In the past few weeks we’ve seen not as much as “many” malware reports for Android, but more like a lot of people covering this story over and over again, and overreacting to it. From viruses being bred as research on completely hacked Android phones, by the researchers, to malware that barely stayed in the Market for a few hours before Google pulled the apps, and then deleted the infected ones from the users’ phones, most or all seem to be way overhyped, and they make a big deal out of nothing.
Now, I’m not saying that hackers won’t target Android. They will, and the number of hackers making malware for Android will probably increase over time. Why? Because Android is growing so furiously fast, and it has already dethroned Symbian as the most popular mobile OS in the market. So it’s really not that surprising that it will be targeted.
But so far, I haven’t found much to worry about. I’ve sideloaded apps many times from 3rd party sources, and Lookout, which is probably the best Android anti-virus and checks all the files on installation, has never given me a malware warning, and I haven’t found anything unusual myself either. And this is the most dangerous way to get malware, because getting it from the market is still much more unlikely. Normal users who don’t need to side-load apps, don’t even have to use an anti-virus for Android, because they are realistically safe. Reading the latest reviews for the apps you download is also a very good way to make sure the developer posting the app isn’t doing anything shady.
The enterprise users care even more about security, but so far I haven’t seen anything about them backing off from Android because of the latest malware reports, or because Android has a more open market. If they haven’t adopted Android as fast as iPhones so far, is because the iPhone still has a greater influence in the tech world, and also because Android needs more robust enterprise features, which I believe are coming with Android 4.0 this fall. Android 4.0 will be based on Honeycomb, and Honeycomb has more enterprise features already.
But regarding malware, I think they’ll be pretty safe, especially with VMWare’s Android virtualization, which is coming in the next few months for Samsung and LG Android phones. That will allow those phones to have 2 instances of Android where one is for personal uses and the other is for business purpose. That means no random apps installed from the Market, and no random sideloading of apps either.
Even if Android gets more targeted as it gets ever more popular, Google will try to secure it as much as possible, and I’m confident they will do a much better job at it than Microsoft has done over the past decade (at least until Windows 7).