It’s common to read in the news about how unsafe Google Play is compared to the iTunes App Store. Well, Google isn’t taking this lying down. They responded to the issue last week at the Virus Bulletin conference in Berlin.
You can read more about the story in this article on Quartz, but the basic idea is that Google has multiple layers of protection, meaning that only 0.001% of app installations are able to bypass them all and cause harm to users.
Google’s Android Security chief, Adrian Ludwig looks at the problem similar to how the CDC views disease:
“The CDC knows that it’s not realistic to try to eradicate all disease. Rather, it monitors disease with scientific rigor, providing preventative guidance and effective responses to harmful outbreaks.”
He says that security researchers are good at finding and fixing malware but that reports tend to become exaggerated. Google’s security mechanisms have improved in the last year when Android started shipping with Verify Apps. Verify Apps compares a downloaded app to a large database of malware information and warns a user if the app is potentially harmful. Verify Apps is included in the Google Play app so that older devices can benefit from the protection.
So while harmful apps are “out in the wild,” Google has attempted to inoculate devices so few are “infected.” And I promise I will not take the disease analogy any farther.
I did some looking and I believe that, for newer devices, the Verify Apps protection is also in place if you install from “unknown sources.” I don’t think devices running ICS or earlier, who are relying on Google Play to protect them, have the same protection. If a reader with more knowledge of this has more information, please let us know in the comments.
So while users should continue to use common sense while installing apps, it does seem as if, overall, you’re fairly safe.