A while back, Jesper Jensen from Denmark wrote in to the Pocketnow Weekly Podcast with a question about antivirus software for Android, specifically, whether or not he needs it on his new Xperia Z3 Compact.
I have just received my Sony Xperia Z3 Compact and I am infatuated with this little beauty. Coming from a Nokia Lumia 620 it is quite a leap ahead, though I do find I miss a few things about Windows phone. One of the things I didn’t miss about Android is the … more or less useful (apps that come pre-installed from Sony, such as) AVG antivirus. Under normal circumstances I would never consider buying or installing such a program for my phone, but there it is, right in the app drawer. I was going to uninstall it … but then I thought I would get an alternative perspective on the fundamental question: To use protection or go without – when you are rocking an Android phone.
Android Antivirus Software
The question of viruses on Android-powered devices goes way back to 2010 when Kaspersky Labs identified the “first virus targeted at the Android operating system”. The particular virus, Trojan-SMS.AndroidOS.FakePlayer.a, was a Trojan distributed through a text message asking users to install a 13KB “harmless” media player app. It was anything but harmless.
Fortunately, Android is set up such that applications installed from third-party sources are blocked by default. To actually infect your phone you would have had to consciously disable that feature, and accepted the warning which Android presents when doing so. In other words, you were given the choice whether or not you wanted to assume the risk.
Android already verifies apps — unless tell it not to.
Google’s Chris DiBona has previously said that comments regarding the state of mobile security, especially when it comes to Android and open source software, have been misleading. On his Google+ post, he detailed that there’s nothing inherently insecure about open source software, and that reports of malware on smartphones are largely overblown for the threat they actually pose. Journalists are always looking for attention grabbing headlines, and everyone’s highly likely to click through to read a story about viral threats that may hit their smartphone.
Since then, in addition to keeping the “install from 3rd party sources” disabled by default, Google has adopted a practice of actively scanning apps in its Play Store for malicious looking code. When something suspicious is found, Google takes action, and can recall the app from any devices that installed it, and even repair any files the app may have manipulated. Google even has a variation of that scanner included as part of the Android Operating System which checks your device periodically, just in case something slips through.
The Darker Side…
The biggest threat is from apps that you get from “shady” sources. File sharing sites, rapid download sites, sites featuring scantily clad women, sites that offer you “free” music, movies, and/or apps, and apps sent to you in a random text message are much more likely to contain malicious files than sites that offer legitimate content. Think of it this way, if you want a wristwatch, you’re much more likely to “catch something” from a guy selling Rolexes out of his coat in a back alley than from an authorized store. The same is true of software.
Be mindful of your sources and you probably will never have to worry about viruses or any kind of malware on your Android, rendering “antivirus” software unnecessary. However, if that’s just not the kind of person that you are, and you flirt with the darker side of the Internet then yes, absolutely yes, make sure you have a reliable anti-malware app installed and run scans frequently!
Use your head, and stay safe out there!