How Secure are iPhone and Android Apps

April 1, 2010 by John Messina, weblog
The Android smartphone and iPhone handle application security radically different.

( -- Today's smartphones are pocket size computers that can be customized by downloading applications. This is what makes a smartphone vulnerable to cybercriminals. In this article we will examine how an iPhone and Android phone handles security. Both phones handle security radically different.

In order for iPhone application to get listed in ’s , developers must create an account and pay an annual fee. All applications are evaluated by a team at Apple and approve each version of the software before it’s made available in Apple’s App Store. Apple roughly disapproves about 10% of all applications submitted to the App Store because the applications would steal or pose a threat in some other way to the user.

In Android’s Marketplace, applications are not evaluated by . Android users are protected in a completely different way by using a security model based on “capabilities”. Each Android app that is installed must tell the phone’s OS what capabilities it requires.

When an application is installed, the Android OS lists all the “capabilities” that is required in order for the application to run. This allows the capabilities-based system to be governed by the OS and preventing the application from doing more than what it’s supposed to.

The capabilities-based system has its flaws. For instance, there is no way of knowing that the application will act the way it’s supposed to with the trust that it’s given. This system also can’t tell the difference if the privileges it grants the application is for legitimate use or not. For example, some applications will ask for a user name and password to communicate over the internet with a remote host.

Other security features for the iPhone and Android phones is that they both can be set to lock after a length of inactivity; a password is then required to unlock the phone. The iPhone however has an additional security feature where 10 failed password attempts can erase all data on your phone. The iPhone also supports remote wipe. The Android OS has neither of these features making it less secure.

No matter what security features are deployed in the or Android smartphones there are other ways of obtaining personal information from smartphones. Manufactures can only try to make it harder for cybercriminals obtaining your personal information.

Explore further: Lots of developers already developing apps for Apple's iPad

More information: Via: TechnologyReview

Related Stories

Lots of developers already developing apps for Apple's iPad

February 19, 2010

The iPad may be weeks away from hitting the stores, but it's already creating a surge in the development of new applications -- increasing Apple's lead in programs written for its devices over those running on Google's Android ...

Apple App Store downloads top three billion

January 5, 2010

Apple on Tuesday announced that more than three billion mini-applications for iPhone and iPod Touch devices have been downloaded from the firm's online App Store.

Modified iPhones Are Compromised By New Worm

November 25, 2009

( -- Several research security firms have reported a new worm attack against jail broken iPhones, dubbed "Ikee.B or "Duh", this worm searches for personal and banking information.

Recommended for you

Printing microelectrode array sensors on gummi candy

June 22, 2018

Microelectrodes can be used for direct measurement of electrical signals in the brain or heart. These applications require soft materials, however. With existing methods, attaching electrodes to such materials poses significant ...

EU copyright law passes key hurdle

June 20, 2018

A highly disputed European copyright law that could force online platforms such as Google and Facebook to pay for links to news content passed a key hurdle in the European Parliament on Wednesday.


Adjust slider to filter visible comments by rank

Display comments: newest first

3 / 5 (1) Apr 01, 2010
it would so suck if your friends at a bar tried to access your iPhone and then you were drunk and entered the password wrong and cleared the memory... with my friends I could so see that happening
not rated yet Apr 01, 2010
This article starts off acting neutral and unbiased but it ends up being no better than Microsoft IE's recent hypocritical bash against chrome.

Of course the author overlooked that the app store reviewers have been *known* to overlook *major* security problems within some apps, and that the app store isn't the rainbows and butterflies it's made out to be.

What the "capabilities" model does is put the judgement into the users hands as to whether they would want a particular app to have a certain ability instead of the hand-holding and babysitting Apple forces on it's users and developers.

And no matter *what* OS it is, iPhone, Android, or even a desktop OS like Windows, Linux or OSX, a user only installs a shady application at their own risk. The "capabilities" model just gives the user the information needed to make a sound decision.
not rated yet Apr 02, 2010
"The iPhone ...can erase all data on your phone."

For Android phone this capability just isn't bundled with OS. However, there are several security applications which can do it.
not rated yet Apr 02, 2010
I don't know about you, but my Nokia e63 mobile is a champ. Even their mobile online support is great. I'll take my Nokia over an iPhone any day. As many blogs on say, there's a wealth of cool new phones out there. But if I want to change phone companies, no jailbreaking here, I just have to change the sim. Take that apple!!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.