The explosion of mobile apps on Apple iPhone and Google Android has generally been seen as a good thing but opening up our phones to these devices could lead to vulnerabilities and Lookout is trying to raise awareness of potential security threats.
The company, which makes security and backup software for Android, BlackBerry and Windows Mobile, will launch the App Genome Project later this week and this app data set will identify threats and inform customers what type of data apps are accessing. Some of the early statistics show:
29% of free applications on Android have the capability to access a user’s location, compared with 33% of free applications on iPhone
Nearly twice as many free applications have the capability to access user’s contact data on iPhone (14%) as compared to Android (8%)
47% of free Android apps include third party code, while that number is 23% on iPhone
Lookout said the vulnerabilities don’t have to come from malicious programmers, as lazy ones can be just as harmful. For example, the company said some Android developers were inadvertently releasing user location data into logs that could be accessed by other programs. This vulnerability has been fixed in Android 2.2, or Froyo, but that software is not widely available yet.
If smartphones are truly going to make desktops irrelevant in a few years, then we are bound to see more viruses and security threats. Luckily, the smartphone operating systems have been designed in ways to limit the damage that some third-party apps can do (sand boxes, kill switches, approval processes) but I think it is only a matter of time before we see a widespread vulnerability cause some damage.
As the largest smartphone platform, Symbian has already been targeted by malicious programmers but it will be fascinating to see how a company like Apple or Google responds to a serious threat.