Apple iOS and Android security worries the same, yet different

Take your pick: Apple iOS or Android. Either one is a risky proposition, but they expose users to different security threats.

That is the conclusion of the latest research by Marble's Mobile Security Lab, which looked at 14 leading mobile security threats.

The report found that--based on the analysis of 1.2 million iOS and Android apps--gaming and news apps on iOS devices present significantly greater mobile security risks than other app categories on that platform.

"Enterprise security managers need to know that Apple's vaunted iOS mobile security reputation hinges on its app distribution control, not on any inherent superiority of its operating system," says Marble Security founder and CTO David Jevans.

"We broke it down in our labs against 14 leading attack vectors for mobile devices, and aside from their app distribution control, iOS and Android are equally at risk to the mobile security threatscape facing the enterprise," Jevans adds.

Other key findings include:

  • The attack surface of both platforms is not markedly different, as attackers have found ways to publish malicious apps, or to attach mobile users, over SMS or through compromised Wi-Fi hotspots on both platforms.
  • There is no significant difference in the risk of jailbreaking iOS versus rooting Android devices.
  • The threats are different between the two platforms: for example, new iOS threats such as hostile configuration profiles, unencrypted email attachments and backup hijacking can open effective attack opportunities for hackers.
  • IOS apps, like Android's apps, routinely require privacy-risky permissions like access to contracts, email messages and text messages; once uploaded to the app provider, this data is no longer controlled by the mobile device or the enterprise and represents a significant potential threat to security.

For more:
- check out Marble Security's release
- read the full report (pdf)

Related Articles:
Benson Hospital finds solution to BYOD flexibility, security
Consumerization of IT changing security landscape
Infographic: The Apple of IT's eye