Android is the most widely used mobile operating system worldwide and that makes it a tempting target for makers of malicious software. In fact, new reports come out disturbingly frequently about Android security holes, and the lion’s share of malware appears to be made for Android devices. So what’s a journalist using this operating system to do? We talk to a leading tech editor about steps you can take to protect your phone, your data and your privacy.
No question about it, the operating system developed by Google is the leader of the pack – almost 80 percent of the world’s smartphones run it. But with that kind of popularity, and Android’s looser policy around downloads and development, come problems. In a report issued this summer, the US government warned about the security issues in an earlier version of Android (still used by many people). According to the report, the operating system accounts for nearly 80 percent of all mobile malware, while Apple’s iOS accounts for just 0.7 percent.
More recently, Finland-based F-Secure released its Mobile Threat Report covering the third quarter of 2013. It found that of the 259 mobile threats detected across mobile operating systems, 252 of them were on Android. That’s a staggering 97 percent.
It’s enough to make you rethink your relationship with that little green robot.
But the many journalists who do use Android smartphones in their reporting can’t just toss them in the trash, nor do they have to. I’ve interviewed Manuel Schreiber, editor at the German technology magazine CHIP and a specialist on mobile operating systems, for DW Akademie. They discussed Android security and how reporters can make sure their smartphones aren’t used against them, especially when reporting on sensitive issues.
Do you have to compromise your security when using smartphones?
Each smartphone and manufacturer tries to bind their customers, and that’s why things like emails, contacts, and network access are redirected through the manufacturer’s servers. Any smartphone manufacturer has access to your personal data. So each and every smartphone owner is giving away a lot of information.
Are Android devices generally less secure and more subject to viruses and attacks than their iOS equivalents?
Apps downloaded from external sources are a serous challenge for Android devices. Many Android apps can be found on the internet as cracked versions that everyone can download and install. These apps can contain viruses that use known security vulnerabilities on your device. Moreover, many developers don’t follow the recommendations for Android apps and let their apps add functions to the system that they shouldn’t. That creates new security problems.
Is there any difference if you use older Android versions or Android smartphones that don’t come directly from Google?
No system is perfect. Sooner or later, a new security issue will surface. That’s why we have always recommended our readers keep their mobile operating systems up-to-date. However, it’s really difficult to keep your Android operating system updated since manufacturers don’t usually support older versions. Google devices like Nexus 4 and Nexus 5 have an advantage in that they always have the latest Android version directly from Google, at least for a while.
What are the basic tips you need to remember in order to keep your Android device safe?
First of all, always use a PIN code to protect your device from access from the outside. Some systems let you use partition encryption so that no one can access your personal data. When installing new apps, always pay attention to the information the app requests. You can always see that before installation starts. If a simple wallpaper app requires access to your messages, contacts or network settings, don’t install it. In other cases, pay attention to the same things you would normally do when using a computer, like not saving any passwords.
Which apps would you recommend for secure browsing, communication and virus protection?
There’re a number of apps that will make your device more secure. Mail clients like K9-Mailcan be extended with OpenPGP (APG) encryption. You can chat securely with ChatSecure and create encrypted data containers with the help of EDS Lite.
Is using security apps really enough?
You can never know for sure, but you can make it as difficult as possible for attackers to crack your device.