Android is more secure than the iPhone, says Eric Schmidt

Executive chairman and former CEO of Google, Eric Schmidt, has claimed that Android is more secure than the iPhone.

Gartner analyst David Willis asked a question of Eric Schmidt during the Gartner Symposium/ITxpo where he touched on Android's security reputation.

"If you polled many people in this audience they would say Google Android is not their principal platform... When you say Android, people say, wait a minute, Android is not secure," Willis commented.

Schmidt was having none of it. "Not secure? It's more secure than the iPhone," he declared, drawing laughter from the audience.

Schmidt went on to tout Android 1 billion+ device activations and the stringent security testing it undergoes.

Recently, a U.S. government report highlighted the lack of a upgrade path for many devices running Android, which can leave them vulnerable to malware attacks.

Written by: James Delahunty @ 8 Oct 2013 5:32

KillerBug

As much as I like android, this is simply wrong. Android is more open...and that makes it more open to attacks. There is no insanely overbearing app approval process; this means Android got Adobe Flash, but it also means Android got numerous malware apps.

As for the issues relating to updates, I'm not sure that it is a net loss for security. If you want to hit 95% of iOS devices, you only need to write for the last two versions of iOS. If you want to hit 95% of Android devices, you need to write for a dozen distros.

8.10.2013 09:13 #1

wiimatrix

Think the laughter was aimed at you Eric !!!!!.I'm still rolling around on the floor here !!!!!

8.10.2013 11:10 #2

lamain

I have read about people getting Viruses on both Android and iPhone. But I have never seen it happen. I am far from worried and will continue using a phone that I own and not Apple.

8.10.2013 11:44 #3

i1der

8.10.2013 14:48 #4

mukhis

IMO, eric may be right. knox is an android platform which provides robust security. in addition, iOS is not as secure as what most people think it is.
the thumb rule is that you need to read at least a couple of reviews before installing a relatively unknown app from the android market. the same goes for the apple app store, but to a lesser extent.

8.10.2013 15:05 #5

Mysttic

You want security go to Blackberry: nobody interested in messing with that series no more. This argument is frivolous at best: it's more about reliability than it is about security as some people stated here already, security is more up to the end user than the company itself. Or sure companies have a liability to make their handset secure; consumers at the same turn have a liability to ensure that what they stick on their devices is what they are getting with no more/no less.

8.10.2013 15:31 #6

SProdigy

Originally posted by KillerBug: As much as I like android, this is simply wrong. Android is more open...and that makes it more open to attacks. There is no insanely overbearing app approval process; this means Android got Adobe Flash, but it also means Android got numerous malware apps.

As for the issues relating to updates, I'm not sure that it is a net loss for security. If you want to hit 95% of iOS devices, you only need to write for the last two versions of iOS. If you want to hit 95% of Android devices, you need to write for a dozen distros. I agree with you. Writing for Android and supporting as many devices as possible can be a real pain. It's like writing for Windows.

Originally posted by i1der: This means nothing, an Android phone is just as open as much as you want it to be... Linux is also open, how secure is it? There is no self install apps on Android and every app is verified by Google and Google can and will uninstall any app if necessary. Every app i install or upgrade list every little detail and permissions requested for that app, and the choice to install is my own. BTW Linux=Android! Um, hate to burst your bubble, but there's zero approval process for Android apps to be published to Google Play. It's nearly instant, unlike Apple. Just like clicking OK on Windows, you can't be naive enough to think every end-user reads the permissions they allow an app when installing.

You can also sideload APK files and circumvent Google Play. It's much harder to install IPA files on the iOS platform, but within Android, it's one checkbox away.

8.10.2013 15:59 #7

Mrguss

I always gonna go with Android-Linux, no matter if-and-or-no.

+5000

8.10.2013 16:56 #8

A5J4DX

here we go...

8.10.2013 17:03 #9

GrandpaBW

Originally posted by A5J4DX: here we go... Huh?

