Smartphones and tablets are devices that most individuals need these days, it could be used for work, school, and other essential matters. But since consumers increase in using mobile devices for banking, social media, online purchases and more. Android and iOS have become tempting targets for cyber thieves to access the most personal information of users.
For example, A Desktop, Ultrabooks, and Smartphone data can reveal a lot about terrorists, people who conduct mass shootings, and even general criminals. If officials conduct investigations properly, that data can be used in court as evidence. The United States government, as well as US law enforcement agencies, care a lot about iOS and Android encryption.
However, critics argue that the government having easy access to your private data pretty much defeats the purpose of encrypted data in the first place, and Apple (among other companies) have mostly refused to cooperate. According to a new exposé from Vice, the government appears to be doing fine with cracking smartphone encryption, with or without help from the smartphone’s creators.
At least, that’s the case when it comes to most iPhones. When it comes to Android encryption, the job is reportedly getting increasingly more difficult for investigators. So if we were to choose which is more secure, which would be the better choice? Is Android safer than iOS? We will soon find out the answer to that.
The iOS in terms of security
If there is one thing that Apple is known for, it is fortifying its devices against all possible attacks, even if it is at the cost of features and innovation. On December 21, 2019, Twitter Releases New Safety Instructions Following a Security Flaw. Andrew Rossow affirms that iOS users are the only OS not affected by this event.
Apple believes that less visibility into the system means fewer bugs will be discovered, allowing it to stay more secure – so the firm is very secretive about the code. They are proud of the iPhone’s state-of-the-art security system, but somehow it allowed the attack on Amazon CEO Jeff Bezos’ smartphone.
According to The Washington Post, In Bezos’ case, hackers likely exploited a series of bugs Apple had overlooked that let them bypass all the layers of the ‘phone’s considerable defenses.
Android Encryption Gets Better
Detective Rex Kiser, who conducts digital forensic examinations for the Fort Worth Police Department, had this to say to Vice: “A year ago we couldn’t get into iPhones, but we could get into all the Androids. Now we can’t get into a lot of Androids.”
The Cellebrite, one of the most prominent companies that government agencies hire to crack smartphones, has a cracking tool that can break into any iPhone made up to and including the iPhone X. The tool pulls data such as GPS records, messages, call logs, contacts, and even data from specific apps such as Instagram, Twitter, LinkedIn, etc., all of which could be incredibly helpful in prosecuting criminals.
However, this tool is unsuccessful with Android Encryption on prominent handsets. The tool could not extract data from any social media accounts, internet browsing, and more. But just because Cellebrite’s tool doesn’t work doesn’t mean investigators can’t extract the data they need. The process just becomes more labor-intensive and takes more time and resources. Even a brand new phone, such as the iPhone 11 Pro Max, can be cracked, according to Vice’s sources. It just isn’t as easy as hooking it up to a cracking tool and watching the data flow.
According to Eric Schmidt, Android is more secure than Apple. He then noted that Android had over a billion users, is a platform that will be around for a long time and how that means the platform has gone through rigorous real-world security testing.
How Android Security Works
Android was designed with security as one of its cornerstone principles. Without comparing it to any other platform, it does a really good job of making sure processes don’t collect too much information (or use too many resources) without permission, no one app or process gets access to the system level without adequate privileges, and that the user is generally always aware of what’s happening behind the scenes.
Steve Patterson argued Android is almost impenetrable to malware. Hyperbole aside, he based the assertion on a presentation that Android Security chief Adrian Ludwig made, where Ludwig revealed that “less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users.” Put simply, Android has multiple layers of defense to protect itself against malware incursions, and since Google started paying attention to what users install on their devices, they’ve seen very little malware appear.
As an example of this, Adrian Ludwig presented the graph above (and below, both included in the full slide deck). Just to get installed, an app has to get through Google Play or an unknown source warning (if it’s enabled on your phone), and a user who confirms the installation. Past that, it has to get past Google’s “Verify Apps” security feature, which checks an APK against its own database of malware before it can be installed (more on this later). Then, the app is sandboxed and restricted to the permissions granted to it, and Android’s own security checks again whenever the app runs.
Ludwig goes on to note that even though security researchers and even the Department of Homeland Security have noted upticks in Android malware, no one besides Google has the tools to view actual install data, and they’re just not seeing malware manifest in large numbers.
Android shows remarkable improvements in their security service. Based on Xiaowen Xin, a 20% decline in the proportion of devices that installed a potentially harmful app in 2018. This is proof that Android is more secure.
Vice’s article heavily suggests that Android phones are safer alternatives as compared to iPhones if your main concern is security and privacy. After all, law enforcement organizations aren’t the only people after your data: criminal enterprises could use the same tools to get your information illegally.
At the end of the day, the reason why Android is prone to mobile malware is that the user is the weak link in the security chain. Android isn’t alone in this—every platform, mobile or desktop, has the same problem. It doesn’t matter if your mobile phone is secured, if a user clicks to install, it’s all over. That’s why it’s so important to learn to tell if an Android app is malware before you install it. Like what the media always says: Think before you Click.
If you want to know more about Android and iOS, check out our other tech-focused content over at NetBookNews.