You guys are missing the big story here. See how secure Win CE is? That's the phone to get.
I find it really interesting that the ONLY instances of ‘security through obscurity’ that have ever happened in this industry regard old versions of Microsoft’s OS’ because eventually people stop making viruses for them.
There’s a guy who has been running Windows 95 for his browsing (and he can do everything a modern browser can) since… what, 2006, I think because it can’t catch any of the modern viruses anymore.
I thought we weren't supposed to trust these metrics. Besides I very much doubt abstract stats like this capture use too well. For example I am often on my desktop PC vs my tablet/phone. Just because I don't use it to browse the web doesn't mean I'm unhappy with it, or I don't value it. I honestly don't get the argument.
The usage metric is a more valid indicator of actual usage than just units on channel or even end sales to customers, particularly if relativating it to malware affecting users: You need to use your device in order to be vulnerable. If A usage is 30% of recorded hours and it accounts for 80% of malware, while B usage is 70% and accounts for 20%, you can rationalise it.
Your personal situation, where you don't use your device while using others, makes no difference, since what should count is the amount of attacks over usage time. If your behaviour stayed the same owning an iPad, you would contribute the same amount of hours to the statistic, but would get attacked a lot less than while using an iPad.
On the other side, it is not far fetched to assume that people use their iOS devices more, because they like the experience better, thus using their desktop PCs and other devices less. A combination of iOS devices being better/nicer/longer (or actually) usable/preferred over alternative devices/etc is the only rational explanation for the higher usage while lower market penetration.
[COLOR=blue][/COLOR]The headline '99%' of all mobile malware attacks are targeted at Android, which sounds really bad, but if you read the report you then find that one bit of malware (Andr.Smsend) accounts for 98% of all Android malware. According to McAfee "This malware requires that the user intentionally install it upon the device. As always, users should never install applications from unknown or un-trusted android markets."
So, if you don't intentionally install the single malware application responsible for 97% of all mobile malware, you are left with a very different spread. Android may still show a slightly higher proportion of malware than some other devices, but that is to be expected from a combination of a higher installed base and the existence of third-party unregulated markets.
Just out of curiosity - where do these numbers come from? Last I had seen (sometime 2013) was Apple at a global 20something% market share, with Android-powered devices having about double of that....
IDC and Gartner's numbers line up pretty consistently with each other. IDC has Apple dropping from 14.4% market share in 2012 down to 12.9% in 2013.
I read the report Marvin linked, and I'm skeptical of their methods. They are tracking the domains visited by mobile devices and then treating the "suspect" domains as malware. I doubt this method accurately catches all types of malware. For example, if I have an App that sends information out via SMS, then their study doesn't catch it. If my App sends e-mails then they can't catch those either. Or if an App is connecting to a legitimate server, but passing additional information from your device that it shouldn't be. There are so many different ways to steal your data, and tracking which domains your device connects to is, IMO, not nearly reliable enough.
I'm also suspect of their ridiculously low number of 3,500 out of 380 million. Not that I think the number should be in the millions, but 3,500 seems ridiculously low.
The infection rate was reported to be high in 2012:
This likely prompted Google to take action with the bouncer software and direct removal of apps themselves.
Google's report is a study of US cellular networks so will exclude some tablets and as noted in the above link, the US is just under 1/10th of the infected devices worldwide so the worldwide Android infection count is at least 10x that or at least 35,000 out of 1 billion but that would still be low in comparison to 2012. The biggest infection rate is China at 25%. Some Android users dismiss countries like China by saying they are more likely to steal apps and so deserve what they get but the population of China is 4x the US and the infection rate only 2.5x so that doesn't really hold up.
