I participated in a Twitter chat last week premised on the notion that mobile malware exists, and we discussed what can you do to prevent it on your devices. The notion of malware on mobile devices has been around for a while, and every three to six months, you see an article proclaiming that the last quarter or so has seen even more mobile malware in the wild.
These articles scream out facts like there were more than 90,000 pieces of malware detected last year, and they quote a security vendor or consultant about best practices for protecting your devices. They tell you the majority of malware is Android-based, but there is some iOS malware as well. After these stories come out, you can expect Microsoft and BlackBerry to trumpet the fact that they don't have little or any malware, so you should really think of moving to their mobile platforms.
Are you sufficiently scared yet? Good -- you're supposed to be. But you shouldn't be.
The problem is you're sitting in a field of cow patties while a bunch of journalists and vendors compete to see who can throw one the farthest. It's all a bunch of crap designed to get you to buy software that claims to protect you from these threats. In most cases, this software does absolutely nothing but slow down your mobile device. If you have an iOS device, the software can't even scan what's happening in other apps, so it's useless. (Apple blocks such app inspection, so malware can't jump from app to app, which is why iOS is rarely compromised by malware.) If you have an Android device, it is also dubious whether malware detection software actually works.
This doesn't mean malware doesn't exist or isn't an issue. It just means we have to adjust the perch that we are looking from. These days, the majority of the malware is not in either the Apple App Store or the Google Play store. Apple has been vigilant about malware and has a very good record with keeping it out of its store. Google was not so vigilant, so its store hosted a lot of malware, but in the last year Google has ramped up its efforts keep the malware out.
If you get malware on your mobile device, it won't be from the Apple App Store, and it's increasingly unlikely to be from Google Play.
If you have an iOS device, you're going to get infected with malware if you jailbreak the device and start "sideloading" apps. Some people do this to get pirated apps; others do this to get apps with more functionality. The problem is that no one checks these apps, and it is very easy for someone to add malware to one.
Sign up for CIO Asia eNewsletters.