Security is a crucial fact on mobile operation systems. Everybody knows that common pc-operation systems are a great market for antivirus, antimalware, firewalls, antiphishing etc. (antivirus hit count at Google search 63.500.000 @ August 2010!). But what about mobile phones?
Taking myself as an example, I have a lot of private messages, all my contacts, and personal notes on my handset. Some of them for example my contacts, are synchronized with Gmail, a fact that is on one hand great, because all my contacts are save and feel cosy on the cloud, but on the other handy these contact data do not belong to me anymore because there are on a Google server somewhere (maybe offshore in the future) and so propartie of Google.
But my data is save on an empty handset (at least I think so) but what if I install hundreds of various apps, each from another developer with different kinds of interest and intents. Well here comes Androids security system into play, when a developer for example wants to open a http socket it has to get a internet permission from the system, by adding these to the app Manifest.xml
<uses-permission android:name="android.permission.INTERNET"/>
Now the developer has access to the internet, but what is he sending stays behind iron curtains. And here lies the fundamental problem within Androids security model.
Recently I have found a report made by SMobile systems from June 22, 2010. Citation from the report: “To date, metadata collection has netted information from 48,694 applications in the Android market, roughly 68% of all applications that are available for download. […] Further analysis indicates that of the 68% of the Market applications that have been queried, 20,786 of those applications would be considered to be suspicious because they request two or more of the permissions that would grant access to personal information or services that could be used incorrectly.”
Furthermore the report shows the distribution of notable permissions requested against apps relative app counts
In conclusion it is worth mentioning that there are users who are mindful and think twice before the install an app with a handful of permissions, but also there is a not negligible amount of users who install first and hopefully think afterwards what they really installed
Appendix:
Also check out
Keine Kommentare:
Kommentar veröffentlichen