It's expected that Google will choose the most flattering stats but there doesn't appear to be stats that say otherwise:
"data collected by the Verify Apps service, which logs events involving a hazardous applications, found that only 1,200 of 1.5 billion application install attempts were incidents in which “potentially harmful applications” ended up being installed on an Android device.
according to researchers at Lookout Mobile Security, which makes security software for mobile devices and first raised alarms about the BadNews malware. “Overall I agree with the trend toward fact-based information versus fear-based information,” said Jeremy Linden at Lookout Mobile Security. “In general, the number of (malware) samples is not that relevant to their prevalence or how they impact users,” he said.
Linden said that Lookout tracks the percentage of users who encounter a threat on their phone, regardless of whether the encounter results in an infection. “Just because you didn’t get infected doesn’t mean the threat is not out there,” said Mark Rogers, a principal security researcher at Lookout. For one thing, there may be mobile malware or suspicious applications that Google does not know about and, thus, is not counting.
And there are some caveats: Google can’t see many – or even most – mobile application installs that happen outside of its Google Play application store. The numbers Ludwig presented for malicious application downloads and installs on Android use a blended averaged across all the installation channels and are based on the assumption that Google’s Verify Apps technology in the loop on at least half of all installations. That’s a big assumption and could omit data from millions of devices – most outside North America and Europe – that are running customized versions of Android and/or frequenting dodgy third party application stores. True – those aren’t exactly Google’s problem, but still…"
Although most people here naturally want Android to fail in some regard, I'd say it's better if Google proves they can run a less restricted distribution service safely. That's what we have on OS X already.
Google, Bing, or whatever search engine you prefer will gladly lead you to those figures. It's been widely reported that Android has over 80% of the global market.
IDC and Gartner's numbers line up pretty consistently with each other. IDC has Apple dropping from 14.4% market share in 2012 down to 12.9% in 2013.
No matter how many times it gets explained, this never seems to sink in. It's not surprising considering how often the same phrases get repeated by Android fans. The articles misuse the term 'marketshare'. They are talking about sales share in a given quarter, not device ownership. This causes confusion with usage stats.
Google has stated they've activated 1 billion Android devices, Apple has stated they've sold 700 million iOS devices. These stats can be found in Google too. If you have an elementary understanding of numbers, you can see that this doesn't give Android an 80% share of device ownership. If you were to exclude low utility devices and older products, they'd probably come out fairly close.
Android is selling faster now so device ownership share will change over time but it's not likely that it's even reached 2:1 in favor of Android yet.
With all due respect, I'll trust that the companies who specialize in this stuff know what the word marketshare means over a random person on the internet. The term isn't exactly murky or open to interpretation.
You guys are ridiculous, I use a Model 500 phone, it's the coolest phone out there and a definite head turner. It is more secure than an iPhone, Android, Windows, and BB. You guys overpay for everything, do yourself a favor and get yourself one. I'm however finding it difficult to find a case and screen protector for it.
I have one of those also. The security is fantastic: if someone tries to steal my iPhone, I smack them in the head with the model 500. Stops 'em every time! The other advantage of the model 500 is that it doesn't heat up. Best UI out there. Works without power. But I got the deluxe modification that changes the dial to an 'operator dial' so that I can dial faster (it has a spring loaded much faster return). When I use the 500, I've NEVER had my contacts stolen and I've never gotten any false credit card charges. The only problem with the model 500 is that when I use it when I'm out, people keep tripping over the wire. It's also hard to take on the subway. They need to fix that.
With all due respect, I'll trust that the companies who specialize in this stuff know what the word marketshare means over a random person on the internet. The term isn't exactly murky or open to interpretation.
Right, it's not open to interpretation. It means the share of devices owned, not the share of devices sold in a 3 month period and Android doesn't have an 80% marketshare nor anywhere near it.
Right, it's not open to interpretation. It means the share of devices owned, not the share of devices sold in a 3 month period and Android doesn't have an 80% marketshare nor anywhere near it.
