updated 01:53 am EDT, Tue October 8, 2013
Claims 'real-world' security testing by users makes it better
In the face of security studies that show that more than 90 percent of new mobile malware is found on the Android platform, Google's Chairman Eric Schmidt raised eyebrows and drew laughter at a Gartner symposium and IT expo by refuting a presenter's statement that the platform has serious security and fragmentation issues, claiming both that Android is "more secure than the iPhone," and that access to Google Play eliminates the issue of Android fragmentation.
Schmidt's remarks are par for the course for the Google chief, who previously predicted that Google TV would dominate the set-top and smart TV market by last summer, claimed developers would flock to the Android platform in 2012, and also dismissed the iPad initially as "just a big iPhone." When asked later to elaborate on his claim that Android is more secure than iOS, Schmidt simply repeated the assertion that "Android is very secure," drawing further audience -- and presenter -- laughter.
According to an FBI study from August, Android accounted for nearly 80 percent of all mobile malware threats -- with Symbian composing almost all the remaining risk -- and saw 92 percent of new threats directed at its platform. In numerous studies, both Apple's iOS and Windows Phone were deemed all but completely free of malware.
Schmidt could be confusing reports from others that iOS has more vulnerabilities than Android -- which hasn't been independently verified -- but accidentally (or deliberately) overlooking the differences. No interactive platform is without vulnerabilities, but the way they can be exploited and are used in real-world threats makes a big difference in user experience.
In the iOS system, vulnerabilities are mostly used to facilitate "jailbreaking," a hack that has become all but extinct in the last two major iOS releases. On Android, vulnerabilities combined with unapproved apps from independent marketplaces means that there is no way to patrol or stop the spread of trojan or malware-infested apps, regardless of whatever efforts Google puts into the security of its official Play store. Android has so many serious security concerns that the Pentagon has only approved its use in conjunction with Samsung-developed Knox, effectively locking out any other vendors.
Schmidt also dismissed claims of Android "fragmentation," saying that "we have an we have an agreement for vendors that you keep the Android stores compatible and that is a great breakthrough for Android." It is unclear what he means by this, as a majority of Android devices in China, for example, have no access to the Play store and do not run standard Android apps or interact with Google services at all. Even in the west, the majority of Android users are running versions two or three major releases back, and are not compatible with the majority of currently-offered Play apps for Android.
It is possible that Schmidt is relying on his company's own recently-altered statistics for Android. Google recently altered its algorithm for calculating OS version share by ignoring users running systems too old to interact with or use Play or its apps.
Because of the obvious gaps in security, Apple's iOS continues to dominate enterprise and business use, gain share from Android in North America and spawn forked versions that limit interaction with other app markets. The iPhone 5s' use of a biometric scanner (Touch ID) and Activation Lock are likely to further strengthen Apple's position in a post-BlackBerry mobile security environment.