When it comes to Android vs iOS, one of the concerns is around security. Apple’s mobile OS is seen as more secure by most. Be it regular updates or security patches or Apple constantly highlighting about why they take privacy and security so seriously, iOS tends to have the upper-hand compared to Android. Plus it doesn’t help that there are so many reports highlighting serious security flaws in the dominant Google platform. But Android’s director of security Adrian Ludwig is not convinced Android has any disadvantages compared to iOS, especially on the security.
In comments made to the Vice’s Motherboard made at the O’Reilly Security Conference, Ludwig said iOS and Android are “nearly identical in terms of their platform-level capabilities,” for nearly all threat models. He also said the new Google Pixel phone is just as secure as an iPhone.
He also pointed out Google’s Android being an open platform has an advantage in the long term, which will put it in a better place in terms of security. During his talk, Ludwig also showed how Google’s ‘Safe Net’ was constantly monitoring devices and apps for malicious programs and software, and that less than 1 per cent of Android devices contain malware.
He also how highlighted how despite the Stagefright scare last year, there has been no real hack on Android exploiting this flaw. But he also admitted that a slow upgrade cycle was an issue that need fixing.
Most recently, security firm Check Point Software Technologies had highlighted a serious QuadRooter vulnerability in Android devices on Qualcomm chipsets pointing out how an attacker could gain root access to a user’s phone, or trigger privilege escalation by the use of a malicious app. The security firm had found the issue existed with Qualcomm’s software drivers that come with its chipset, and said it could only be fixed with a software patch from the carrier. According to the firm, the issue affected over 900 million Android devices.
However, Google has said in a statement it was aware of the issue, and Android phones running the latest security patch were already protected against three of the security flaws pointed out. Google also said that its Verify Apps and SafetyNet protections meant to block any such malicious application from running. The apps verification feature has been part of Google since Android 4.2 Jelly Bean and is enabled by default.
With smartphones become the prevalent mode of computing for many, privacy and security on these devices has become a matter of concern. And Android being the dominant platform needs to ensure that security flaws are minimised