Sundar Pichai: Android Designed For Openness; Security a Lower Priority 117
An anonymous reader writes "Earlier this week, Google Android chief Sundar Pichai spoke at the Mobile World Congress where he explained, rather bluntly, that Android is designed to be open more so than it's designed to be safe. He also added that if he were a hacker today, he too would focus most of his efforts on Android on account of its marketshare position." Related: wiredmikey writes "Boeing is launching 'Boeing Black phone,' a self-destructing Android-based smartphone that the company says has no serviceable parts, and any attempted servicing or replacing of parts would destroy the product. 'Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,' the company explained. ... The device should not be confused with the new encrypted Blackphone, developed by the U.S. secure communications firm Silent Circle with Spanish manufacturer Geeksphone."
Re:Don't they know... (Score:5, Informative)
Even more related news... (Score:4, Informative)
The summary provided some related news, but isn't the fact that Apple just published a white paper about the security of iOS [apple.com] a bit more relevant to comments from Android's chief about its security than what the summary provided?
For example, consider the contrast in how the two companies approach the topic of security:
Google's Android chief: "We can not guarantee that Android is designed to be safe, the format was designed to give more freedom."
Apple's white paper: "Apple designed the iOS platform with security at its core. [...] The tight integration of hardware and software on iOS devices ensures that each component of the system is trusted, and validates the system as a whole."
The two approaches are practically polar opposites of each other, which I find horribly fascinating. As with pretty much everything, there are tradeoffs to either side. Android enjoys a load of benefits from being more open, and Apple enjoys a load of benefits from being more closed. Pick which works best for you and appreciate the differences.
Re:Not vast majority (Score:4, Informative)
The link you posted is a side-loading exploit, albeit one that begins with instructions when you click on an ad. You have to download the app and then sideload it.
What Sundar actually said... (Score:4, Informative)
Here's what Sundar Pichai actually said minus the selective editing from that 'iOnApple' hack at NetworkWorld.
[quote]
Sorry, the premise of the question is because Android is open, it has more security issues? Respectfully, I’m not sure that’s a correct premise of the question. Open platforms historically undergo a lot of scrutiny, but there are a lot of advantages to having an open source platform from a security standpoint. I would argue that it’s the best way for a platform to be secure, because every researcher in the world can inspect it, every developer in the world can inspect it, and I think that contributes a lot to Android security.
Android was built to be very, very secure. The thing that you’re seeing is because Android is an open platform, many people can ship Android in many different ways and so there are some partners when they ship devices, they have an older version of Android. And sure you can have a security vulnerability there, but that doesn’t mean Android isn’t secure. We go to great lengths–the depth of work in Android to make it secure; the depth of work done by Google PlayGoogle Play automatically scans and verifies thousands of applications for malware. We track data on this. It’s state of the art in terms of what we do. What you see across the ecosystempeople will ship good phones and keep them updatedyou will have some phones that will not be updated. That’s where we see issues. Not Android at a fundamental level.
[/quote]