Today at Pocketnow we’re going to diverge from talking about smartphones and tablets for a moment, and instead we’re going to talk about diseases — communicable diseases. Don’t worry though, the topic is applicable to whatever smartphone you’re carrying around with you now, and has much to do with Android malware, the way Google handles it, the various layers of protection involved, and the number of people who are exposed to threats that could get through the defenses.
The Centers for Disease Control and Management know that it’s impossible to eradicate all disease. Instead, the organization monitors those diseases, providing guidance to prevent spread and infection, looks for signs of outbreak, then responds to and manages those outbreaks. Some people still get sick, and some even die, but as a whole, the majority are safe from harm.
Another way to address diseases is through complete eradication, killing off all the pathogens that cause disease. This is what’s known as a “walled garden” approach. Since you cannot possibly eradicate all disease in all the world all at once you would have to start small, say with a clean room, then expand it to a building, then a city block, and eventually the whole city and beyond. You’d have to be very selective about what you let inside the perimeter, making sure everything that enters is thoroughly cleaned. Eventually the people inside the walls would lose their natural ability to fight disease, preventing them from going beyond the walls into the “unclean” world that lies beyond.
The walled garden sounds wonderful. It’s clean, the people inside it are healthy, it’s a utopia like you’d picture from pages of science fiction. The reality, however, is this walled garden it overrun with strict controls, limited freedoms, and — from another perspective — is more like a prison than Utopia. And it has another problem: once the perimeter is breached, the disease quickly overruns the populace, eliminating huge percentages before the disease runs its course — and destroys the walled garden in the process.
Back to mobile devices
The three major mobile platforms have adopted these two types of disease management. Windows Phone and iOS both support the utopian “walled garden” approach. Google is more like the CDC, monitoring and responding to outbreaks.
So far, the “clean room” approach of the walled gardens has worked, but as the perimeters expand, their ability to resist infiltration is reduced. If the sci-fi shows have taught us anything., it’s only a matter of time before all hell breaks loose.
Google, on the other hand, takes flack every day about how some malware got through (or could have gotten through, but didn’t), or that some piece of malware was captured. But what do the numbers say?
To begin with, all Android-powered devices (that’s 100%, if you’re keeping track of the numbers) have sandboxes and permissions. These are two mechanisms that help help you safe.
95% of all users have “Verify Apps” turned on by default, which lets Android and Google intervene if there is something unsafe about what you’re trying to install.
“Most” users only install apps from “trusted sources” like the Play Store, Amazon, or some other trusted distribution channel.
Less than 1/2 of 1% of app installs which come from “unknown sources” receive a warning. That’s 99.5% that never get a warning that never sound the alarm that the user is about to install something potentially unsafe.
Less than 0.13% of app installs which come from “unknown sources” are installed after the user has been given the “potentially unsafe” warning.
Less than 0.001% of installed apps every try to evade Android’s defenses.
All this combined makes the percentage of app installs that actually cause harm of evade runtime defenses nearly impossible to measure. Yeah, it’s that small.
The moral of the story?
Don’t install apps from untrusted sources, but even if you do, the system is set up to quickly identify and block potentially malicious apps. In short, although you’re not immune, you’re much better off than living inside the walled garden.
Now, go outside and play in the dirt. Your immune system will thank you.