Android Security vs iOS Security

Before buying your own smartphone, what criteria do you use for choosing the right phone? Does it include having a wider screen and higher resolution? Does it include having the fastest processor on the market? Or what about battery power that lasts for more than a day? Most consumers focus their gaze on the phone’s specs but neglect to consider a very crucial and important criterion: security features.

In the battle of the best phones on the market, let’s now compare the security features of both Apple and Android devices which most consumers have overlooked.

The Similarities

Let’s first tackle those security features where both mobile operating systems are on par with each other. Both iOS and Android have traditional access control. It is a method where users access the device to unlock the phone through such means as typing a password, following a pattern, and sliding to unlock.

Both platforms also provide permission-based access control. This security feature asks permission from the user before an app uses sensitive data or file from the phone. Applications also cannot directly access the phone’s hardware. Both OSes have layers of intermediary software that controls applications from directly connecting to your phone.

You also won’t need to worry about web-based attacks. Both iOS and Android are already armed and ready to ward off foreign invaders.

Apple App Store and Android Market

Both mobile platforms have designated markets where you can download apps. For iOS, one has only the Apple App Store, while Android has plenty of sources to choose from, aside from the official Android Market.

Both iOS and Android also differ in how their apps are validated and published on their databases. Apple’s App Store has a complicated and strict process before an app becomes available on the market. Developers are required to submit a binary package to Apple’s team of engineers for approval. This requires a long time before it is made available on the App Store. When approved and made available in the App Store, the app still risks the possibility of removal from the App Store when the app or its developer behaves inappropriately.

On the other hand, you can download apps to your Android phone through the Android Market and a number of third-party sources on the web. The Android Market also has a limited security process and allows nearly all applications to be downloaded by its consumers. The loose security process can be an entry point for developers of viruses or malware for Android phones.

Security and privacy on both Android and iOS have not been thoroughly tested. There have already been cases of unauthorized access to sensitive data under both platforms.

Security Features

Both iOS and Android use permission-based access control, but the two platforms differ in implementing it.

In the case of Android, you are shown a list of what data or hardware will be accessed by the app before you actually download and install the app. If you grant the app permission, the app will be downloaded and installed on your mobile device. In the case of iOS, you will need to install the app first. The permission-based access control only kicks in whenever you use the app and the app requires access to your phone’s data or hardware. If you refuse, the app will not be able to function properly.

iOS also includes geolocation and auto erase features. Geolocation allows you to locate your device in case it gets lost. The auto erase feature allows you to remotely erase your mobile phone’s data. This feature can be handy in situations when your phone gets stolen and you want to prevent anyone from accessing the data on your phone. The auto erase feature also sets your phone to “self-destruct” its own data if the PIN is incorrectly supplied 10 times.

Some manufacturers of Android handsets offer similar features on their own devices. HTC, for instance, offers users of some HTC phones the ability to locate the devices (geolocation), remotely ring the device (handy if you misplace your phone), remotely lock the phone and display a custom message, or remotely erase all phone data.

Security Weaknesses

Both Android and iOS have security weaknesses–or at least some of these weaknesses are perceived to be security weaknesses by some.

In the case of Android, there is no uniform or predictable pattern for updating handsets to the latest firmware, which usually brings security and bug fixes in addition to new features. Though, there is a workaround–rooting and installing a custom ROM–which are also the usual ways for Android users to get rid of manufacturer- or carrier-enforced software (also called bloatware, which most users don't really need). Rooting and custom ROMs are also the most popular ways for users to update their Android devices to the latest version of Android, even if handset manufacturers have not provided one.

In the case of iOS, one grave example of a security weakness is the SSL MITM security flaw existing in devices prior to iOS 4.3.5. Hackers have taken advantage of this vulnerability that exists in millions of Apple devices. Several iOS devices cannot be upgraded to iOS 4.3.5 or higher, so the security flaw is pretty much still existing. This case is similar to Android handset makers' problem with upgrading their respective devices to the latest Android versions. iPhone users can also choose to jailbreak (similar to rooting) their iPhones, although such procedure often opens up more security holes, the most famous of which was the security issue in the iPhone PDF parser that allowed malicious code to be executed from within a PDF file.

