Security News

<< Next Post - Previous Post >>

Android vs iOS Security

A sensitive topic but below is my initial view on the security offered by those two platforms.

My view is that Android, being a more open platform, offers more capabilities (flash, access to the root system, extension slots, etc). However, because of this it offers a less secured experience out of the box.

Apple, by not allowing certain technologies such as flash (flash security issues are endless) and by limiting access to its root system alsolimits its security exposure compare to android devices.

A very important security feature is then offered by the app store screening process. Although not perfect by any means, it still gets rid of obvious bad or flawed apps and protects iOS users further.

None of the devices are bulletproof and both suffered some security issues:
iOS: Worm on jail broken iPhone and phone lock bypass (fixed in iOS v4.2)
Android:Core libraries are open and apps can have deeper and more dangerous access to the device, self signed certificate thus no control over which apps get installed on the device, no full disk encryption, a higher number of worms

The iOS devices are more secured but less flexible than Android devices for normal users*.

Therefore recommending a platform will heavily depend on the usage and type of data a user may handle. There isn’t a clear winner for me.

* normal android users: Not someone who is going to recompile and patch the android kernel on a daily basis…

Note: Of course this is not a robust way to gather stats, but just google for android/iOS vulnerabilities and you can quickly get a feel for what I just said. Also, a great paper written in 2009 and giving a good overview of the Android Security model can be found HERE



<< Next Post - Previous Post >>