Yeah I can't see his point really. Share of sales is not overall share. Having said that, trying to match statistics together like this is always doomed to fail. Marvin's original post was pretty succinct and while I can believe the malware numbers are smaller than reality, it's clear that it isn't the epidemic some people (often antivirus vendors) make it out to be.
Yeah I can't see his point really. Share of sales is not overall share. Having said that, trying to match statistics together like this is always doomed to fail. Marvin's original post was pretty succinct and while I can believe the malware numbers are smaller than reality, it's clear that it isn't the epidemic some people (often antivirus vendors) make it out to be.
Comments
I find it really interesting that the ONLY instances of ‘security through obscurity’ that have ever happened in this industry regard old versions of Microsoft’s OS’ because eventually people stop making viruses for them.
There’s a guy who has been running Windows 95 for his browsing (and he can do everything a modern browser can) since… what, 2006, I think because it can’t catch any of the modern viruses anymore.
It's been widely reported that Android has over 80% of the global market.
"Widely" reported? . . . or, more likely, "wildly" reported.
I thought we weren't supposed to trust these metrics. Besides I very much doubt abstract stats like this capture use too well. For example I am often on my desktop PC vs my tablet/phone. Just because I don't use it to browse the web doesn't mean I'm unhappy with it, or I don't value it. I honestly don't get the argument.
The usage metric is a more valid indicator of actual usage than just units on channel or even end sales to customers, particularly if relativating it to malware affecting users: You need to use your device in order to be vulnerable. If A usage is 30% of recorded hours and it accounts for 80% of malware, while B usage is 70% and accounts for 20%, you can rationalise it.
Your personal situation, where you don't use your device while using others, makes no difference, since what should count is the amount of attacks over usage time. If your behaviour stayed the same owning an iPad, you would contribute the same amount of hours to the statistic, but would get attacked a lot less than while using an iPad.
On the other side, it is not far fetched to assume that people use their iOS devices more, because they like the experience better, thus using their desktop PCs and other devices less. A combination of iOS devices being better/nicer/longer (or actually) usable/preferred over alternative devices/etc is the only rational explanation for the higher usage while lower market penetration.
So, if you don't intentionally install the single malware application responsible for 97% of all mobile malware, you are left with a very different spread. Android may still show a slightly higher proportion of malware than some other devices, but that is to be expected from a combination of a higher installed base and the existence of third-party unregulated markets.
Just out of curiosity - where do these numbers come from? Last I had seen (sometime 2013) was Apple at a global 20something% market share, with Android-powered devices having about double of that....
IDC and Gartner's numbers line up pretty consistently with each other. IDC has Apple dropping from 14.4% market share in 2012 down to 12.9% in 2013.
Sources:
Gartner http://www.gartner.com/newsroom/id/2623415
IDC http://www.idc.com/getdoc.jsp?containerId=prUS24442013
The infection rate was reported to be high in 2012:
http://www.esecurityplanet.com/mobile-security/32.8-million-android-devices-infected-in-2012.html
This likely prompted Google to take action with the bouncer software and direct removal of apps themselves.
Google's report is a study of US cellular networks so will exclude some tablets and as noted in the above link, the US is just under 1/10th of the infected devices worldwide so the worldwide Android infection count is at least 10x that or at least 35,000 out of 1 billion but that would still be low in comparison to 2012. The biggest infection rate is China at 25%. Some Android users dismiss countries like China by saying they are more likely to steal apps and so deserve what they get but the population of China is 4x the US and the infection rate only 2.5x so that doesn't really hold up.
It's expected that Google will choose the most flattering stats but there doesn't appear to be stats that say otherwise:
https://securityledger.com/2013/10/googles-data-say-android-is-safe-but-is-that-the-whole-story/
"data collected by the Verify Apps service, which logs events involving a hazardous applications, found that only 1,200 of 1.5 billion application install attempts were incidents in which “potentially harmful applications” ended up being installed on an Android device.
according to researchers at Lookout Mobile Security, which makes security software for mobile devices and first raised alarms about the BadNews malware. “Overall I agree with the trend toward fact-based information versus fear-based information,” said Jeremy Linden at Lookout Mobile Security. “In general, the number of (malware) samples is not that relevant to their prevalence or how they impact users,” he said.
