TimesToCome Mobile

iOS apps and tips, tricks and tools for smart phones

How secure is Android?

This paper contains a detailed analysis of Androids security risks and recommendations for fixes. If you are writing software for Android or just using it, you might want to give it a read.

Google’s Android is a comprehensive software framework for mobile communication devices (i.e., smartphones, PDAs). The Android framework includes an operating system, middleware and a set of key applications. The incorporation of integrated access services to the Internet on such mobile devices, however, increases their exposure to damages inflicted by various types of malware. This paper provides a comprehensive security assessment of the Android framework and the security mechanisms incorporated into it. A methodological qualitative risk analysis that we conducted identifies the high-risk threats to the framework and any potential danger to information or to the system resulting from vulnerabilities that have been uncovered and exploited. Our review of current academic and commercial solutions in the area of smartphone security yields a list of applied and recommended defense mechanisms for hardening mobile devices in general and the Android in particular. Lastly, we present five major (high-risk) threats to the Android framework and propose security solutions to mitigate them. We conclude by proposing a set of security mechanisms that should be explored and introduced into Android-powered devices.

Download the paper ( pdf )

Engadget has a review of a demo model of the new Nexus One and it’s sweet looking
12/22/09 Rogue Android Smartphone App created that steals banking information( what are you doing banking on your phone anyhow? )