There's been much controversy over mobile OS security, especially where Android is concerned. With 47 percent of the smartphone market in Q4 of 2011, according to ABI Research, it's no wonder that Android is getting attention.
Its openness fuels adoption by smartphone manufacturers and wireless carriers, aids in mobile innovation, and helps bring more free apps. But some, like those who develop security apps, think its openness also makes it an easier target for malware writers and cybercriminals.
[ Subscribe to InfoWorld's Consumerization of IT newsletter today, then join our #CoIT discussion group at LinkedIn. | Learn about consumerization of IT in person March 4-6, 2012, at IDG's CITE conference in San Francisco. | Get expert advice about planning and implementing your BYOD strategy with InfoWorld's 29-page "Mobile and BYOD Deep Dive" PDF special report. ]
Android malware growth
Depending on where you go, you'll find varying stats on the amount of Android malware we've seen thus far. This is complicated by the fact that most of the information available about malware comes from security vendors, who obviously have a pony in the anti-malware race.
One thing they all agree on is that the amount of malware targeting Android has been growing. For instance, a report from Trend Micro (PDF) includes a chart that shows a large spike in the amount of total Android malware in 2011. Meanwhile, according to NQ Mobile, cases of malware increased from 4,781 cases in 2009 to 10,369 cases in 2010 and 22,600 cases in 2011. And according to Lookout, the likelihood of Americans encountering Android malware went from 1 percent in the beginning of 2011 to 4 percent by year's end.
But the vendors don't always agree. For example, at the end of January, Symantec announced that 13 apps in the Android Market contained malware. Other security vendors disagreed; Symantec later backtracked and said that the code it thought was malware was really from an aggressive ad network.
Meanwhile, Google has reported a 40 percent decrease in the number of potentially malicious downloads from the Android Market from the first to the second half of 2011. (Of course, Google is only accounting for the official Android Market, while the security vendors also scan third-party app markets and websites from around the world.)
In addition, Google recently announced an internal malware scanner called Bouncer that scans apps submitted to the Android Market. And if something does slip by Bouncer, Google can remove the Market listings for malware apps and even remotely remove them from devices.
Android malware in the wild
However, all these varying statistics and countermeasures don't mean that there isn't bad stuff out there.
For example, in the spring of 2011, Lookout identified a Trojan app called GGTracker that was distributed via malicious websites that mirrored the Android Market. Once downloaded it could sign the victim up to premium SMS subscription services without their permission, charging the user's wireless carrier account. And the DroidDream Trojan, discovered in March 2011, was found in more than 50 apps in the Android Market. It could gain root access to Android, steal data and install more malicious apps.
What follows are reviews of five free anti-malware apps for Android devices: Avast Free Mobile Security, AVG Mobilation Anti-Virus Free, Lookout Mobile Security, Norton Mobile Security Lite and NQ Mobile Security. I've reviewed each of these apps based on what features it has available and how well the interface works. Most also offer for-pay versions that have additional functionality, which I've noted where it exists.
And many of them (in free and/or paid versions) don't only scan for malware and offer preventative measures, but provide anti-theft features as well -- such as alarms that can be triggered remotely (to call attention to the thief) or the ability to lock and/or wipe the device.
If you're reluctant to use a security app, perhaps it would help if you think of it as the equivalent of chicken soup: It can't hurt -- and could possibly keep help keep away any nasty infections that may be lurking about.
Other versions: None
The Avast Free Mobile Security app includes anti-malware and anti-theft features, along with browsing protection that prompts you if you visit a malicious website. A privacy advisor helps you identify any installed apps that use permissions which could be potentially dangerous, while an application manager lets you manage running apps.
SMS and call filtering is also included, which lets you block incoming messages and calls and outgoing calls based on times and contacts you select. The app lacks any backup functionality, but a firewall and enhanced anti-theft features are provided for rooted devices.
In addition to automatically scanning apps you install, Avast can do full scans of all your installed apps on the phone and on the SD card. You can do this manually or specify days and times to have it done automatically.
By default, Avast will appear on the notification bar and menu, showing its status and offering a shortcut to open it. The main app screen is straightforward, listing shortcuts for each feature and the settings. Though there are many more settings and preferences compared to other security apps, the developers did a fairly good job keeping the interface user-friendly.
The first time you open Avast, it prompts you to set up the anti-theft feature. A neat touch: You can define a custom name for the separate anti-theft app -- ideally something inconspicuous that won't alert thieves to its presence. Additionally, the app is password-protected, and the shortcut can be hidden from the app tray. For rooted devices, it can even store the anti-theft app and settings in a way that survives hard resets of your device.
Avast's anti-theft functionality provides remote locating, a remote alarm with the ability to use custom audio, remote locking with a custom message (for example, "Return this smartphone to...") and remote wiping. You can set it to automatically lock and have the siren go off if the SIM card is changed or when you mark it as lost by sending it an SMS message.
Avast can even disable access to the Android program manager and phone settings, prevent USB debugging, and force the data connection on in order to remotely back up your data.
Currently, if you want to use the remote anti-theft and remote control features, you must send SMS commands to your device. Avast provides feedback via SMS replies as well -- for example, it will provide a link to a Google map after locating the device.
