Security Experts Concerned About Google's Attitude Toward Android Malware
Antivirus experts disagree with Chris DiBona, Google's open-source programs manager, who recently said that there is no virus problem on the Android platform and that companies selling anti-malware software for mobile operating systems are charlatans.
"Yes, virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS," DiBona said in a post on Google+. "They are charlatans and scammers. If you work for a company selling virus protection for Android, RIM or IOS you should be ashamed of yourself," he added.
According to DiBona, none of the major smartphone operating systems has a virus problem that is similar to what the Windows and Mac ecosystems experience.
The open-source advocate, who manages Google's developer outreach programs and oversees the company's license compliance practices, dismissed the Android threats reported by the security industry until now as little things that didn't get very far because of the platform's sandbox model and other architectural features.
Security experts disagree with this assessment and point out that the levels of Android malware have registered a huge increase this year.
"Today malware for Android devices is one of the biggest issues in [the] mobile malware area," said Denis Maslennikov, a senior malware analyst at Kaspersky Lab, in an email interview. "The growth of numbers of malware for Android is significant in [the] last 5 months. In June we've discovered 112 modifications of Android malware, in July - 212; August - 161; 559 in September; 808 in October," he added.
A similar trend was observed by other antivirus vendors, with Trend Micro reporting a 1410 percent increase in the number of Android threats from January to July 2011. "The more important figure is not the total number of malware, but the rate of increase of that malware quarter on quarter and year on year. That demonstrates current, active and sustained criminal interest in the mobile platform," said Rik Ferguson, the company's director of security research and communication.
The majority of Android malware threats consist of Trojans, not traditional self-replicating viruses or worms. However, these can be just as damaging if not even more so, the security experts said.
"It depends on your definition of damaging. Is it recording and uploading voice conversations to a remote server, is it stealing email and text message histories, or is it running up huge bills through premium-rate text and voice scams? I guess it all depends on the point of view of the victim and the fallout of infection," Ferguson said.
However, the security issues on the Android platform are not limited to malware alone. Like any computer users who access email, websites and other common services, smartphone owners are vulnerable to platform-independent threats like phishing or advance-fee scams.
"What he [DiBona] is missing is that mobile security tools (like ours) do much more than just antivirus. antitheft, remote lock, backup, parental control, Web filter -- these features are the main reason why people buy mobile security products. They get antivirus as a bonus," said Mikko Hypponen, the chief research officer at antivirus firm F-Secure.
DiBona acknowledged that there are some cases where security software is beneficial, like for enforcing certain corporate policies on business devices.
However, he strongly believes that these should be sold independently. "Marketers in companies that sell such things sometimes tack on 'virus' protection. That part is a lie, tell your vendor to cut it out," DiBona said.
"Well I guess that's one way to make a platform appear malware free," replied Trend Micro's Ferguson in a blog post. "Am I ashamed of myself? Not at all. I'd prefer to offer protection against a growing threat to personal and business security than to bury my head in the sand and defend my stance with wild accusation," the antivirus expert added.
Most malware researchers agree that the openness of the Android platform, which allows installing non-vetted apps, and more importantly the openness of the Android market, which lacks a strict application review process, contribute to its malware problem.
"The most important step that Google may take in order to make Android more secure is tighten application review policies in order to prevent malware appearing in the Android Market," said Kaspersky's Maslennikov. The expert pointed out that Trojans were found in the official Android Market on multiple occasions and sometimes they stayed there for weeks or months before being detected.
"We have learned that relying on the users to follow best practices doesn't really work," said Ondrej Vlcek, the chief technology officer at AVAST Software. "For computer experts, the threat may not be too high at the moment, but for the majority of people, the threat is real," he added.