Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple iOS vs. Google Android: It comes down to security

Ellen Messmer | Dec. 4, 2012
Which is more secure, mobile devices based on Google Android or Apple iOS? It's not just a theoretical question to IT professionals making decisions about the future use of smartphones and tablets in the enterprise.

Tyler Shields, senior security researcher at Veracode, had this to add to the debate: "One of the primary differences between iOS and Android is the application distribution and vetting models. IOS has a single application store, iTunes, that customers can download applications from. While Apple is not perfect, they have executed better than Google in the application vetting process while attempting to limit malware distribution."

Shields continues, "On the other hand, Android applications can be acquired from both the Google Play store as well as a number of third-party stores. This distribution model lends itself well to repackaged applications that contain malware. It's difficult, if not impossible, for Google to police the security of their application ecosystem because they don't have a single application funnel where all applications must pass."

Chris Astacio, Websense manager of security research, also weighed in. "In the ongoing discussion of whether iOS or Android devices are more secure, the overwhelming majority of evidence helps to support Apple's case for supremacy," says Astacio. Why? "The iOS closed operating system and application vetting process help prevent a vast majority of the successful malicious examples we have seen in Android devices."

But Astacio also includes something of a caveat.

"Apple's vaunted application-screening process will only maintain its current success until the top-notch hackers feel it is profitable to create malware sophisticated enough to hide from their application-screening process. For now, there is significant danger in what we call 'legitimate applications behaving badly.' This is where the information gathered by applications is targeted by hackers through some mode of interception, perhaps most likely by hacking into the application developer's networks. For now, though, if I'm placing a wager on which is more secure, I'm putting my money on Apple."


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.