By Gadjo Cardenas Sevilla
The open nature of Google’s mobile Android Operating System may be its most attractive feature. This openness is also the system’s biggest vulnerability. Here’s a guide on protecting your Android device.
Google’s Android OS is open in the sense that anyone can develop apps for the devices and make them available to the public at large. Google curates a large number of these apps and has some regulatory systems in place such as the Google Play (formerly Android Market) but users are free to look elsewhere and access apps that aren’t given Google’s stamp of approval.
Observe your Permissions Screen
The Android Permissions screen identifies which services an app will access from a device
Each time you install an application on your Android device, a permissions screen outlining the services (or areas of your device that will allow access to the app) the app needs to access.
Users often overlook this part and easily agree to let the app access any part of their device. This is often where the root of the problem.
Areas of the system such as location, network services, your messages and most importantly services that cost you money are the delicate ones where hackers and malware writers target the most.
Downloading compromised apps and allowing them to access these services gives hackers access to the device.
The most prevalent type of Android malware surreptitiously sends pay-per-use SMS messages to paid services without the user’s knowledge. This means your device can be sending volume SMS messages and costing you money without you even knowing.
The best way to protect your Android device is to check your permissions screen each and every time you install a new app.
It also helps to check the source of the app and read user reviews. Users who download apps from unofficial sources, which is also known as ‘sideloading’, are opening themselves up for potential malware.
Spoofed Apps
The open nature of Android means any developer can access code from most applications that are available in the wild.
This is beneficial if developers want to see how a certain application is developed, but it has its risks. It is possible for a malware writer to download the code of an app, rewrite parts of the app and slip in malware.
This compromised version of an app can be uploaded and passed off as the original.
Unsuspecting users can download this spoofed app, not check the permissions screen and then inadvertently compromise their device.
Check the Source of the App
One easy way to avoid problems is to do a background check on the source of the app before installing it. This means checking out the developer’s name, their website and making sure that you are installing the latest version number available for your device.
Some apps in the Google Play marketplace will even have ratings and reviews from users. Which can indicate whether the app is worth installing or not.
Taking the time to review an app’s permissions, understanding what services of the device they are accessing, and making sure that you are not installing a spoofed app are some of the easy ways to keep your Android device safe from the growing threat of malware.
“The best way to protect your Android device is to check your permissions screen each and every time you install a new app.”
That shouldn’t be the only time you check it, either. On my Android, I don’t allow any of my apps to automatically update themselves so that when an update is required, I’m sent a notification and can check if any new requested permissions have been added as sometimes happens.
That’s an excellent question Sunil. Generally I would be cautious about allowing access to the SD card but this would be a case to case thing depending on what the app is about. Something that needs to access storage like a GPS app or a media player should access the SD card but others may not. Thanks for your input
Is allowing an app to modify/delete SD card contents good in the view of safety or privacy?? most of the apps demand so..