How Secure are iPhone and Android Apps

Apr 01, 2010 by John Messina weblog
The Android smartphone and iPhone handle application security radically different.

( -- Today's smartphones are pocket size computers that can be customized by downloading applications. This is what makes a smartphone vulnerable to cybercriminals. In this article we will examine how an iPhone and Android phone handles security. Both phones handle security radically different.

In order for iPhone application to get listed in ’s , developers must create an account and pay an annual fee. All applications are evaluated by a team at Apple and approve each version of the software before it’s made available in Apple’s App Store. Apple roughly disapproves about 10% of all applications submitted to the App Store because the applications would steal or pose a threat in some other way to the user.

In Android’s Marketplace, applications are not evaluated by . Android users are protected in a completely different way by using a security model based on “capabilities”. Each Android app that is installed must tell the phone’s OS what capabilities it requires.

When an application is installed, the Android OS lists all the “capabilities” that is required in order for the application to run. This allows the capabilities-based system to be governed by the OS and preventing the application from doing more than what it’s supposed to.

The capabilities-based system has its flaws. For instance, there is no way of knowing that the application will act the way it’s supposed to with the trust that it’s given. This system also can’t tell the difference if the privileges it grants the application is for legitimate use or not. For example, some applications will ask for a user name and password to communicate over the internet with a remote host.

Other security features for the iPhone and Android phones is that they both can be set to lock after a length of inactivity; a password is then required to unlock the phone. The iPhone however has an additional security feature where 10 failed password attempts can erase all data on your phone. The iPhone also supports remote wipe. The Android OS has neither of these features making it less secure.

No matter what security features are deployed in the or Android smartphones there are other ways of obtaining personal information from smartphones. Manufactures can only try to make it harder for cybercriminals obtaining your personal information.

Explore further: Android gains in US, basic phones almost extinct

More information: Via: TechnologyReview

Related Stories

Apple App Store downloads top three billion

Jan 05, 2010

Apple on Tuesday announced that more than three billion mini-applications for iPhone and iPod Touch devices have been downloaded from the firm's online App Store.

Modified iPhones Are Compromised By New Worm

Nov 25, 2009

( -- Several research security firms have reported a new worm attack against jail broken iPhones, dubbed "Ikee.B or "Duh", this worm searches for personal and banking information.

Recommended for you

Android gains in US, basic phones almost extinct

19 hours ago

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

( —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

( —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 4

Adjust slider to filter visible comments by rank

Display comments: newest first

3 / 5 (1) Apr 01, 2010
it would so suck if your friends at a bar tried to access your iPhone and then you were drunk and entered the password wrong and cleared the memory... with my friends I could so see that happening
not rated yet Apr 01, 2010
This article starts off acting neutral and unbiased but it ends up being no better than Microsoft IE's recent hypocritical bash against chrome.

Of course the author overlooked that the app store reviewers have been *known* to overlook *major* security problems within some apps, and that the app store isn't the rainbows and butterflies it's made out to be.

What the "capabilities" model does is put the judgement into the users hands as to whether they would want a particular app to have a certain ability instead of the hand-holding and babysitting Apple forces on it's users and developers.

And no matter *what* OS it is, iPhone, Android, or even a desktop OS like Windows, Linux or OSX, a user only installs a shady application at their own risk. The "capabilities" model just gives the user the information needed to make a sound decision.
not rated yet Apr 02, 2010
"The iPhone ...can erase all data on your phone."

For Android phone this capability just isn't bundled with OS. However, there are several security applications which can do it.
not rated yet Apr 02, 2010
I don't know about you, but my Nokia e63 mobile is a champ. Even their mobile online support is great. I'll take my Nokia over an iPhone any day. As many blogs on say, there's a wealth of cool new phones out there. But if I want to change phone companies, no jailbreaking here, I just have to change the sim. Take that apple!!

More news stories

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

Impact glass stores biodata for millions of years

( —Bits of plant life encapsulated in molten glass by asteroid and comet impacts millions of years ago give geologists information about climate and life forms on the ancient Earth. Scientists ...