You Can Download Your Android Apps From Anywhere

 

One of the good things about Android is that you don€™t need to get your apps at the Android Market. You can download them from anywhere. But that€™s also one of its weaknesses. A third-party app download site provides no assurance that its stuff was checked for malware. In fact, you should assume that it hasn€™t been. And there are a lot of download sites for Android apps, some legitimate, some not. China in particular has a vast array of app stores that are outside Google€™s protection. Considering that a lot of Android malware seems to come from China, this is unsteady ground indeed.

Likewise, Android doesn€™t have any real defenses against malware that comes in through email attachments or Websites. It€™s entirely possible to visit a rogue Web page that contains active content that can place malware on your Android device, just as it is for a Windows PC or an iPhone for that matter. Fortunately, there are solutions. Most of the major security vendors, including McAfee, Symantec and Kaspersky have security software for Android devices. You can download these from the Android Market, and one presumes they€™ve been checked for malware by Bouncer.

While it turns out that Google has actually been running Bouncer for several months, it does point out a problem that had been mostly ignored since Android first came out, which was the security of this system. It was fairly obvious from the beginning that Apple€™s AppStore had a significant security benefit, first because there€™s relatively less malware for Apple platforms, and second because Apple was checking the apps.

With Android, there was always a question. And it was enough of a question that you had to select the ability to download software from places other than the Market before you could do it by making a menu choice. By default, that ability is turned off.

So if there€™s a security problem that€™s finally being dealt with in the Android Market and that has been handled since day one by Apple, what about other platforms? Neither Research In Motion nor Microsoft has said much about the security of the products in their respective app stores. However, there is security software available for BlackBerry devices from McAfee and others. Microsoft has released a number of security updates for Windows Phone, but so far, there have been no reports of malware emerging from the Windows Phone app store.

But on a larger scale, the security issues for smartphones continue.

Google€™s announcement is only the latest news in what is becoming a steady flow of reports of vulnerabilities. And while it closes one hole through which malware can enter a phone, it doesn€™t close all of the holes. Likewise, all smartphones have vulnerabilities, and all of them are targets. The most likely reason that there don€™t seem to be any Windows Phone malware attacks is probably due more to the tiny market share than any special quality of the device.

What€™s worse is that Apple cultivated the appearance of being invulnerable to malware, and only recently allowed security software vendors to offer their products through the Apple AppStore. This belief that malware doesn€™t exist for your platform is one of the reasons why malware spreads. Users don€™t take the precautions that they€™d take if they were using their computers to visit Websites or open email attachments. Ultimately, the failure to believe in malware on your phone has its expected consequences€”malware on your phone.

To follow Wayne Rash on Twitter, click here.