Google’s chief of security for Android Adrian Ludwig believes the hype over malware targeting the popular devices are overstated, and that the open architecture that allows anyone to develop and market an application is superior to more restrictive processes offered by competitors like Apple.

Ludwig made the statements at last week’s Virus Bulletin conference in Berlin, noting that data shows that only 0.001% of applications available pose any risk to users, data, or Android devices, and that the latitude granted developers furthers innovation.

“A walled garden systems approach blocking predators and disease breaks down when rapid growth and evolution creates too much complexity. Android’s innovation from inside and outside Google are continuous, making it impossible to create such a walled garden by locking down Android at the device level,” Ludwig said.

He compares Google’s approach to monitoring malware as akin to the role the Center for Disease Control (CDC) plays in public health.

“The CDC knows that it’s not realistic to try to eradicate all disease. Rather, it monitors disease with scientific rigor, providing preventative guidance and effective responses to harmful outbreaks,” Ludwig argued.

Ludwig’s assertions come on the heels of reports that a widely used Android mobile ad library could be leveraged to conduct attacks on potentially millions of users, having been downloaded more than 200 million times.

“These vulnerabilities when exploited allow an attacker to utilize Vulna’s risky and aggressive functionality to conduct malicious activity, such as turning on the camera and taking pictures without user’s knowledge, stealing two-­factor authentication tokens sent via SMS, or turning the device into part of a botnet,” the researchers determined.


Tags , , , , , , , , , , ,

SANS Endpoint Security Maturity Model
  • Jason Holland

    With more than one million threats to Android devices identified in 2013, I wouldn't say the threat to Android users is overblown. This is a serious issue. These phishing programs, viruses, trojans, etc. have been downloaded by unsuspecting users who then find that hackers can send text messages and place calls (often at great cost to the user), steal text messages and photos, and collect sensitive financial and personal data.

    I think the only way to be safe is to download an anti-virus app.

Previous Contributors

View all posts by Previous Contributors >