Android Security: Why Anti-Virus Companies Shouldn't Be Trusted
Okay, everyone can calm down now; it seems that the hype over the so called "Android Counterclank," malware is largely overblown.
On Friday, Symantec claimed they had found a piece of malware on about a dozen apps in the official Android Market. Capitalizing on the users' fear of malware, Symantec released the shock-headline, "Highest-distributed malware found this year" – a dubious distinction, given the fact that the year had just begun.
In fact, Symantec's entire business plan is predicated on scaring people into downloading their anti-virus app.
In the chart Symantec released, you could feel the fear: the company indicated a possibility of one to five million installations of malware-infected apps. News organizations, including AndroidPIT, were quick to write-up stories about the malware scare, although we didn't write such numbers as "1-5 million Android users infected," as some Android blogs did.
But it turned out that the "malware" was simply aggressive advertising software, the number of affected devices was closer to 1,000 and the risk level to your phone was actually "Level 1: Very Low."
So why did Symantic cry wolf?
Part of the reason is the fact that their very business model has been laid on a foundation of customer fears. When folks believe that the apps they install may contain malware, they're more likely to download anti-malware apps from folks like Symantic. But the company is really hurting its credibility when it's forced to backtrack on big claims like "1-5 million" infected devices.
In fact, there aren't any "insiduous applications that bury themselves in your firmware," according to Information Week. As Chris DiBona, open-source manager at Google, posted on his Google+ account, "Yes, virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers. IF you work for a company selling virus protection for android, rim or IOS you should be ashamed of yourself."
Harsh words, indeed. But when Symantic runs scare campaigns like this, it's easy to see where he's coming from.