Last January I reflected on my Android-only strategy and commented that a worrying area is Android security. The severity and number of vulnerabilities has since grown. For example, only today, the FakeId bug was publicised that affects all versions of Android from 2.1 to 4.4. Allied to this is poor security in top used apps. Again, only yesterday, it was found that Instagram doesn’t use https. People in the Android system need to better understand what they are up against.
Are we heading for an Android security perfect storm event? I really hope I am wrong but I think it’s probably only a matter of time before Android sees a significant security scare involving a very large number of people.