In the era of the personal computer, Apple Inc.’s machines were often less vulnerable to security threats than the alternatives. That may also be the case with the rise of smart phones.
Google Inc.’s Android operating system for mobile devices has had an almost sixfold increase in threats such as spyware and viruses since July, according to Juniper Networks Inc. That may increase the perception that Apple devices are safer than smart phones and tablets that run on Android, said Juniper.
“You’re not going to see nearly the number of infections on Apple as you see on Android,” said Dan Hoffman, who leads a team tracking mobile threats for Juniper, based in Sunnyvale.
Most of the growth in Android threats comes from applications, or apps, available from sites not associated with Google’s Android Market, according to data Juniper collected. Apple doesn’t face the same issue because iPhone and iPad owners can get applications only from Apple’s App Store, which is controlled by the company.
“The open nature of the Android system makes it more susceptible to attack,” Hoffman said. “If it’s on a third-party site, Google can’t remove it.”
Making malware is easier with Android software because the applications aren’t checked, the source code is open and the apps can be sold on external sites, Hoffman said. Android is free and available for download by anyone, while Apple screens each application added to its store.
With Android growing faster than Apple’s system, it appeals to hackers seeking greater reach, he said. Of the thousands of infected Android apps, 55 percent contain spyware, which can gather data from phone use.
Google, based in Mountain View, and Apple, in Cupertino, are vying for control of a smart phone market as computing evolves from desktop machines to mobile devices. While Apple has championed a closed system in which it makes its own hardware and doesn’t share its operating system, Google has opted for an open approach, allowing companies such as Samsung Electronics Co. and Motorola Mobility Holdings Inc. to use Android in phones and tablets for free.
Hoffman said the 472 percent jump in application viruses since July stems from Android users’ ability to buy apps online at third-party sites like mmoovv.com and samsunggalaxy-s.ru that can contain malicious applications alongside legitimate ones.
Android users may be drawn to the sites to find cheaper versions of programs, or because the Android Market isn’t available in some places, such as China. On a third-party site, it’s possible to find an infected “Angry Birds” game uploaded right next to a legitimate one, said Danielle Hamel, a Juniper spokeswoman.
Spyware threats are increasingly coming from pirated versions of popular apps, Hoffman said. While the apps are designed to look and work like something legitimate already on the market, they contain viruses that can grab users’ private data or communicate with other parts of the phone.
The relative youth of the mobile-application market allows programmers to exploit weaknesses in an open-source model and once developers for Android discover all potential threats, it might become more secure than a closed operating system over time, said Edward Amoroso, chief security officer for ATT Inc.
“An open model tends to allow a flurry of vulnerabilities, very quickly, that tend to stop being a problem as more people find them,” Amoroso said. “A closed system will have longer, more sustained, but more predictable and controllable set of vulnerabilities.”
This article appeared on page D – 5 of the San Francisco Chronicle
Article source: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/11/16/BUJO1LVDL2.DTL
View full post on National Cyber Security » Spyware/ Cyber Snooping
