If someone tells a security enthusiast that an Android smartphone is more secure than an iPhone, there are chances that he or she may simply laugh it off. For years, Android phones have been known to be vulnerable when it comes to security compared to iOS, largely thanks to the difference in how security patches are rolled out across iOS and Android. But, Adrian Ludwig, the director of security at Android, vehemently disagrees in a short interview given to Motherboard.
“For almost all threat models they are nearly identical in terms of their platform-level capabilities,” said Ludwig referring to the level of security needed by most people.
“In the long term, the open ecosystem of Android is going to put it in a much better place,” he reportedly added further. But, hasn’t Android been around for almost eight years already? The hiccups of openness and fragmentation continue to exist. The reason why Ludwig feels so strongly about Android’s open nature leading to better security in the future was not mentioned. He went on to say that there’s “no doubt that a Google Pixel and an iPhone are pretty much equal when it comes to security”
Ludwig said Android’s built-in security product called Safety Net scans 400 million devices and checks 6 billions apps per day. The result is that the number of Android phones that have potentially harmful applications installed is less than one percent.
I’ve often argued that sometimes Android’s security risks are blown out of proportion and Ludwig seems to feel the same way. As an example of Android’s misunderstood security, Ludwig used the infamous series of critical bugs known as Stagefright found last year and mentions that till date there has been no real life case hack on an Android phone done by exploiting Stagefright.
He, however, acknowledged that the fragmentation between Android systems and delays between the disparate security patches remain a concern.
“We got [sic] quite a bit of work left to do to get to a point where that actually happens on a regular basis across the whole the ecosystem,” he said, of how manufacturers and carriers implement security updates. The good news, according to Ludwig, is that Android is already secure enough that it’s almost impossible for someone to target a large number of people at the same time and it is not something that he is expecting to see “at any point in the Android ecosystem.”
Do you agree with Adrian Ludwig? Do you think Android’s security risks are more than often blown out of proportion?
Source : Motherboard