Originally Posted by ctwise
They probably scanned the binary files (on the iPhone that would require jailbreaking the device) and looked for linkages. Those would tell you what code was being used. If their statistics are trustworthy it means that 1/4 of iPhone apps use third-party libraries and 1/2 of Android apps do. That only means something if there are malware code libraries floating around that people are using.
But then it means that if a 3rd party app is simply using another 3rd party library (maybe just for decoding a jpeg image), then it's immediately flagged as malicious?!
Originally Posted by ctwise
The points to take away from the story are that Android apps aren't thoroughly "sandboxed". That means the apps on the phone are restricted in terms of what data they can access. On iOS devices apps can't access other apps data and have only limited access to user data. So it wouldn't be possible for an iOS app to access your SIM card unless the app writer found an iOS defect.
The second point is that no one really looks at the apps in the Android market place. Apple actually tries each and every app and rejects those that don't do what they say they do. They also run some automated binary analysis routines looking for red flags. That said, a malware writer could possibly sneak something like this into the App Store. But it wouldn't be able to access the same amount of data that the Android app would and there's a much higher possibility of detection before it gets into the store.
Android has a sandboxing model as well: by default an application cannot access another application's data (since each app has it's own user id, and the data folders are protected). To access other apps (or system) data, application needs permissions. To make it user-friendly, the user has to accept all permissions at once, when intsalling. IMHO this is still better compared to the old java era when you were asked every time when an app accessed the internet, and then every time when it tried to read the contacts, etc.
So as I see, the problem is the following:
* Android is more open, more flexible: applications can access a wider range of data. But users (including me of course ;-) ) tend to ignore the permission list, they just accept it.
* iOS is more strict, apps can access only a very limited data, hence iOS is more secure.
Question: is the above correct? Is it really the case that an iOS app cannot access the browser history at all? Even if the app supposed to do that (for example if the app is called BrowserHistorySynchronizer?)
If this is the case, then the problem is a matter of preference: does one prefer to live a bit more dangerously but have more functionality in the phone or not.