Following on from my previous post on Android threats (this post is based upon research of Google’s Bouncer feature), Google’s strategy to combat Maldroids is four-fold:
The Android security team performs design reviews and code audits, device testing of the Android OS. They manage security processes and respond to incidents. They encourage security collaboration between Google, partner security teams, industry and academic partners. They also evangelize Android security by documenting security practices and development best practices. This all sounds a lot like what Microsoft does with its SDLC, and the Android Security Team’s function sounds a lot like Microsoft’s Trustworthy Computing group. In terms of the OS itself, Android is a stripped down Linux kernel with minimal root processes, no listening ports with automated testing, code reviews and two acronyms called ASLR and NX whose expansion I don’t know. It uses full disk encryption, keychain management, an account manager, device management, and OTA updaters for the apps and the OS. A user, partner or Google itself can flag an app’s content for review. When this occurs, a manual review process is initiated. If the content violates the market’s policies, it is removed. A team of analysts works on detection and is constantly improving and the process is transparent and free to end users with no cost or performance impact (this sounds a lot like the spam team’s role on a daily basis). When takedowns occur, the application is suspended and the developer is banned. Google also works with law enforcement, contacts the ISP to take down any C&C’s, pushes an automated clean up tool, and reviews related applications and developers. This entire process sounds almost exactly like Microsoft:
For these reasons, I can’t criticize the Android platform for being so insecure because their response is a lot like Microsoft’s. I came away from these talks with the impression that the price to pay for openness is insecurity (the Internet is the same way).
However, there are some key differences in Android from Microsoft:
I admit that I am not an expert on securities permissions and these types of models; the above part I include after discussing it internally here at Microsoft.
Google asserts that their process is getting better and people are downloading fewer rogue apps. I scoff at this because as Android becomes more popular, it will become a bigger target precisely because it is popular and open. That’s what happens. It also means that if Windows Phone ever catches up, it will encounter the same problems.
"Windows is open, Android is open"