Google Engineer Denounced myths regarding Android Security

Adrian Ludwig, lead engineer for Android Security at Google criticized a number of myths surrounding the definitions of malware and spyware in general. The assumptions include that the spread of malware is always increasing, most devices are not protected, and all malware can infect them.

“There is a certain amount of pessimism in security,” said Adrian Ludwig, at the RSA Conference on Tuesday.

According to Ludwig nearly all Android users actually do have built-in protections on their devices out of the box, mobile malware can be classified and isolated, and mobile malware isn’t actually increasing. Ludwig also assured that Google aims to take the best platform security tools available and make them free for others to build upon, in order to keep Android secure.

Android is firmly rooted in openness, Ludwig stressed from thousands of unique devices available, millions of lines of code in Android Open Source, and hundreds of OEMs, ISVs and security solutions encompassed in the ecosystem.

Google has launched a few of the initial safeguards that includes verifying apps and the Android Safety Net, which has scanned and verified more than one billion devices over the last year. Only less than one percent of devices have been found to have a Potentially Harmful App (PHA) installed, according to the Internet giant.

However, there are a few exceptions described as “regional variations,” include Russia and China as markets where PHA installs are significantly higher.

“There is not uniformity in what people are encountering,” Ludwig said, reiterating findings can vary day by day and region by region.

Ludwig suggested that install trends also tend to have a characteristic shape by “type,” that could range from a bad application to a kind of apps targeting an asset, such as a bank.

“There is a growth in the prevalence in that kind of harmful app,” Ludwig confirmed, explaining at some points it crosses a threshold and we begin to become aware that is going on.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...