From the Android Forums: Android security
Twinmomma416 asks in the Android Central forums,
Android and app security. The two seem to get mentioned together anytime you read a title somewhere. They are a combination of terms that brings web traffic, and it's always easy to drive fans from both side into a tizzy. Let's cut the hyperbole and talk "real" for a minute or two, after the break.
(Have a question you need answered? (Preferably about Android, but we're flexible.) Hit up our Contact Page to get in touch!)
Yes, there is malware that can affect Android phones. There's also malware that affects iPhones, BlackBerries, Windows Phones, your Mac, and even Unix-based industrial machines that control things like dams and nuclear power plants. If you can write and install software on it, there's malware for it. People sticking their head in the sand and saying otherwise are doing a huge disservice to the folks listening to them.
There are two issues at play -- one is the definition of malware, the other is the ease of installing it. We'll tackle the definition first.
Programs that track you and display ads, after telling you they will track you and display ads, are not malware.
Yes, having your browsing habits sent to some server in the Ukraine sucks, but if you knew ahead of time and installed it anyway, it's not malware. It's just easy to call it as such because it's a hot topic and we're pissed off when we see it in action. Most times you'll see this done by folks who have a genuine interest in furthering the idea that Android is rampant with malware. Scaring people has been a lucrative business since the Middle ages. I'll let you in on an industry secret -- all of us who write words on the Internet are just regular people, and that means that some of us will do or say things to get a reaction. We know how to manipulate the group thinking process, because we're exposed to it daily. Always think critically about anything you read or hear.
Get the top Black Friday deals right in your inbox: Sign up now!
Receive the hottest deals and product recommendations alongside the biggest tech news from the Android Central team straight to your inbox!
The other issue is that legitimate malware is super easy to install on Android. A simple tap will allow you to install applications from any source, with no jailbreaking or developer accounts needed. The vast majority of malicious applications come from third-party sites who offer applications that have been injected with other code. Sometimes the lure of getting pirated apps for free is too strong for some folks to resist, other times it's because an application isn't available through official channels, but there are a lot of folks sideloading apps to their Android devices. These apps haven't been scanned by Google's Bouncer process that scans every application for malicious code.
So what do we do about it? First off, always read application permissions before you install an app. If you don't, there is only one person to blame when things go bad. I can write an app that steals your address book and posts it to Twitter, but I have to tell you I'm going to be digging in your address book and accessing your other accounts to deliver it. Be critical, and anything you don't understand when installing an app is something you need to be asking about. That's the whole reason Google presents us with the app permissions in the first place.
Next, be mindful of where you get your apps. If you're not computer-savvy, only install apps from Google Play. The few times "malware" has been spotted in the Play store is has been quickly removed and addressed, just like it's done in Apple's appstore. Chances are you'll never see it, let alone download it. If you do use other sources to sideload apps, read the previous paragraph again. Then read it twice.
It's foolish to think that there isn't a need for diligence on any computing platform. A quick Google search will show you how claims of a platform being "malware-free" have been debunked time and time again. Use the tools Google gives us, and a bit of old fashioned common sense, and you'll be just fine.
Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Threads.