What You Can Do

Both iOS and Android have both security strengths and weaknesses. But, you can do your share in mitigating the backlash of their security weaknesses. You can do the following:

Change your phone’s password into one that is awfully difficult to guess by anyone else.
Download apps only from trusted sources (and read and understand the permissions required by each app before you install the app).
Install security software on your mobile phone.
Keep your phone updated.
Disable wireless connections when not in use.
Do not view sensitive data over public Wi-Fi.

Veracode has a nice, hi-resolution infographic summing up this mobile security comparison. Check it out from here.

What other security measures are you practicing on your mobile phone? Which operating system makes you feel safer and more secure–Android or iOS?

Loading ...

Microsoft Xbox One vs Google TV: The war for the living room

by Andrew Grush, 2 hours ago

For the last several decades your living room has largely been controlled by one powerful force: your cable (or satellite) company. This is slowly changing as companies like Apple, Roku and Google work to steal…

Comments

http://twitter.com/Alankrut Alankrut Patel

If you can look over that price, get it. If not get a Nexus 4. I still prefer the design of the Nexus 4
monkeypox69

For $650? No.
- jlczl
  
  If you buy the version from at&t you’re actually pay more for it through the life of your contract. If you buy the version from T-Mobile you’re actually paying more for it outright once you add the tax. Either way the Google Edition is actually cheaper.
  - ryan
    
    You aren’t buying it from att or T-Mobile. You’re buying it outright from Google. Carriers have no say in anything.
    - http://www.facebook.com/joshua.hill.940641 Joshua Hill
      
      I assume @jlczl was referring to the non google edition currently available on contract.
- http://www.facebook.com/danielbelini Daniel Belini
  
  And if I tell you that $650 it’s half of the original version price, here in Brazil?
http://www.facebook.com/apavluck Alex Pavluck

Price doesn’t matter to me. I have a nexus 4 which is cracked and I really like the flip cover design, the camera, and the screen of the s4. I don’t know if it makes sense to buy the at&t model and get the Samsung software or will I just see it as bloatware after coming from nexus and iPhone so wait for the s4 GE. On contract is $400 less. What do you think I should do?
- Oli72
  
  Keep your money. Keep the nexus 4.
Johnathan Katz

It seems like a nice phone, unlocked on top of an unlocked bootloader makes it a fairly formidable foe, but the price point is a little high.
And to be honest I don’t see how the lack of a TouchWiz UI is a bad thing, I’d take stock Android any day.
- David Gonzales
  
  TouchWiz does have those extra software features, and taking it away in effect makes the Galaxy S4 Google Edition less feature-rich, if you get what I’m saying.
http://www.facebook.com/joshua.hill.940641 Joshua Hill

Has expandable storage = not a nexus device.
I can’t understand Googles fear of micro SD cards.

If the nexus 4 had an sd slot I would have bought one. I’ll wait for more details on nexus 5, x phone and keep my fingers crossed.
- William
  
  That one reason has kept me from getting a Nexus device.
- maxfrix
  
  Google wants to store your data and charge you to access it. That is their long term plan.
  - http://www.facebook.com/joshua.hill.940641 Joshua Hill
    
    I suspect it has more to do with how linux and android handle mounting of drives and root access. I don’t doubt Google wants our data in the cloud so they can analyse it.
    
    Charging people to access their data. Thunk about how that sounds to the consumer. There’s no way you can spin that and keep your customer base.
- Kapil
  
  Google said that they did not include micro sd slot to simpify consumer’s life. Micro SD card only creates more confusion. My mother has galaxy grand and often there is confusion on where are the files downloded
  - http://www.facebook.com/joshua.hill.940641 Joshua Hill
    
    I had the same prob finding files before I put an SD card in my phone. Androids file mgmt is just crummy regardless of the inclusion of removable storage.
    - http://www.androidauthority.com/ David Gonzales
      
      I agree, see my comment above.
    - David Gonzales
      
      I agree, see my comment above.
  - http://www.androidauthority.com/ David Gonzales
    
    I believe that’s a problem with the software, in other words something that needs to be addressed on the Android OS itself. It’s like they designed the file system with the express intent of confusing people, if you look at it.
  - vgergo
    
    I never understood this argument. The card slot is just an option. If you don’t put a card in it, your phone is just like one without a slot. Just don’t tell novice users. If they don’t know about it, they won’t use a card in it so they will not be confused. Or warn them, if they put a card in there they should understand what it’s about.
    
