Wednesday, April 22, 2015

Android: no malware problem?

That's what the head Android security d00d says:
[Lead Android engineer Adrian Ludwig] said that while impressive software security exploits surface often enough, their use in actual attacks is small: “I don't trust humanity any more than you do, but the scale of exploitation is small … in the meantime it feels like we may have a chance at wining the exploitation battle in mobile.”

In illustrating the low exploitation figures, he said of two "beautiful" exploits in wild, one was leveraged less than eight times per one million devices, and the other once per million, even though 99 and 82 percent of Android users, respectively, were at risk at the time of disclosure – and that's according to stats from BlueBox.
I'm not sure that I believe that the data sources he's relying on are comprehensive, but this is pretty interesting.

1 comment:

stratonacreous said...

Why would you bother mounting an attach on a mobile device when practically every app on them makes no serious effort to protect the user's information? Just build a new app promising some vague social network coolness, do some minimal social marketing, get people to do the oauth dance with your server, and then steal everything. Lot's easier than any attack.