Malware on Android - a myth or real threat
0. phoneArena 05 Dec 2012, 07:21 posted on
We're hearing about this almost every day - there's malware on Android, and it's easy to get your device infected. Reports coming from security companies are painting a troubling picture - with each quarter, there are more and more Android programs designed to conquer our devices, take control, steal information or secretly dial premium numbers. The goals of the so-called malware can be most various, but one thing is common for them all - they won't do you any good. But no matter how many reports we get, we can't help but wonder how big of a threat this really is. Should we be worried about it, or should we just ignore? Before we begin our exploration through the supposedly infected lands of Android, it's always good to have a general understanding of what malware is...
This is a discussion for a news. To read the whole news, click here
69. avidb (Posts: 7; Member since: 26 Oct 2012)
whether its an issue or not, is still debatable. All that history about it is what worries.
Thats maybe where Apple succeeded, and possibly why it did with consumers worldwide.
And I'm wishing MSFT has evolved and learnt from its mistakes. we will see...
71. redmd (Posts: 884; Member since: 26 Oct 2011)
there's no malware if you just download apps from playstore. period.
74. tasior (Posts: 212; Member since: 04 Nov 2012)
As the 'user who understands what he's doing' I think that Android lacks some tools for controlling behaviour of the apps.
Hypothetical situation. I need to get an app that does something with my contacts e.g. (changes ringtones in more comfortable than default manner or saves them in a way that some other system can use it). I find third party app, that does exactly the thing I need. It wants permission to get to my phonebook, and to connect internet. It's completely reasonable. It needs internet so it shows me some commercials, so the producer can profit.
How can I know that it doesn't send my contacts to some remote server? I can't be sure of that.
Solutions are not simple but doable. First, the android lacks is sandbox - yes I know, that every app runs in a sandbox, but that is not my point. My point is the type of diagnostic sandbox. That means, I can configure how the system should behave, when app does certain things. E.g. I can tell it to warn me every time the app tries to do something that requires previously granted permission, or I can tell system to provide app with fake auto generated information about may contacts, e-mails, location(that one is actually possible), or SMS. Second - many applications want to get to internet, only to provide as with automatic google commercials. It should be completely separate permission. If the only thing the app gets, are google commercials, it shouldn't be asking to for all internet connections. That way, I know that the app can connect to internet to get commercials, but it can't send my contacts to whatever place. Moreover if first and second would be implemented, I could ask system to warn me, when app tries to connect somewhere, and not being warned every time it displays new commercial.
Obviously it wouldn't solve problem of laziness and stupidity of users, but for those who take great deal of privacy (e.g. corporations, or more advanced users), this would make system much more usable.
78. jroc74 (Posts: 4726; Member since: 30 Dec 2010)
I agree about having a way to configure it. That would be nice. Just stick it in developer or advanced options.
76. boggs2005 (Posts: 3; Member since: 15 Feb 2012)
I have a Sony Ericsson W8 Walkman an Android 2.1 Eclair (pretty outdated) and I never had any problems regarding malwares. I use this phone via Wifi/3G many times and I never had this kind of problems. This is just based on actual usage of my phone.
79. Jay..Apple4Ever (Posts: 16; Member since: 08 Dec 2012)
No myth but its not that big of a deal either. People/Companies like to make it a big deal. Excellent article.
81. seier (Posts: 3; Member since: 22 Nov 2012)
Please fix the spelling error in your article "one can't take the time to read each and ever description" to "... every description".
83. synot (Posts: 142; Member since: 14 Sep 2012)
if android is at risk then apple and microsoft should also be at risk too but it seems there are those who wants android to fall off the market to give rise to failing apple and newcomer windows 8 ... ANDROID IS HERE TO STAY............................
85. mkl4466 (Posts: 53; Member since: 25 Sep 2008)
I agree that malware on android is not a myth, but most of us aren't aware of anyone who's ever been hit by it. Just to draw a comparison, I don't know anyone personally who's ever been shot, but we hear about shootings on the news every night, so just because it hasn't happened to you or someone you know doesn't mean it doesn't happen to someone. It is also true that you are less likely to get true malware if you stay within Google play than if you go "off market", but I remember hearing that google took some apps down due to malicious nature, which means while they were available someone probably did download them and they caused enough problems that Google took them down. Its important for people to realize that there's a difference between "virus" and "malware", since malware is a much more general term. I consider any app that adds extra icons to my home screen, changes my browser home page or search provider, or send push advertisements to my notifications to be malware. Yet, many free games include these features. I'd like to see an update to android that allows a user control over these things at the system level. To me, airpush and similar advertising systems are just despicable and shouldn't be allowed on our phone. There are better ways to make money, without resorting to scumbag tactics. As for security software, the author mentioned several, and I'd like to mention one more: NQ mobile security. It not only protects against malware, which some readers may be dubious of, but it shows you at a glance what apps have access to what pieces of information, and which apps are using data. Not only is information privacy a concern, but with unlimited data going away, it is very beneficial for phone users to have easy ways to see which apps are using data. Someone will say these features are built into ICS and jellybean, but there are many devices out there which have not yet and may never get an ICS update, so its good to know that there's an app that provides the same information. I also think its worth pointing out that the remote locate/lock/wipe capability included with some security programs is a good enough reason to have them on your phone in case it is lost or stolen, even if you don't think you'll ever get any malware on your phone. I've been selling and using android devices for about 4 years now, since the Tmobile G1, and I've rooted, rom'd, and messed with many phones and a few tablets, and I've never contracted any malware (other than push ads, but I always install airblocker and adfree on my phones), but I'm not naive enough to think that just because it hasn't happened to me yet doesn't mean it never will. There will always be someone out there with more smarts and bad intentions, so we've got to be careful about what we do with our mobile devices and our personal information.