Avast has other useful features. You can have your phone call a given number remotely, forward SMS messages and call logs, retrieve contacts, and even pass raw data to any other app. However, in order to access these remote features you must send SMS messages from another phone; it would be much more user-friendly if there were a Web-based interface. Avast says one will be added in the first quarter of 2012.
Some of the features -- such as any that require SMS -- require 3G support and so won't work on Wi-Fi-only Android tablets. Avast says better tablet support is also expected in early 2012.
Bottom line: Avast offers some great underlying functionality, like hiding the anti-theft component and providing enhanced uninstall protection for rooted devices. But you'll have to wait for the Web interface for remote features, and look elsewhere for backup features.
Other versions: Anti-Virus Pro ($1.99) adds an app locker, app backup and support; Anti-Virus Pro for Tablets ($1.99) is optimized for tablets
AVG Mobilation Anti-Virus Free offers free protection for both phones and tablets against malware and browsing protection to prompt you when visiting a malicious website. It also includes SMS/text messaging protection that scans messages to ensure they're safe; various remote tools, including device locating, alarms, locking and wiping, and scanning. There is a malware scanner that analyzes data files as well as apps, a task killer, a tune-up utility to help save battery usage and storage space, and a personal data wiper to clear cache.
An app locker that password protects individual apps and an app backup tool are also offered as a 13-day trial. The Pro version (which costs a one-time $1.99 fee) unlocks the trials and adds a spam and scam feature; there is also a version available for tablets.
Anti-Virus automatically scans apps you install and lets you run full scans on demand or automatically on a daily or weekly basis, but oddly doesn't let you specify the days or time. It does, however, also scan for potentially insecure settings along with malicious content and media.
Though the app runs in the background, it doesn't appear on the notification bar or menu until it detects an issue. Once you open the app, the main screen can be a bit confusing -- it doesn't contain status info or shortcuts to the main features like most other security apps do. You tap the screen to run a scan or press the device's Menu button to access shortcuts.
AVG provides a website to use the remote functions. Though it's possible to access it via smartphones and other small mobile devices, the site is optimized for desktop/laptop access. It allows you to initiate remote locating on a Google map, initiate an alarm and remotely lock your device with a custom message; you can also set an unlock password, wipe the device, and remotely start scanning for malware. You won't find your phone's number on the site, but it does detect SIM card changes and will send automated email alerts to you when a card switch is detected.
Bottom line: Despite a confusing user interface, AVG Mobilation Anti-Virus Free is a fairly solid security app offering all the popular features for free. If you want the premium edition (for more features or the tablet app) you can get it with just a small one-time payment.
Other versions: Lookout Mobile Security for the iPhone (free); Lookout Premium for Android ($2.99/mo. or $29.99/yr.) adds phishing protection; backup for photos and call history, data transfer to a new phone, remote wipe/lock, support
Lookout Mobile Security offers free malware protection, contacts backup, and remote locating and alarm for both phones and tablets. Upgrading to the premium account ($2.99/month or $29.99/year) adds browser protection, an app privacy manager, backup of images and call history, and remote locking and wiping.
In addition to automatically scanning apps you install and update, malware protection includes full scans of the installed apps; the SD card, however, isn't scanned. You can set Lookout to do these full scans on a daily or weekly basis and optionally specify the day and time. The backup functionality also lets you specify when to perform daily or weekly backups of your contacts to Lookout's servers; if you're a premium user, you can back up your pictures and call history as well.
By default, Lookout appears on the notification bar and menu, displaying its status and offering a quick way to open it. The app's interface is simple and straightforward. The main screen shows the status of each feature. Though you can click on the Security or Backup icons to see the most recent activity, the app doesn't give you any thorough activity logs. To configure the app settings, you tap the Menu and Settings icons.
Lookout lets you access the status of your Lookout features and get a full activity history on its website; you can also initiate backups and restores, access the remote recovery tools (such as locating, locking and wiping), and enable or disable each feature. There's also a mobile version of the site that offers the same features.
You can find the approximate location of your device on a Google map and see the phone number currently configured on your phone (so you will know if someone replaces your SIM card). However, the remote locking feature doesn't provide a way to display a custom message on the device like some other security apps do.
Bottom line: Lookout provides a useful security app for both Android phones and tablets, along with a user-friendly website. It doesn't offer as many features as some security apps, but what it does provide is solid. It offers remote locking and wiping, but only if you use the premium service.
Other versions: Norton Mobile Security ($29.99/yr.) adds anti-theft and anti-loss features, phishing protection, call and text blocking
Norton Mobile Security Lite provides free malware protection and remote locking. The premium service ($29.99/year) adds browser protection and call and text blocking, along with remote locating, a remote alarm, remote camera control to take snapshots and remote wiping. There is a tablet version ($29.99/yr.) coming (the date hasn't been announced) that will support the remote anti-theft functionality for Wi-Fi-only devices as well.
In addition to performing malware scans on app downloads and updates, you can run app and SD card scans on demand or schedule scans daily, weekly or monthly. Though Norton checks for virus database updates weekly by default, it can be changed to daily (or monthly).