Google Engineer Denounced myths regarding Android Security

Adrian Ludwig, lead engineer for Android Security at Google criticized a number of myths surrounding the definitions of malware and spyware in general. The assumptions include that the spread of malware is always increasing, most devices are not protected, and all malware can infect them.

“There is a certain amount of pessimism in security,” said Adrian Ludwig, at the RSA Conference on Tuesday.

According to Ludwig nearly all Android users actually do have built-in protections on their devices out of the box, mobile malware can be classified and isolated, and mobile malware isn’t actually increasing. Ludwig also assured that Google aims to take the best platform security tools available and make them free for others to build upon, in order to keep Android secure.

Android is firmly rooted in openness, Ludwig stressed from thousands of unique devices available, millions of lines of code in Android Open Source, and hundreds of OEMs, ISVs and security solutions encompassed in the ecosystem.

Google has launched a few of the initial safeguards that includes verifying apps and the Android Safety Net, which has scanned and verified more than one billion devices over the last year. Only less than one percent of devices have been found to have a Potentially Harmful App (PHA) installed, according to the Internet giant.

However, there are a few exceptions described as “regional variations,” include Russia and China as markets where PHA installs are significantly higher.

“There is not uniformity in what people are encountering,” Ludwig said, reiterating findings can vary day by day and region by region.

Ludwig suggested that install trends also tend to have a characteristic shape by “type,” that could range from a bad application to a kind of apps targeting an asset, such as a bank.

“There is a growth in the prevalence in that kind of harmful app,” Ludwig confirmed, explaining at some points it crosses a threshold and we begin to become aware that is going on.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...