Android security is still important, no matter what Google tells you
15
This article may contain personal views and opinion from the author.

Adrian Ludwig speaking at Black Hat USA 2015
Well yes, they absolutely are.
Google is basing its claims on wildly incomplete data
But let’s start with the facts: as Ludwig claims, Stagefright has resulted in zero confirmed infections in the wild – data based on Google Play Services’ built-in malware detection. All that is good and well, except he conveniently forgets to mention the fact that Google Play is unavailable in a number of countries, most notably China, which also happens to be one of the biggest smartphone markets in the world.So his claim that no Stagefright exploits exist is based on wildly incomplete data, which also just so happens to fit a “pattern” he noticed – this is military-grade disinformation at its best, and it coming from the head of security for the most widely used mobile OS in the world is downright scary.
But never mind the Chinese – what’s important is no Americans were infected, right? Except that’s not concrete information, either: Ludwig claims no confirmed cases exist, raising the possibility that there were, or maybe even still are, probable candidates. And let’s not even begin discussing the fallibility of Google’s malware detection, which has failed a numberof timesin the past.
Ludwig may be technically correct, but he's still missing the point
Ludwig did have a point, however: regular users needn’t worry about being hacked by elaborate means such as exploiting Stagefright or its brethren – phishing and adware are a much more common occurence, especially in the mobile world. So the everyday consumer is much more likely to infect themselves, due to their own stupidity and/or ignorance, rather than become an unwitting target of malware.
The Qatari government's phishing tactics involved creating fake social media profiles
Yet despite all that, the big G has the audacity to claim worrying about security is meaningless. Well guess what, Google, it isn’t – even just a single successful exploit at the right place and time could be disastrous to millions of people, and it’s your job to protect everyone from it. So how about instead of conducting smear campaigns against security researchers, you try not leaving gaping holes in your code instead, okay?
Things that are NOT allowed: