 19 Jul 2011)
Yes, but jailbreaking is still a relatively complex process that most of the users either aren't aware of, or aren't interested in. And as long as they remain genuine, there's nothing to worry about. On Android, however, the system security can be compromised even if you aren't jailbroken/rooted, which makes it so much more vulnerable.
14. Stuntman (Posts: 788; Member since: 01 Aug 2011)
Even without jailbreaking, a developer has proven that malware can get onto iOS devices.
15. atheisticemetic (Posts: 377; Member since: 18 Dec 2011)
If they only download apps that are google sponsored (navigation, maps, google search bar) they have no security risk either. A lot of customers dont even know what apps to download.
If i root my phone i havent added any security threat that I didnt have before rooting. In fact giving myself admin rights to my phone I get to choose what I give permissions to my phone.
Jailbreaking an Iphone is easy now...it didnt used to be
5. atheisticemetic (Posts: 377; Member since: 18 Dec 2011)
simple solution: dont be an idiot and you dont get malware
i hate how this gives Android a bad name because people are too stupid to do research on the apps they download. If you dont know what you're doing, dont bitch when something wrong happens to the phone. lmgtfy.com much? it isnt hard to do research on an app before you download it. Common sense cant hurt either; if Angry Birds required my GPS location to play the game, do you think you should download it?
Also this article is partially falsified because there is the Google bouncer. The problem is for the apps that are existing that may contain malware that have not been scanned. This will be a temporary problem however...
"Now, tell us - are you worried about the security of the data on your mobile devices?"
No...the government choose Android over apple, so I ask in return "If the gov't isnt concerned, then why should any intelligent human being?"
There's more security hazard in a jailbroken Iphone than an open source Android
Very informative article Ray, but extremely misleading...
7. rallyguy (Posts: 579; Member since: 13 Mar 2012)
I agree. This article is not entirely accureate. Google does random scans of apps in the Market or "Play".
21. Leo_MC (Posts: 603; Member since: 02 Dec 2011)
Please give me an infected app!!! Where on earth are those "vicious" malware?!
27. kangaskhan9 (Posts: 1; Member since: 13 Mar 2012)
Hah everyone, I have a Palm phone! Nobody would bother to target these! Therefore its obviously better than the iPhone and Androids and everyone who doesn't have one must be an idiot. /sarcasm
There's a will, there's a way. Everything can be targeted. iOS can get it, Android can get it.
(ironically, jailbroken devices can be more secure than non-jb sometimes. e.g. changed root pw, etc. but that really depends on a lot, like everything else)
34. frydaexiii (Posts: 1239; Member since: 01 Dec 2011)
If you're paranoid about getting viruses on your droid, you're probably too dumb to be holding one, switch to iOS please, no one wants your whiny dumb rants about viruses here.