Android Security

Android has taken the mobile OS market by storm. Today, it has the largest market share among all mobile OS. Security is one of the prime concerns for mobile users today. As the power and functionality of mobiles increase, so has their vulnerability for attacks by viruses etc.  Perhaps Android is more secured than any other mobile OS present in the market today.

The following factors make it quite secure : 

  • Since Android is open source software, the people can work together to improve it. Malwares are easy to detect and remove and improved versions are being released every day. This open nature of Android the major factor behind is security.
  • Android platform is multi process software, i.e. each application runs within its own different process rather than all applications being executed in one process. Hence no application can gain critical access to the components of OS.
  • Android platform is based on Linux which is the most secure OS. It has several security features that keep the application data away from the core software processes. Linux is the key to Android’s relative security presently.
  • In Android, access to the OS by any application is restricted to prevent them from running harmful scripts that can affect other applications and the data of the user. Hence the sensitive data of the users is untouched by unauthorised access.
  • The developers need a unique signature to upload their Android app. In case a malware is detected in any app, it can be easily traced who wrote that particular app and by identifying the culprit, the users can stay secured in the future. Thus, a hacker will think twice before uploading a malicious app that targets Android.
  • Since the Internet Giant Google is responsible for Android; the users can feel secured as Google understands Web android securityusers and what they expect from the Android. This understanding helps the Google’s mobile platform to come up with a more secured OS.
  • Users can immediately report a potential security flaw through their Google account, the moment they come across a security threat. Thus, the malicious apps are readily reported to the Android Security team. This information from the users helps the Android team to find and remove the issues sooner.
  • All applications on Android require permission from the user at the time of installation in order to run any component on the Android device. This feature cuts down the risk of malicious apps because a user can stop a particular malware before it gets a chance to wreak havoc on the device.
  • Hackers can easily gain entry to a device through the audio and video running on the Web Browser. Google tackles this problem by running them on an outside media server rather than on the browser. It prevents malicious files from gaining access to cookies or user credentials.
  • We all know that Google is very good at finding stuff on the web. This also helps to identify the potential security threats on the web and prevent the mobile OS from being affected. By detecting the threats beforehand, the Android OS is prepared to face it.

Security Issues faced by Android

But Android is not as secure as it seems. Even after such strong security features, there are many security issues faced by the Android. Some of them have been mentioned below.

  • Android has no control over the apps being uploaded on its market. Android users are exposed to the apps that anyone can develop and put up on the market. Even if the Android market is able to exercise some control over the apps, many potentially harmful apps are available in alternate app stores or on the developer’s website. This is one of the most serious security issues that the Android is facing today.
  • It has been observed that some apps exploit the services of another app without making a permission request. This usually happens when the apps are from the same developer and the permissions granted to one app are used by the other one. Thus it could misinterpret the capabilities of an app which could lead to a serious security issue.
  • Android’s permission based security model can be an asset as well as a liability. The power is given to the user to make a decision whether an app should be trusted or not. This human element introduces a lot of risk, because a user can be tricked into giving unreasonable permission to an app which can officially exploit the OS. Thus such reliability on the user may affect the security of the Android.
  • The concept of an Open Source OS is very appealing but it is not only open to legitimate developers but also to hackers. Thus the entire framework of Android cannot be trusted when it comes to building critical systems.
  • There is no centralized and properly maintained documentation is present which can explain the internal of the Android OS and how the devices can be adapted to it. There is no central power to which one can submit an issue or which can respond to a question with a meaningful answer. Hence if you want to use the Android, use it at your own risk, because no one is ready to take the responsibility for any problem that might arise.
  • The Android OS developers clearly state that they are not responsible for the security of external storage. Therefore, the applications that can gain access to the SD Card can cause a lot of trouble for the user because there are all sorts of sensitive data on the external storage of a mobile.
  • Any app on the Android platform can access device information like the GSM and SIM vendor Ids without the permission of the user. These pieces of information can cause a lot of harm if they get into wrong hands

Conclusion

Even after providing all security features, there will always be a risk with the Android if the user will install suspicious apps or do not pay attention to the permissions given to an app. Although people predict a great future for the Android, but it unlikely unless Google seriously takes up the issue of security. It must close the code from public domain, provide documentation, review the apps, charge a license fee and start customer support services. This is the only way to make Android the next big thing.