Life is good!
GrandpaBruce - Vietnam Vet - 1970 - 1971
Computer: Intel Core i7-920 Nehalim;Asus P6T Deluxe V2

8.10.2013 19:01 #10

Bozobub

In other words, he's foreseeing a silly flame war, GrandpaBW.

Android, at the consumer level, is amazingly unsecure for such a mass-marketed, widely used OS. But that said, you are also able to make Android just about as secure as you care to with customization, specific apps, and perhaps specialized ROMs. For example, Cyanogenmod is MUCH more secure than vanilla Android. iOS does NOT have the capability to do this; with the exception of some apps, you're pretty much stuck with the security model you're given (unless you're willing to bribe Apple to make it differently, as DoD did). *shrug* Each OS has its merits.

I'd say both sides of that argument should realize they are both right - lol...

8.10.2013 22:34 #11

KillerBug

If we are being fair, all phones (even dumb phones) are insecure because of the NSA...if it is turned on then you are being tracked and the data is being stored by a government which is not known for being good with data security.

9.10.2013 09:36 #12

Mrguss

Originally posted by KillerBug: If we are being fair, all phones (even dumb phones) are insecure because of the NSA...if it is turned on then you are being tracked and the data is being stored by a government which is not known for being good with data security. I'm no to consort with the NSA (on smartphones privacy) for now. But the Pigs StingRay is a diff. tone:
https://www.eff.org/deeplinks/2012/10/s...l-phone-privacy

+5000

9.10.2013 16:07 #13

pmshah

There is nothing that would prevent me from getting music or video files from any unknown source on to my Android. In spite of this I have not had any problems in past 3 years when I first started using an Android phone.

I see a lot of similarities in virus affecting humans and the IT types. Protection is good but just like a condom, antivirus programs are no guarantee either. If one is going to act stupidly they need to suffer without any sympathy from others.

15.10.2013 13:49 #14

Bozobub

Originally posted by pmshah: There is nothing that would prevent me from getting music or video files from any unknown source on to my Android. In spite of this I have not had any problems in past 3 years when I first started using an Android phone.

I see a lot of similarities in virus affecting humans and the IT types. Protection is good but just like a condom, antivirus programs are no guarantee either. If one is going to act stupidly they need to suffer without any sympathy from others.
Infections from generally non-executable file types are rather rare, as they must be targeted vs. a specific vulnerability in a specific legit application (generally, media players such as Windows media Player), often consisting of some kind of buffer-overflow tactic. You cannot get a standard "trojan horse" or similar malware attack via non-executables, otherwise.

Note: This is in contrast to an actual trojan horse, which ]masquerades as legit software; it's not the same thing.

Thing is, not one example of this type of malware has been produced for Android yet, as far as I know.

In other words, you can stop acting proud because you haven't been infected, merely because you only consume media on your device. Of COURSE you haven't, silly!

Nor is everyone who does get infected deserve to be called "stupid". Even if a user never sideloads an app, there's almost no initial vetting of Play Store apps, you know, and malware has been found there quite a few times (as well as other blatant crap, such as copying others' apps with little to no changes). Yet, their presence on the Play Store gives them a certain legitimacy, as far as the average user can see. "Naive", perhaps, but "stupid"..? That is not a fair thing to say.

Vanilla Android definitely has some serious security flaws, and it doesn't always get better in later versions. There's reasons my buddy developing apps for the military (via DARPA) does so only on Froyo (Android 2.3) and - for once - none of them have to do with simple government inertia ^^' . It's also interesting to note that, just like Cyanogenmod, DARPA uses a custom ROM of their own design.

TL;DR? For both good and ill, vanilla Android is often quite insecure, but conversely, specialized ROMs can be secure enough for the military and spies *shrug*. It's a perfect illustration both of:
- the pros and cons of the open-source nature of the Android OS, and
- how successive iterations of Android (ironically, by moving away from being fully open-source) have fixed many security flaws but perversely, are not necessarily more secure.

Treating it simply as a binary "secure/not secure" choice is a mistake.

15.10.2013 16:27 #15

AfterDawn: News