November 23rd, 2011
Whenever a new trojan appears for Linux, Mac OS X, or (now) Android, inevitably you get a crowd of ignorant panic-mongers up in arms saying “See? [fill in the blank] gets viruses, too! Ah ha! Better install that antivirus now.” Now, apart from the fact that so-called “antivirus” software is for all practical purposes useless (a placebo at best), viruses and trojans are conceptually very different types of malware.
And, no, this is not just a matter of some geeky semantics.
The mass hysteria out there right now about Android malware reminds me of HIV/AIDS “information” back in the early or mid 80s. People were genuinely afraid you could catch AIDS from hugging someone or drinking from the same water fountain as someone who had AIDS. There wasn’t a lot of reliable and consistent information about how people became HIV positive.
Same deal now. If you read any mainstream press coverage of Android malware, you’ll see the focus is really on quantity (Android Malware Surges Nearly Five-Fold Since July or Android sees a 472% increase in malware since July) of malware instead of actual risk of infection. In typical pop journalism fashion, a lot of “news” articles are taking the “here’s one extreme, and here’s another extreme, so you decide” approach instead of actually informing consumers of the facts of how they can protect themselves from malware.
For example, Security Experts Concerned About Google’s Attitude Toward Android Malware makes it sound as if there is Chris DiBona saying Android malware isn’t a problem and then there are the “antivirus” vendors saying it is a problem. Same deal in Android Security: Threat Level None?
All these articles leave the consumer with is a sense of confusion, and no real practical steps to protect oneself. The former, for example, says:
Most malware researchers agree that the openness of the Android platform, which allows installing non-vetted apps, and more importantly the openness of the Android market, which lacks a strict application review process, contribute to its malware problem.
The latter at least hints that users could be responsible for malware proliferation:
Now that we have a few different views on this topic, who do you think is right? Well, there’s some truth to what the security vendors are telling us. Smartphones—and apparently Android devices in particular—can be infected with malware through careless use.
Careless use. Who is doing the careless using? Phone owners. Phone users.
That is the big difference between a virus and a trojan. The trojan you have to give permission to. You have to invite the trojan in. You know the famous story about the Trojan Horse? Yeah, that attack wouldn’t have worked if Troy had said “Yeah, fancy wooden horse? We’re not letting that into our city.” Same deal with malware. If you don’t install malicious apps pretending to be legitimate, you won’t magically get infected with malware. This is true for Android, Mac OS X, and Linux. I have never heard of any malware proliferating on any of those platforms that was not a trojan.
So if you want to protect yourself, don’t install “antivirus.” Install some common sense instead. Here is a great, step-by-step guide on how to do that: How to be safe, find trusted apps, & avoid viruses – A guide for those new to Android