McAfee came out with its 2nd Quarter Threats Report for this year, and among its many interesting findings, the report discussed the increase of mobile malware. To the surprise of probably no one, Android OS-based malware topped the charts as the most popular for malware developers.
The reason mobile malware is becoming so popular, according to the report, is largely due to how our phones are becoming essential to both corporate and personal business transactions. There is a lot of information stored and accessed on the phones, and the malware developers know that. And Android has its share of vulnerabilities. McAfee mentions a number of apps for Android phones that hide malware, including a calendar that doesn't quite work as expected, a comedy app that sends humorous messages to everyone in the user's contact list, and apps that hide toolkits.
Yesterday, I said I hope the leadership changes at Apple will result in a better approach to security. But what about Google? Doesn't it need to be held more responsible for the security problems in Android and other products?
In a word, yes. And by some twist of fate, today in my inbox, I found an email from SearchSecurity.com with a link to a transcript of a webcast titled: "How Google Tackles IT Security -- and What You Can Learn from It." (Talk about timing.)
Reading over the transcript, the real answers to that title question comes from the attendees' queries to the panel. But I give Google credit for stepping up to address the problem of security in its many applications (not just Android, of course) and explaining the process of how its security works. No, talking to an audience doesn't instantly improve security, but users deserve the opportunity to ask questions, get answers and, in my opinion the most important thing, know that the company understands and faces its security flaws.