Android Dead? - Part 12: More Security Issues

| About: Alphabet Inc. (GOOG)

Google (NASDAQ:GOOG) is the giant of online search. It's main product is searches which it gives for free, in exchange for your eyeballs and all your information. It uses the latter to direct to the former a series of targeted advertising and from this it makes its money - $54 billion ( ttm ), that is, for a net income of $11 billion ($33.42 EPS).

According to eMarketer, Google earned somewhere around $5 Billion from mobile marketing. Surely, a good portion of this is driven by their mobile operating system, Android.


In this series of articles, I have postulated that Android will begin to lose market share as Microsoft's (NASDAQ:MSFT) WP8 and BlackBerry's (NASDAQ:BBRY) new BB10 begin to gain. In the first article in the series "Why," I explain that this is largely due to the security issues that plague the platform.

While so far, there is little evidence that my theory is correct, Android is now at the top of its from with as much as 75% of global smartphone sales, that is not to say that the changes will not occur. By definition, a peak is reached before a fall. It should be noted that Apple's (NASDAQ:AAPL) iPad still dominates the tablet scene (especially in the enterprise), that WP8 appears to be making a comeback, and that while BlackBerry market share for the last quarter was down yet again, they only released their new BB10 very close to the end of the first calendar quarter. So little is known as to how sales are doing now. A more detailed discussion of this will be presented in another post.

More Recently

The potential fly in the ointment of my argument is what if Android somehow becomes more secure, and "beats the rap," so to speak. There are two new advances on this front recently.

The first is Knox - as in the fort. This is a system devised by Samsung (OTC:SSNLF) that secures Android at a deep level against some of these potential threats. According to their press release:

  • KNOX incorporates Security Enhanced (NYSE:SE) Android developed by NSA (National Security Agency) and integrity management services implemented in both hardware and the Android framework. At the application layer, KNOX offers a container solution that separates business and personal use of a mobile device. This separation is supported by SE Android and file system level encryption, offering protection of business data and applications from data leakage and virus and malware attacks.

  • Samsung Knox Framework [source]

This means that various security features are built into Samsung's Android core down to the Linux kernel level and below, that protects the system. It supports a system similar to BlackBerry's Balance feature that separates all business data from personal data with an insurmountable wall. Not only is your business data separated from your personal apps and other data, but you cannot even copy and paste from the business end to the personal part.

Furthermore, there are many levels of protection against malware. This system has recently won U.S. Department of Defense approval for use on DoD networks. This is certainly a strong vote of confidence. (It should be noted that Apple's iOS 6 received similar approval.)


Tuesday, BlackBerry announced the availability of their awaited Secure Work Space for iOS and Android.

Secure Work Space for iOS and Android is a new option with BlackBerry Enterprise Service 10 (version 10.1.1) that offers customers with a BYOD (Bring Your Own Device) policy, a solution with the best combination of security, user experience and total cost of ownership. BlackBerry designed Secure Work Space to meet the management, security and cost needs of the CIO, and the user experience and functionality that employees demand.

BlackBerry provides security at the device, server and network level. Secure Work Space leverages the same trusted behind-the-firewall connection available for BlackBerry smartphones and extends BlackBerry security capabilities for data-at-rest and data-in-transit to iOS and Android devices. The Secure Work Space container is managed through BlackBerry Enterprise Service 10, making it easy and convenient to manage all devices from its single console.

Their software installs on the client smartphone as an app, that then can be used to both separate business/personal data and apps, and to access the services of their BES10 email and calendar servers.

On the other hand…

1- Latest report shows huge increase in malware on Android

But at the same time that these solutions are provided, Android is hit with more negative press on security.

Just today, Juniper Networks (NYSE:JNPR) released its third annual Mobile Threats Report noting:

Over the past year, the Juniper Networks Mobile Threat Center (MTC) found rapid mobile malware growth and increased sophistication of cyber criminals, turning attacks into an increasingly profit-driven business.

Among their findings:

  • 614% growth of mobile malware from March 2012 - March 2013.
  • 92% of all known mobile malware is on Android
  • There are more than 500 third party app stores that host malware infected apps.
  • 73% of these attacks use premium SMS messages to generate revenue.

The report notes that there are improvements in the latest version of Android, that protect against most of these threats, particularly against the premium SMS attacks, but that most users are not running these updates. Also to keep in mind is that malware adapts to new situations. If one hole is closed, the developers look for others.

2- Other reports

Meanwhile, anti-virus firm McAfee released a report McAfee Threats Report: First Quarter 2013, in which they write:

At the end of this quarter, the total number of samples in our mobile malware "zoo" reached 50,926, with 28 percent of that arriving in 2013. In all of 2011 we gathered only 792 samples. The growth of mobile malware declined slightly this quarter, but we're still on course for another eye-catching-and record-year.

The chart below tells the story on Android:

- Total Mobile Malware by Platform [source: McAfee]

According to the report, they see increases in spyware and botnet attacks. The first steals personal information. The latter uses the victim phone to connect to its servers without the user's knowledge and either perform other functions (such as downloading more malware), or to as a network for spreading spam, etc.

3 - Malware getting smarter

Finally, mobile malware is graduating to higher levels. In an article The most sophisticated Android Trojan, Kapersky Lab expert Roman Unuchek described earlier this month, a program Backdoor.AndroidOS.Obad.a:

a multi-functional Trojan, capable of the following: sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console.

Commenting on the sophistication of the software, Unuchek wrote:

Malware writers typically try to make the codes in their creations as complicated as possible, to make life more difficult for anti-malware experts. However, it is rare to see concealment as advanced as Odad.a's in mobile malware.

Working in the background, the app gains administrative privileges via previously unknown exploits in the Android operating system. It then sends user data to the criminal's servers, and is ready to download further malware and perform any task the app's criminal owners desire.

Finally, he writes:

To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits.

This is bad news.


The last few months have seen major advances in Android security with Samsung's Knox system and BB10's Secure Work Space becoming available. However, the criminals are also making advances with new malware surging in both numbers and complexity.

Yet none of this seems to be affecting Android popularity as its market share has recently hit its highest level. While at its highest level, it has changed only marginally from 2 quarters ago. So perhaps it has reached its maximum market share level. Still it remains to be seen if any of this will affect its popularity in the future. As I noted in my original post in the series, it depends on growth of WP8 and BB10. While WP8 seems to be gaining real traction, it is too early to tell for sure how much inroads it will make. BB10 is only just started, so we have absolutely no idea how they will fare.

One has to wonder if at some point users will just ask "Why worry?" and turn to one of the other options available.

Part 11

Related Article: Windows Phone 8 - ratings.

My blog post here will be updated with all new stories in the series as they come out.

Disclosure: I am long AAPL. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.