With Google Android OS currently commanding 52.3% of the worldwide smartphone market, millions of smartphone users own devices running a variation of the popular OS, yet it appears some could be at higher risk for malware than others, as a new report discovered that phones employing an older version of Android are among the most vulnerable.
Bit9, a security company in Massachusetts, recently released a report ranking the top 12 most vulnerable smartphones, all of which run Android. The Samsung Galaxy Mini and the HTC Desire ranked first and second, respectively, in the study, which was based on a number of variables, including market share and the length of time a model took to update its version of the Android OS.
Upgrades Are Critical
Despite this finding, Bit9 was quick to clarify that these results do not mean that Android is by definition more vulnerable than other operating systems, rather Google’s dependency on manufacturers to deploy operating system updates was more at fault. With manufacturers’ focus set on producing new phones, companies tend to see older phones as a low priority, neglecting to push software updates when necessary, as evident in the DroidDream malware that spread so rapidly this year. While Google used its “kill switch” to remove the malware from thousands of phones and released a new version of Android to block the attack, almost none of the phones on the top 12 list had been updated yet by carriers or manufacturers to the safer version of Android, according to the report.
Another issue plaguing Android is Google’s lack of oversight for apps in the Android Marketplace, making it easy for malicious applications rigged to steal passwords, credit card numbers or business information to be uploaded. When compared to Apple, which enforces a much higher barrier for entry, Google appears more lax in allowing bad apps in its store. Yet, that does not leave iOS unharmed, as Bit9 listed the older iPhones, those of which cannot install software updates over the air, as an “honorary mention.”
While this report may scare off some Android customers, Harry Sverdlove, chief technology officer of Bit9, stressed that the findings are not meant to be read as a “who’s more secure?” contest.
“We’re not saying that Android is more vulnerable than iOS; all operating systems have vulnerabilities,” Sverdlove said. “And iOS actually has more than Android in terms of known vulnerabilities, which are logged in the National Vulnerability Database.”
So, where does that leave you, the Android user? While you may think you have no control that is far from true. Demand more from you carriers and manufacturers to ensure a better update schedule. And as always be mindful and informed of the security level of your phones, whether personal or professional.