If you have a friend who still says Android isn't secure enough, tell him the U.S. military disagrees. It looks like Android will soon be secure enough for military use.
A company called Invicea has apparantly been contracted to fix Android's security risk and make the platform suitable for use by the American military. The $21.4 million contract will create a version of Android impervious to malware. The Defense Advanced Research Projects Agency (DARPA) and the US Army Research Labaratory are also involved in the developing of the system, which is currently being testsed by "thousands of U.S. Army personnel in Afghanistan," according to a press release.
The program being developed, called Mobile Armor, allows for users to install untrusted apps, which are then kept away from private data stored on the device. By creating a virtual environment for third-party apps, malware isn't able to get it because the app isn't running on the actual oprating system. In addition to malware protection, the system features encryption and the device's memory is filled with useless data so if it is stolen, no harm can be done.
While this doesn't mean that non-army Androids are any safer, it is a testament to Android's open nature that such a project could even exist. "Without wishing to comment on the [government] motives for anything, the choice of Android as a base OS for creating a hardened device seems obvious,” Rik Ferguson, director of security research at Trend Micro told Infosecurity. “The Android OS is open source, meaning that developers are able to create, change and tweak the base code as much as they like. This is not the case with any of the other major mobile OSes.”
Now if only this same ultra-secure OS could be installed on my Galaxy Nexus, lest I accidentally leave it on the bus one drunken night...