Hi Lifehacker, I've been a loyal iPhone user for years now, but am starting to flirt with the idea of jumping ship to Android-based phones. My main reason for sticking with iPhones -- availability and priority afforded to the iOS platform when it comes to apps - -seems less of an issue these days. But security concerns around Android are still stopping me from switching.
As an iOS user, I've been able to blissfully ignore reports of "mobile malware" and the security vulnerabilities that seem to plague the Android ecosystem. Apart from setting a PIN on my iPhone and the occasional iOS update, I haven't really had to think about OS-level security at all.
How will this change if I switch to Android? Are all these reports of malware on the Android platform overblown? What is the best security regimen for Android users? Anti-virus software like PCs? Only downloading from particular app stores? And is the everyday user really going to face more risk in an Android world versus iOS? Thanks, Potential Switcher
Android picture from Shutterstock (1000 Words)
We'll try and examine the issues that you raise in a hype-free way. The bottom line is this: yes, there are more potential security risks on the Android platform because of its open-source code approach and anyone-can-upload software market. However, those risks are manageable, and the initial reaction to them is often exaggerated.
More importantly, while the risks are lower on iOS, they are not non-existent. An iPhone user who incorrectly assumes that their environment is fully secured without any effort on their part is arguably at much stronger risk than an Android user following sensible security precautions.
Let's address the specific questions you raise:
- Firstly, there's more to iOS security than setting a PIN number and regularly updating your software (though both are important steps). If nothing else, you should set up Apple's Find My iPhone service, which will make it easier to track and/or wipe your device if you misplace it.
- iOS malware is rare, but as we reported just this morning, it isn't non-existent. Apple's app-checking iOS also doesn't do a good job of pointing out potentially risky behaviour by apps (and Apple tends to ban apps which make a point of identifying that behaviour, such as BitDefender's Clueful). However, users can protect themselves by being cautious about downloading apps from unfamiliar vendors (a solid rule for any platform).
- As an Android user, the single most important step you can take is to check the permissions which an app asks for on installation. If you can't imagine why an app needs a particular permission (why should the Woolworths shoppping app be allowed to initiate phone calls?), then don't install it.
- The basic steps you've detailed for iOS (regularly updating your device and setting a password) also apply to Android. Platform updates are more complex for Android if your phone includes vendor-specific enhancements; rooting your phone can make it much easier to stay up to date (and offers many other benefits as well.
- If you are regularly downloading new apps, then installing security software for your phone can make sense. Check if your desktop security vendor provides a mobile solution as well, as this is often the cheapest route.
- Finally, stick to purchasing apps from major app stores (Google Play, the Amazon app store, and the Samsung store are the most obvious choices here). While it's easy to find and install APK files from elsewhere, that's risky behaviour.
To be clear: we think iOS and Android are both great platforms and can be used securely -- but in both cases, whether that happens is down to the user as well as the software. No complex computer (and that's what a smartphone is) can offer bulletproof security, and user awareness is critical whichever platform you choose.
Got your own question you want to put to Lifehacker? Send it using our contact form.