Android Has a Big Security Problem, But Antivirus Apps Can’t Do Much to Help

November 26th, 2015 by Mark Daly in Industry News No Comments »
Android Has a Big Security Problem, But Antivirus Apps Can’t Do Much to Help ilicomm Technology Solutions

Yes, Android devices have serious security problems. There’s Android malware out there — mostly outside the Google Play Store. The biggest problem is that most Android devices don’t get security updates. Android antivirus apps aren’t a solution to these problems.

Security companies have been pushing their Android antivirus apps, using the concern over the Stagefright exploit to sell security software. But Android antivirus apps aren’t going to help you here.

How Antivirus Works on Windows, and How It Doesn’t on Android

First, let’s cover how antivirus software works on Windows. Antivirus software on Windowshooks into the operating system at a low level. To provide real-time protection, antivirus applications use “file system filter drivers” to intercept file access requests and scan those files for malware before they’re allowed to run or otherwise be accessed. If the antivirus application detects a problem, it can block the access and use its low-level permissions to immediately delete or quarantine the malware.

That’s how antivirus works on Windows — Windows provides a way for antivirus software to get low-level system access.

Android Has a Big Security Problem, But Antivirus Apps Can’t Do Much to Help ilicomm Technology Solutions

Android doesn’t provide a way for antivirus apps to get this low-level access. Android confines all apps to sandboxes and restricts the permissions they can use. There’s no special way for an antivirus app to hook into your system at a low level and stop you from installing a malicious app, or stop a malicious website or message from exploiting a security hole and running malicious software on your system.

When the malware is already running, the Android sandbox prevents the antivirus application from interfering with or closing a malicious app. If the malware used a security hole to gain root access, that malware is actually running with higher permissions than the antivirus app itself.

You can see this when you install an antivirus app on Android — it has to list its permissions, just like every other app.

Android Has a Big Security Problem, But Antivirus Apps Can’t Do Much to Help ilicomm Technology Solutions

So What Do Android Antivirus Apps Do?

Of course, Android antivirus apps can do some things. They can view a list of the apps you have installed, check the names of those apps, and compare them to a known list of infected apps. That’s it — the apps are scanned by their names. Android antivirus apps can’t scan your system for malicious processes that may have been installed when your phone was compromised through a security hole.

An antivirus app may also have a file-scanning feature, offering to scan your SD card and intel storage — the user-accessible part, at least — for potentially malicious files. But unless you’re downloading malicious Android apps in APK form and storing them on your SD card, this won’t really do much good. It can’t scan the entire file system — including system areas, where programs are stored — as it can on Windows.

Android antivirus apps can still do more than that, of course. They can monitor your network activity and scan incoming traffic to prevent you from visiting malicious web pages and downloading potentially malicious apps. This sort of activity will slow down your phone — or at least drain its battery a bit more than necessary — and functions more like a web filter than anything else.

These apps also pack in other tangentially related features, such as lost phone-tracking. But Android allows you to track and wipe your lost devices for free.



Leave a Reply

You must be logged in to post a comment.

NEED MORE INFORMATION?Contact us to see how we can help your business

Call our Sales Team on:

+44 (0)121 289 3434

or email us at: