Android vs iOS Security

marblesecurity.pngIt seems that Android is getting a lot of negative press at the moment concerning security. A few days ago it was Towelroot and yesterday it was ransomware (here in the UK). It turns out Google is already detecting Towelroot apps on the Play Store and the ransomeware itself used poor coding practices that allow its actions to be undone.

However, it’s not just Android. A recent report (pdf) based on a survey of 1.2 million iOS and Android apps has showed that Apple iOS and Android mobile devices are equally vulnerable to attacks. The type of attack and vulnerabilities might differ but the security threats are omnipresent. 

iosandandroidthreatmatrix.png 

While I think there’s an increasing responsibility on developers to think more about security, I think there’s an even greater responsibility on stakeholders commissioning apps to consider security. There is currently too much emphasis on apps "built to a price" or "built for a date" that sometimes implicitly disregards security.