Amazingly accurate and unbiased article.

Story: How Secure Is Android, Really?Total Replies: 2
Author Content
CFWhitman

Oct 17, 2013
9:41 AM EDT
This is an amazingly accurate and unbiased explanation of Android security and malware. Having said that, it's really pretty sad that an accurate and unbiased article on the subject should be worthy of amazement.
Bob_Robertson

Oct 17, 2013
12:45 PM EDT
Good sir, "an accurate and unbiased article" on ANY subject is worthy of amazement!
penguinist

Oct 17, 2013
1:09 PM EDT
This article, like most others on mobile security, misses the main point.

The author places the blame for mobile security on the user, with the admonition to watch what you install. On the surface, this seems like good advice because who wants an app on their phone that collects our private data and sends it home.

The fallacy of this, however, is that the Android user and even to a greater extent the iProduct user, has no good way to verify the integrity of the app they are about to install.

What Google missed is what open source has enjoyed for decades: peer- reviewed software.

My Linux systems are verifiably secure because the repositories contain both installable binaries as well as their corresponding sources. If a developer has the integrity to open their sources for a public review, then that developer is very unlikely to embed harmful code in their app.

Unfortunately, Google didn't get this. Their Play store is a blind repository, containing binary installations only. There is no system for users to filter open software from closed software, and so the poor users must rely on nebulous advice like "read reviews", and "use trusted sources" (whatever that means in a closed-source context). So, the end result is that Android users are no better off than Windows users. Both groups install apps in the blind with no way for a community to verify the app's integrity.

Kudos to Google for giving us an open-source operating system. Now, take that principle to the next step and provide an open-source repository for those developers with the integrity to use it.

Google could choose to fix this. It's not too late.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!