Canadian TV, Computing and Home Theatre Forums banner

1 - 9 of 9 Posts

·
Registered
Joined
·
3,022 Posts
Discussion Starter #1
Given that this is on a Chinese app store, it might not affect many North American users, but it does illustrate just how lax Google's security efforts are...here's a quote from one of Sophos' principal virus researcher:

Personally, I think that the ability to install non-market applications and ability to create third party application markets was a mistake for Google's Android team from the security point of view. This path is leading us to Windows-like threat levels.
 

·
Super Moderator
Joined
·
3,996 Posts
This has nothing to do with Google's security efforts, they don't control third party app stores.

Being able to install non-market apps is one of the best things about Android, and a large part of why the Android dev community is so successful.
 

·
Registered
Joined
·
3,022 Posts
Discussion Starter #3
My point exactly...they have little to no proactive security efforts.

..and I side with the quoted security expert. I think this one of the biggest threats to Androids success.
 

·
Registered
Joined
·
91 Posts
This has nothing to do with Google's security efforts, they don't control third party app stores.

Being able to install non-market apps is one of the best things about Android, and a large part of why the Android dev community is so successful.
Agreed. Controlled or locked out dictator type environments are no fun for anyone....except Apple users.
 

·
Super Moderator
Joined
·
3,996 Posts
That's not fair to Apple. I believe RIM and WP7 devices are the same wa. Apple may have made it popular, but they're not the only ones doing it.

My point exactly...they have little to no proactive security efforts.
What would you have them do about it? They can't stop third party markets and they can't control the content there. Just like there's nothing Apple can do if iPhone users download a malicious app via Cydia, there's nothing Google can do about third party app stores, and they shouldn't be expected to do so.
 

·
Registered
Joined
·
3,022 Posts
Discussion Starter #6
Well, IMHO, there is something that can be done, and should be done.

I'm not advocating for a heavy-handed approach like Apple where content is moderated and apps seen as a threat to their revenue model and/or user experience are banned, but I see the mobile space as far more dangerous for malicious malware....900 numbers, premium SMS, low-cap data overage charges, carrier billing and location-tracking make security far more critical than a PC and I believe that a callous disregard for this on Androids part will be a serious misstep....especially if Apple's overzealous approach successfully filters out the bad stuff.
 

·
Registered
Joined
·
4,190 Posts
The problem is, for each person that wants an open marketplace, another one wants a closed one.

As a good example of this, one needs only to look south of the border at AT&T's various Android phones. They are typically only allowed to install apps from the Android market and lots of people complain about it.

IMO the best solution is one of choice. If you want to lock Android devices to the official marketplace, allow users the choice to disable this and install unsigned apps at their own risk.

The bottom line is that you can't please everyone no matter which approach you take. That's the benefit of having choices though: people are free to choose the device and platform that works for them.
 

·
Super Moderator
Joined
·
3,996 Posts
Well, IMHO, there is something that can be done, and should be done.

I'm not advocating for a heavy-handed approach like Apple where content is moderated and apps seen as a threat to their revenue model and/or user experience are banned, but I see the mobile space as far more dangerous for malicious malware....900 numbers, premium SMS, low-cap data overage charges, carrier billing and location-tracking make security far more critical than a PC and I believe that a callous disregard for this on Androids part will be a serious misstep....especially if Apple's overzealous approach successfully filters out the bad stuff.
That didn't really answer the question. They can police their own market as hard as they want, but how exactly would you suggest they police a third-party market (the subject of the article)?

It's too late to restrict phones from accessing non-market apps. But why is Google responsible for people downloading malicious apps from third party markets? These are not apps using exploits, these are apps which are built to do these things but people unwittingly install them anyway.
 

·
Registered
Joined
·
3,022 Posts
Discussion Starter #9
Maybe I'm not making my ultimate point very clearly, so let me and try to get straight to it:

I'm not trying to suggest how Android should implement a better security model, rather I'm putting forward a view that it's the right business decision to opt for one. From a customer's perspective, security is more important than it was in the PC-era for all the reasons in my prior post. I don't believe 99% of buyers know the difference between Androids market and RIM/Apple except for the number of apps in each. They do however, have strong feelings about security.

Although Android is enjoying great commercial success today, they aren't a runaway market leader like Windows was in the last era. Android cannot afford to have a security reputation like Windows because it's a three way dead heat between Android, RIM and iOS and people have viable choices. I often wonder if this isn't the main reason that Windows Mobile has less than 3% share today and even shrinkng since WP7 launched almost six months ago?

And my ultimate point, Android's growing a reputation for having the poorest security model of all. I believe that will ultimately cost them their current leading position because they have valued an open architecture over a more secure one. At the end of the day, consumers and enterprises will choose a more secure platform over an open app market if Android continues to get a "Windows" reputation for security.

So that's my argument...security is a big market driver for Android market sensitivity. I want Android to succeed...my iOS products are far better today because of Android's competitive innovation. Likewise, Android users have a better experience because iOS has raised the bar for them. I just happen to believe this might be a critical barrier to their success.
 
1 - 9 of 9 Posts
Top