Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Dealing with the Android security risk
Posted on 8-Nov-2014 14:46 by Bill Bennett | Tags Filed under: Articles

BlackBerry still gets a sympathetic hearing in some quarters because it offers enterprise-grade security on its phones. Security is baked in to BlackBerry DNA. Its smartphones, operating systems and services are the safest around.

That’s important because mobile devices, especially Android smartphones, are now the biggest online security risk. A recent Symantec Cybersecurity Report found 38 percent of mobile users saw cybercrime activity in the past year.

Sadly not everyone listens to the warnings. Security barely registers on the radar with most smartphone users who seem more interested in the latest fad app. Their managers are as clueless about the risks. Like World War Two generals, most of them are still fighting the last war. In business that means putting up Maginot line defences against PC malware infections. They seem unaware Blitzkrieg is coming.

Earlier this year I interviewed Trend Micro’s Tim Falinski for NZ Business magazine. Falinski says people know there are risks with laptops and desktops. He says they “are less aware of the threats when using tablets and smartphones. These days the weakest link is not your PC or notebook”.

He says it only took six months from the total number of malware and high risk smartphone apps to climb from one to two million. Falinski says while Android devices are especially vulnerable, no brand or operating system is immune.

This is a headache for companies that let employees bring their own devices to work. Android now accounts for about 80 percent of all smartphones. It remains largely a second class citizen in the corporate world. At the moment Apple’s iOS is more widely supported inside large organisations. However, pressures are building to include Android. For the OS to take off in the corporate world, Google and the companies making Android phones need to address fragmentation and security.

There’s nothing inherently unsafe about Android. It is based on Linux, which is arguably the safest operating system.

Android’s dirty secret doesn’t lie in viruses or malware arriving through email or as a nasty payload when users illegally download media files. Falkinski says the problem comes almost entirely from downloaded apps. He says: “In the PC world, you know you can trust a program from a company like Microsoft. Things are not the same with smartphone apps. Many come from companies you have never heard of”.

Falinski says you can reduce risk by restricting app purchases to the official Google Play app store. You should be safe if you stick with the official store, but there are no guarantees.

Although Apple’s iPhone isn’t immune, it is safer. That’s because it’s harder to get dodgy apps past Apple’s locked-down iTunes store. Harder, not impossible. And Apple users are less inclined to stray off the beaten track when finding apps.

There’s a point where privacy intersects with security. Apps often ask for permission to use information such as your location. People rarely look at this and ask why an app to do something needs to know where you are. Some are ridiculously intrusive — why does the NZ Herald Windows Phone insist on knowing the user’s location?

Being able to track your movements can be a different kind of security risk. Predators could use that information to stalk people.

Google is taking Android security more seriously in the latest version: Lollipop. There is a new kernel security module: SELinux. It limits app privileges making it harder for bad apps to take control. Encryption is built-in to Android, but is largely hidden. When Lollipop arrives it will be more prominent and users will be encouraged to switch it on.

The problem, as always with Android, is upgrades are haphazard compared with other smartphone operating systems. This has been tidied up, most hardware brands say their devices will move to Lollipop soon. Most Android phones introduced since early 2013 should be able to run Lollipop.

For an individual staying safe is largely a matter of common sense. That means not downloading dubious-looking apps, getting all software from reputable sources and using all your phone’s built-in security, such as screen locking and password protection features.

There’s a whole extra layer of concern for companies wanting employees to use their own hardware for work. That’s another opportunity for BlackBerry with some wise employers giving staff locked-down phones for work and letting them do what they want with their own devices.

Filed under: News Tagged: Android, Blackberry, security, smartphones

comments powered by Disqus

Trending now »

Hot discussions in our forums right now:

iPhone 8/iPhone X, impressions?
Created by surfisup1000, last reply by danza on 23-Sep-2017 11:06 (405 replies)
Pages... 25 26 27

Driving an automatic - do you use one foot or both?
Created by geekIT, last reply by Batman on 23-Sep-2017 05:28 (135 replies)
Pages... 7 8 9

Auckland Airport fuel supply obliterated by digger
Created by Batman, last reply by k1wi on 23-Sep-2017 03:12 (220 replies)
Pages... 13 14 15

How to backup/copy an iphone app?
Created by Batman, last reply by scuwp on 19-Sep-2017 19:37 (24 replies)
Pages... 2

Mighty Ape Birthday hunt 2017
Created by ThePlague, last reply by joshhill96 on 21-Sep-2017 23:11 (22 replies)
Pages... 2

IOS 11 email client and Office 365 - heads up people
Created by gjm, last reply by mattwnz on 20-Sep-2017 17:15 (18 replies)
Pages... 2

When did we become America
Created by BTR, last reply by Fred99 on 22-Sep-2017 12:12 (66 replies)
Pages... 3 4 5

Sky blames piracy for lost customers. Sky: it's time to wake up and smell the coffee.
Created by kingdragonfly, last reply by Rikkitic on 21-Sep-2017 11:10 (482 replies)
Pages... 31 32 33