Google’s Android security team has published its yearly report on the state of Android security, and it’s filled with detailed information.
The broadest statistic for measuring device hygiene is how frequently a full-device scan detects Potentially Harmful Applications (PHAs). Google Play Protect, Android’s built-in defense mechanism, is incredibly effective at keeping PHAs out of Google Play, but malicious apps can still be downloaded from other sources. These apps endanger not only the device but also threaten the sanctity of the Android environment. This is why Google Play Protect scans all apps installed on a device regardless of the source.
In 2018 only 0.08% of devices that used Google Play exclusively for app downloads were affected by PHAs. In contrast, devices that installed apps from outside of Google Play were affected by PHAs eight times more often.Compared to the previous year, even those devices saw a 15% reduction in malware due to the vigilance of Google Play Protect.
Over the years, I’ve come to accept that tech media is easily fooled by security stories – in the olden days, when the desktop reigned supreme, it was baseless story after baseless story about macOS and security (usually sponsored and/or pushed by antivirus peddlers), and now that mobile reigns supreme, they aim their FUD at iOS and Android.
Don’t fall for it. With normal use, iOS and Android are incredibly safe operating systems to use.
Well, iOS is… for now. If the Mac App Store is anything to judge by though, it’s no guarantee. Android, or rather Google Play, has had lots of Malware slip into the store, typically through third-party advertising libraries (what a shock!).
I totally agree about AV vendors though. Most of them are sleazebags and their so-called anti-virus software might as well be malware itself. It’s one reason why I’ll never buy a Samsung phone, at least in the US, as I’ll not have McAfee forced on me.
Hm, additionally it again ( https://www.osnews.com/story/129630/android-q-will-allow-more-permissions-for-third-party-apps-set-as-defaults/ ) reminds of a story here reporting malware/scamware in appstores… Or how do we count “scammy free-to-play games”? ( https://www.osnews.com/story/129652/most-of-apples-touted-services-revenue-comes-from-microtransations-in-free-to-play-games/ )
I think the Android security situation would be much better if the phone manufacturers would get their act together on Android OS updates. It is totally ridiculous, unconscionable, and just plain wrong that users are forced to wait years to receive those Android OS updates, and that is IF they receive them at all. The monthly security updates help, but the record on phones receiving them is not of shining star quality right now, with some phone makers not participating in Google’s Treble program at all.