It is simply amazing to me that people don’t pay more attention. Case in point, I wonder how many of the devout (yes, that is the word) Android (and in the first case iOS) users know about the following two articles that I saw today…
How Fandango and Credit Karma exposed millions of smartphone users’ data
Apps with millions of Google Play downloads covertly mine cryptocurrency
The first is a clear example of an utterly-reputation-damaging-yet-probably-survivable breach of trust that we’ve seen in the media recently (Target anyone?). Even though the situation and circumstances are different the outcome is the same: they blew it when it came to relatively easy security practices and it’s up to the consumer to make them pay for it.
The second is much more malicious in that someone is willing to most certainly shorten the life of your smartphone to make themselves richer. The onus of this one is on the greed of the app author… but the blame is needs to be shared with Google and anyone else who provided the app because of their very-much flawed application certification processes. Although comfortably couched in legalese and corporate rhetoric in their TOS and statements to the media about those apps, at the end of the day they pulled apps that should’ve never been published in the first place.
And let’s not forget this little ditty where Google tries to say that Android is “more secure because it’s open”… if that isn’t round-robin logic I don’t know what is.
Logic Fail #1: Google assumes “people” will review and contribute fixes to the OS. Hmm…. that’s like assuming your neighbors will willingly mow your lawn for you while you’re sitting by the pool drinking lemonade and working on your tan.
Logic Fail #2: Google says that hackers will go where most people are. Hmm… No, it’s been my experience that hackers go where the low-hanging fruit is. I’m not talking about the hacking elite that are trying to change the world; I seriously doubt they even care about this stuff. I’m talking about the script-kiddies and malware cartels that are intent on using you to make them money.
Logic Fail #3: Google says their app certification process is state of the art and that every submitted app is checked for malware. Really? Then how did the two Google summarily pulled from the Play Store get there in the first place. And let’s not forget that this ISN’T the first time Google has been to this particular dance… (http://www.bing.com/search?q=google+pulls+malware+apps)
Anyway, I think I’ve ranted long enough.
Please pay more attention to what is real and not the bull the marketers push on you.
Vote with your wallets, people.