Android malware: How open is too open?

Poor governance could allow malware to run amok in smartphone app stores, eroding customer confidence

1 2 Page 2
Page 2 of 2

These gripes have lent ammunition to the iPhone's competitors, who hope to gain market share by offering alternatives to what they characterize as Apple's heavy-handed, draconian policies. Last fall, Verizon Wireless marketed its latest Android handset, the Motorola Droid, by suggesting the Droid would do everything the iPhone wouldn't -- a campaign that seems ironic now, in the wake of the 09Droid phishing debacle.

Risking it all for openness
Perhaps no other smartphone vendor has staked its fortunes on its developer community more than Palm. From the onset, Palm has promoted its WebOS as an open alternative to proprietary platforms, including Apple's. In its boldest move to date, it unveiled Project Appetite, an open source software foundation that customers can use to build their own, independent WebOS app stores. But lacking any formal oversight, how can Palm users be sure that such stores won't be used to exploit their handsets for phishing and other nefarious purposes?

Open platforms are attractive to developers, but as we have now seen, developers come in all flavors. If smartphone vendors aren't careful, they risk repeating the mistakes of the PC software industry, with mobile platforms becoming the new Wild West of computing.

At first blush, WebOS apps may seem safer than most. They're built with HTML, CSS, and JavaScript, rather than native code. But in response to pressure from game developers, Palm recently announced a plug-in development kit that allows programmers to build modules for webOS apps using C and C++, increasing the risk considerably.

By comparison, Google's Android OS is based on Java, which is known for its sandbox security model. Google engaged security experts early in the Android design process, in hopes of weeding out any potential vulnerabilities before bringing the OS to market. But even if the Android platform is completely bug-free -- an unlikely assertion -- the 09Droid apps are proof that malware doesn't need to exploit software flaws to be dangerous. Credulous users are just as vulnerable to phishing attacks as defective software.

Tough love for developers
Strong governance is the only solution. Open source platforms such as Android and WebOS invite independent review of their code, but it's unrealistic to expect an open source community to anticipate every possible avenue of attack. Far more important is the ability to act swiftly when exploits arise, and that's something only centralized oversight can provide.

Google did the right thing by removing the 09Droid apps from the Android Market. But the fact that security advisories about the apps were issued by the affected banks, and not the Android Market itself, is an embarrassment. Allowing those apps to linger in the store for a month or more is inexcusable.

While a strong developer community is an asset to any platform, part of a community's strength is its reputation in the eyes of customers. When malware authors are allowed to run unchecked, the loss of customer trust hurts every developer.

Apple's insistence on a single App Store may indeed seem draconian. Cynics will say it serves no purpose other than channeling a revenue stream to Cupertino. But by ensuring that each and every app in the App Store has met its rigorous standards, Apple has forged a bond of trust with iPhone users that no other smartphone vendor can match. There is yet room for smartphone vendors to compete with the iPhone through innovation. Sacrificing security and stability for "openness," however, is throwing the baby out with the bathwater.

This article, "Android malware: How open is too open?," was originally published at Follow the latest developments on software development, security, and mobile computing at

Copyright © 2010 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2