NEWS
NEWS
NEWS
New Android Security Report finds decreasing number of infected devices, apps
Google, Inc. has released its second annual Android Security Report, revealing that although there are compromised Android devices out there, the number is not only small, but decreasing.
The report details that Google now scans a remarkable 6 billion installed applications per day for malware and other potentially harmful apps, and protects users from network-based and on-device threats by scanning 400 million devices per day.
While those numbers are focused on Google protecting devices from harmful apps post them being install, the company is also focused on making it more difficult for unsafe apps to be made available on the Google Play Store to begin with.
In terms of nefarious apps, the numbers sneaking into the Play Store to begin with are down year-on-year, with data collection apps decreasing by over 40 percent to 0.08 percent of installs, spyware infected apps decreased 60 percent to 0.02 percent of installs, while apps infected with a hostile downloader decreased 50 percent to 0.01 percent of installs.
The total figures come out at potentially harmful apps being installed on fewer than 0.15 percent of devices that only get apps from Google Play; that said the figure increases for Android devices that install apps from third-party app stores or sites directly, although in the scheme of things it’s still not a huge number: a 0.5 percent infected rate.
Unpatched devices
Although the aforementioned numbers are great for Google, the report also highlights the biggest flaw in the Android ecosystem, and that’s the broken upgrade path, where upgrades don’t come from Google itself (except for Google Nexus devices) but instead rely on the manufacturer of the phone or the telco an Android owner is using.
29 per cent of mobiles and tablets running Android were found to be running out-of-date code, or putting it another way only 71 percent were running Android 4.4.4 or better.
As The Register points out, that means that based on there being 1.4 billion Android devices in use, 400 million Android devices are vulnerable to being attacked.
Google has still done nothing to fix Android’s broken upgrade model and even Android’s latest incarnation, Marshmallow 6.0, still relies on handset manufacturers and/or service providers to push a security update out over the air; yes, there are logistical problems as Android itself needs to be customized for a particular device, but surely there should be some way to separate the parts of Android needs for the specific device versus the parts that are required for security.
A full copy of the report can be downloaded here (pdf).
Image credit: uncalno/Flickr/CC by 2.0
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
