Android security is still important, no matter what Google tells you
This article may contain personal views and opinion from the author.

Adrian Ludwig speaking at Black Hat USA 2015
Google is basing its claims on wildly incomplete data
But let’s start with the facts: as Ludwig claims, Stagefright has resulted in zero confirmed infections in the wild – data based on Google Play Services’ built-in malware detection. All that is good and well, except he conveniently forgets to mention the fact that Google Play is unavailable in a number of countries, most notably China, which also happens to be one of the biggest smartphone markets in the world.But never mind the Chinese – what’s important is no Americans were infected, right? Except that’s not concrete information, either: Ludwig claims no confirmed cases exist, raising the possibility that there were, or maybe even still are, probable candidates. And let’s not even begin discussing the fallibility of Google’s malware detection, which has failed a number of times in the past.
Ludwig may be technically correct, but he's still missing the point
Ludwig did have a point, however: regular users needn’t worry about being hacked by elaborate means such as exploiting Stagefright or its brethren – phishing and adware are a much more common occurence, especially in the mobile world. So the everyday consumer is much more likely to infect themselves, due to their own stupidity and/or ignorance, rather than become an unwitting target of malware.But this line of thinking is just simple misdirection: while users don’t have to worry about being hacked, the threat of hacking itself is still of great importance, and on a much larger scale to boot. As of a few years back, government officials in the United States are approved to use smartphones when handling classified data. To meet the required security standards, Android devices run specialized forks of the OS with a number of cut features, which presumably include Google Play Services. Or in other words: Google doesn’t have data on one of the biggest markets in the world and one of the most prolific targets of elaborate hacks.

The Qatari government's phishing tactics involved creating fake social media profiles
As for the obvious question this poses: “Why should I care about Qatar?”, consider this: as of March 2015, it's officially the richest country in the whole world, and is also one of the biggest players in the oil industry. It’s also run by a laughably corrupt government with no regard for human rights, a trend which seems to be getting ever so popular these days. Autocracies like these have both the desire and the resources to exploit vulnerabilities like Stagefright, and use them against their opposition. And who’s to say there isn’t a treasure trove of undiscovered bugs stashed somewhere right now, waiting to get abused?
Yet despite all that, the big G has the audacity to claim worrying about security is meaningless. Well guess what, Google, it isn’t – even just a single successful exploit at the right place and time could be disastrous to millions of people, and it’s your job to protect everyone from it. So how about instead of conducting smear campaigns against security researchers, you try not leaving gaping holes in your code instead, okay?
15 Comments
1. blingblingthing
Posts: 982; Member since: Oct 23, 2012
posted on Feb 16, 2017, 9:12 AM 0
8. Finalflash
Posts: 4063; Member since: Jul 23, 2013
posted on Feb 16, 2017, 10:19 AM 3
2. marorun
Posts: 5029; Member since: Mar 30, 2015
posted on Feb 16, 2017, 9:38 AM 1
3. marorun
Posts: 5029; Member since: Mar 30, 2015
posted on Feb 16, 2017, 9:48 AM 7
5. AmashAziz
Posts: 2934; Member since: Jun 30, 2014
posted on Feb 16, 2017, 10:03 AM 2
10. mikehunta727 unregistered
posted on Feb 16, 2017, 10:50 AM 1
12. mikehunta727 unregistered
posted on Feb 16, 2017, 10:56 AM 1
15. AlikMalix unregistered
posted on Feb 16, 2017, 2:48 PM 0
4. Panzer
Posts: 283; Member since: May 13, 2016
posted on Feb 16, 2017, 10:00 AM 1
6. AmashAziz
Posts: 2934; Member since: Jun 30, 2014
posted on Feb 16, 2017, 10:04 AM 0
11. miguente
Posts: 2; Member since: Jan 30, 2017
posted on Feb 16, 2017, 10:53 AM 7
13. FlySheikh
Posts: 444; Member since: Oct 02, 2015
posted on Feb 16, 2017, 11:53 AM 4
16. Subie
Posts: 2430; Member since: Aug 01, 2015
posted on Feb 16, 2017, 3:06 PM 0
14. RoboticEngi
Posts: 1251; Member since: Dec 03, 2014
posted on Feb 16, 2017, 12:52 PM 4
17. mikehunta727 unregistered
posted on Feb 16, 2017, 5:49 PM 1
PhoneArena Comments Rules
A discussion is a place, where people can voice their opinion, no matter if it is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please, contact us.
Comments Options
Report Post
Send a warning to post author
Send a warning to Selected user. The user has 0 warnings currently.
Ban user and delete all posts
Message to PhoneArena moderator (optional):