    Is it confusing that our phones can be rooted? Would it be better if they could not be? Simmilar thing.
    
    Please give the choice to us.
    - Kapil
      
      Choice is good, and that’s what sets android apart from ios but I think google was right to remove sd slots from nexus devices. If you think what I said was not a proper argument then just think of it as my choice.
  - David Gonzales
    
    I believe that’s a problem with the software, in other words something
    that needs to be addressed on the Android OS itself. It’s like they
    designed the file system with the express intent of confusing people, if
    you look at it.
  - http://www.facebook.com/danielbelini Daniel Belini
    
    Isn’t there any way to make both SD card and internal storage “looks” like only one?
    I don’t know, maybe some kind of RAID. It would be a lot easier for people like Kapil’s mother.
    - Kapil
      
      ya, lol
Ron Rossman Jr

Is ATT really going to sell it SIM unlocked? Knowing ATT and the fact even the cheap ass simple dumb phones without even a camera are SIM locked I find this hard to believe
- Infinite7154
  
  You’re not buying it from AT&T. It’s being sold on Google Play. You can use an AT&T sim but AT&T will have no say so over this one
Stephan H. Wissel

The really interesting question: can a owner of a regular Samsung S4 “sidegrade” to a Samsung S4 nexus edition. I don’t care much about the Wizbang UI and find the amount of control you can exercise lacking in comparison to CyanogenMod which I ran on the S2. With stock-barrel Android S4, a GyanogenMod seems not too far fetched
jayydoggy

So guys help me out here? If I buy the S4 GE will I not have have all cool camera features of touch wize ect? , smart scroll ect?
- Kapil
  
  I think you should buy s4 GE because camera features can be owned through any play store app but no app in play store can ensure timely updates and faster experience.
t

But most software features in S4 are now coming to S3, whats the use of buying google edition unles you are a developer..
- http://www.facebook.com/johnphillip.saayman John-Phillip Saayman
  
  I saw that some of the cool stuff in the camera and so on isn’t coming..
- taz89
  
  Not really you only get things like lock screen widget and expanded notification toggles with the new tw launcher.. You get none of the s4 major stuffs like the new camera and features, no air gesture, hover modes etc… You get none of them social wouldn’t say you are getting the main features of s4 but just the basic 4.2.2 features.
porter86

“Reason not to buy: No TouchWiz features”
I think that’s a reason TO buy, not not to buy!

Looking at a comparison though between the S4 and the HTC One it really is in the S4′s favour – http://versusio.com/en/samsung-galaxy-s4-vs-htc-one

Such a hard choice.. Does the superior design make up for it do you think?
- http://www.androidauthority.com/ David Gonzales
  
  Well design is a matter of taste, so it would be quite difficult to give you a straight recommendation if that’s what you’re going to base your decision on.
- Fuck Apple
  
  Actually most of the things that make the S4 shine are the TouchWiz features, like the finger hovering for example
- David Gonzales
  
  Well design is a matter of taste, so it would be quite difficult to give
  you a straight recommendation if that’s what you’re going to base your
  decision on.
- http://www.facebook.com/danielbelini Daniel Belini
  
  I totally agree with you.
  The worst part of a Samsung phone it´s Samsung’s software, mainly TouchWiz.
http://www.facebook.com/johnphillip.saayman John-Phillip Saayman

Reason I’m not buying, is because all the Samsung stuff is gone. I’d rather take touch wiz then, and get cool stuff like the camera features and air view.
http://www.facebook.com/gadgetgurukesawaal Pratik.

Save 20k and buy lumia 820…watch video on YouTube compared of wp dual and @ndroif okta core s4..