A daily digest of IT news, curated from blogs, forums and news sites around the web each morning. We highlight the key commentary and demystify the real story.
Is Andoid plagued by malware? Has there really been an 'exponential' growth in Android viruses, Trojans, and other malicious apps? In IT Blogwatch, bloggers ponder the FUD.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Brains Matter: Zombies in Contemporary Culture...
Gregg Keizer reports:
According to Juniper's research, the number of Android malware samples...[including] variant[s]...increased by 472% since July 2011. The bulk of that growth occurred in September and October. ... The prime threat remains purposefully-malicious Android apps...crafted by criminals...then planted in either Google's official Android Market or in one of the scores of alternate download sites.
...
Google doesn't control what apps can be installed on an Android mobile device, as Apple does. ... Nor does Google vet apps submitted to the Android Market. ... At least three different waves of malware...were removed by Google only after they had been downloaded by an unknown number of users. ... Far more attack apps have appeared in Chinese app stores.
John Leyden adds:
Juniper...is also seeing a growth in the sophistication of [Android] malware. ... One increasingly popular tactic is establishing a backdoor...that can later be used to push secondary infectors or updates.
...
Talk of exponential malware growth is alarming...but needs to be put into context: [it] started from a low base dwarfed...by the quantity of windows malware. ... Famed researcher Charlie Miller managed to get a malicious application into Apple's App Store, so [iOS] is not immune to problems.
Juniper's anonymous blog-toilers blog thuswise:
So who is writing these apps? ... [T]he same actors who originally wrote malicious code for...Symbian and...Windows Mobile. They shifted to Android given it gains significant market share. ... Statistically, this amounts to month-to-month sample collections on those platforms of 6%, 4%, 1.4%, and 0.93% for August, September, October and November.
...
[Is] Apples iOS...more...secure than Android? Maybe, but its not necessarily because of the security [of] the platforms themselves. The main reason...is because of different approaches that Apple and Google take to police their application stores. ... There is still no upfront review process in the official Android Market.
But Brad Hutchings pours scorn on the premise:
Apple has pretty much been conducting security theater with its heavily curated approach.
...
[On] the continuum from wide open desktop execution to...the iOS execution model...running Java byte code in Dalvik is 98+% toward the latter.
...
Apple seem[s] to be guided by keeping its 30% rather than actually making...products that suited most segments of the market. ... The latest evidence, BTW, is the success of Financial Times HTML delivery for its content.
Meanwhile, your humble blogwatcher destroys the idea:
"472% increase." ... Can that really be true?
...
The vast majority of these malicious apps can be found at the...[same] shady locations...where we saw previous infestations of Symbian and Windows Mobile malware. Back in the day, these also caused...concern. However, those worries were full of sound and fury, signifying nothing.
...
Android users are [not] four or five times more likely to infect their phones than they were a few months ago. ... [They don't] seek out apps from shady, no-name app stores. Neither do they delve into scarily-named settings menus, uncheck the box that restricts their phone to the Android Market, and ignore the dire warning.
...
Basically, this statistic is, if not a damn lie, then at least extremely carefully worded to imply that the Android Market is riddled with malware, while not actually saying so. ... It's just the latest scare by an Android AV vendor. ... Don't be fooled.