Linden said that Lookout tracks the percentage of users who encounter a threat on their phone, regardless of whether the encounter results in an infection. “Just because you didn’t get infected doesn’t mean the threat is not out there,” said Mark Rogers, a principal security researcher at Lookout. For one thing, there may be mobile malware or suspicious applications that Google does not know about and, thus, is not counting.
And there are some caveats: Google can’t see many – or even most – mobile application installs that happen outside of its Google Play application store. The numbers Ludwig presented for malicious application downloads and installs on Android use a blended averaged across all the installation channels and are based on the assumption that Google’s Verify Apps technology in the loop on at least half of all installations. That’s a big assumption and could omit data from millions of devices – most outside North America and Europe – that are running customized versions of Android and/or frequenting dodgy third party application stores. True – those aren’t exactly Google’s problem, but still…"
Although most people here naturally want Android to fail in some regard, I'd say it's better if Google proves they can run a less restricted distribution service safely. That's what we have on OS X already.
No matter how many times it gets explained, this never seems to sink in. It's not surprising considering how often the same phrases get repeated by Android fans. The articles misuse the term 'marketshare'. They are talking about sales share in a given quarter, not device ownership. This causes confusion with usage stats.
Google has stated they've activated 1 billion Android devices, Apple has stated they've sold 700 million iOS devices. These stats can be found in Google too. If you have an elementary understanding of numbers, you can see that this doesn't give Android an 80% share of device ownership. If you were to exclude low utility devices and older products, they'd probably come out fairly close.
Android is selling faster now so device ownership share will change over time but it's not likely that it's even reached 2:1 in favor of Android yet.
The articles misuse the term 'marketshare'.
With all due respect, I'll trust that the companies who specialize in this stuff know what the word marketshare means over a random person on the internet. The term isn't exactly murky or open to interpretation.
You guys are ridiculous, I use a Model 500 phone, it's the coolest phone out there and a definite head turner. It is more secure than an iPhone, Android, Windows, and BB. You guys overpay for everything, do yourself a favor and get yourself one. I'm however finding it difficult to find a case and screen protector for it.
http://en.wikipedia.org/wiki/Model_500_telephone
I have one of those also. The security is fantastic: if someone tries to steal my iPhone, I smack them in the head with the model 500. Stops 'em every time! The other advantage of the model 500 is that it doesn't heat up. Best UI out there. Works without power. But I got the deluxe modification that changes the dial to an 'operator dial' so that I can dial faster (it has a spring loaded much faster return). When I use the 500, I've NEVER had my contacts stolen and I've never gotten any false credit card charges. The only problem with the model 500 is that when I use it when I'm out, people keep tripping over the wire. It's also hard to take on the subway. They need to fix that.
Right, it's not open to interpretation. It means the share of devices owned, not the share of devices sold in a 3 month period and Android doesn't have an 80% marketshare nor anywhere near it.
Right, it's not open to interpretation. It means the share of devices owned, not the share of devices sold in a 3 month period and Android doesn't have an 80% marketshare nor anywhere near it.
Yeah I can't see his point really. Share of sales is not overall share. Having said that, trying to match statistics together like this is always doomed to fail. Marvin's original post was pretty succinct and while I can believe the malware numbers are smaller than reality, it's clear that it isn't the epidemic some people (often antivirus vendors) make it out to be.
Marvin and I had a conversation over this same subject a few months back.
http://forums.appleinsider.com/t/159225/us-government-warns-of-androids-dominance-in-mobile-malware/40#post_2387458
As he rightly pointed out a few posts back, what might have been true back in 2012 isn't necessarily true today.
What does that graph look like when adjusted for global market share?