What Device Makers, Carriers, Users Can Do to Bolster Android Security

 
 
By Don Reisinger  |  Posted 2015-07-29
 
 
 
 
 
 
 
 
 
  • Previous
    What Device Makers, Carriers, Users Can Do to Bolster Android Security
    Next

    What Device Makers, Carriers, Users Can Do to Bolster Android Security

    While security issues dog Android, it may be safer than you think. Here's a look at the current state of Android security and how it may impact Android users.
  • Previous
    Google Actively Patches Flaws It Finds
    Next

    Google Actively Patches Flaws It Finds

    While Android is not the most secure operating system in the world, Google actively works at improving Android security. The company has a team dedicated to finding flaws in its operating system and, with each new version, Google patches those holes. Patching security holes is a constant worry for all software developers and the organizations that use a wide range of software products.
  • Previous
    Google Has a Bounty Program That Works
    Next

    Google Has a Bounty Program That Works

    Google has a bounty program that rewards researchers for findings flaws in Android. Better yet, the program actually works. Since its inception, researchers have found a wide range of flaws that affect Android, and Google has passed out cash to reward those who found them. Using cash to fight back against malware is actually a useful tool in addressing malware problems on Android.
  • Previous
    Google Doesn't Have Full Control Over Software Updates
    Next

    Google Doesn't Have Full Control Over Software Updates

    Although it's been easy for people to blame Google for Android woes in the past, the truth is the search giant has little to do with actually fixing issues. While Google may release a patch, it's up to the company's "partners"—mobile device makers and carriers—to actually deploy the software to affected devices. That means that the majority of patches never reach user devices.
  • Previous
    The Onus Falls on Vendors to Patch Their Products
    Next

    The Onus Falls on Vendors to Patch Their Products

    The real blame for malware in Android might be better placed on vendors that don't do enough to actually support their devices. After a product is sold, as few as 20 percent of those products are actually updated with the latest security patches, even if a zero-day vulnerability is discovered. Android vendors are worried more about device sales than maintaining their security after the sale.
  • Previous
    Carriers' Product Support Also Falls Short
    Next

    Carriers' Product Support Also Falls Short

    Carriers are equally to blame because they don't reliably update the devices that run on their networks. Google pushes security updates to wireless carriers but relies on them to actually release those updates to users. In some cases, the carriers respond but in others they don't. It's out of Google's hands at that point and, in far too many cases, carriers don't do what they should to update products.
  • Previous
    Malware Issues Aren't as Bad as You Think
    Next

    Malware Issues Aren't as Bad as You Think

    While Android gets a bad rap as the target for 99 percent of all mobile malware, it's not actually affecting that many users. In fact, in April, Google released a report that showed that just 1 percent of Android devices in the wild were actually running malicious code. So, while the amount of Android malware circulating in the wild may be increasing, it appears that it's not affecting that many devices so far.
  • Previous
    Fragmentation Rears Its Ugly Head
    Next

    Fragmentation Rears Its Ugly Head

    Arguably the biggest issue affecting malware in the Android ecosystem is operating system fragmentation. Mobile devices run a variety of outdated versions of Google's operating system, leaving them vulnerable to malware that exploits flaws that have been fixed in later editions of the platform. Fragmentation has been a problem with Android since Google released the first Android update. It's an issue that Google, device makers and carriers will have to eventually solve if they want to get serious about suppressing malware and security holes in Android.
  • Previous
    Most Malware Requires User Mistakes
    Next

    Most Malware Requires User Mistakes

    Although the latest-reported Stagefright flaw doesn't fit the mold, the vast majority of malware that impacts Android devices actually requires user input of some sort. In other words, users would need to open a link, see a text message or interact with malicious code in some way for it to deliver its payload. It's important to remember that while Android malware is prevalent, in the vast majority of cases, users have to be duped into installing the malware.
  • Previous
    Android Users Should Download Vetted Apps From Google Play
    Next

    Android Users Should Download Vetted Apps From Google Play

    The easiest way for a malicious hacker to deliver a malware payload to an Android user is through an app. However, Google has done a much better job in the past year analyzing apps and rejecting suspected malware. The biggest app threats tend to come from third-party Android app stores where reviews are not necessarily as rigorous. Hackers also tend to take advantage of unsuspecting victims by using phishing attacks. Keeping app downloads to Google Play and remaining vigilant about phishing attacks will safeguard users from the vast majority of Android malware.
  • Previous
    Informed Users Are the Best Defense Against Malware
    Next

    Informed Users Are the Best Defense Against Malware

    User education is essential when it comes to security of any kind of connected device, let alone Android security. Users should learn what they need to do to update their software or find the latest patches. Those who know what to do are able to dodge malware attacks. Having simple knowledge of what to look for is the first step in securing an Android device or any other product that is subject to security vulnerabilities.
 

Android security has long concerned many mobile device users around the world, but a new flaw that takes advantage of the way Android handles media conversion through the Stagefright media library is one of the most serious security vulnerabilities to come to light on mobile operating systems. Researchers at security firm Zimperium estimate that 95 percent of all Android devices in the wild—possibly more than 1 billion products in all—are vulnerable to the flaw. What's worse, the issue won't be so easily fixed, calling into question the safety and security of Android in general. Of course, Google has dealt with such concerns before, and they haven't reduced the operating system's popularity so far. But this slide show will look at the various security issues that dog Android and discuss how they potentially affect mobile device users. While cyber-criminals and hackers are always ready to take advantage of software flaws in Android, the platform might be safer than you think. Read on to learn more about the current state of Android security and how it may impact individual Android users as well as corporate users in coming years.

 
 
 
 
 
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel