Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too

“Responding to a question about malware on the Android platform, FrAndroid reports that Google’s Android head Sundar Pichai gave a surprisingly frank answer to an audience at Mobile World Congress,” Ben Lovejoy reports for 9to5Mac.

We cannot guarantee that Android is designed to be safe, the format was designed to give more freedom. When people talk about 90% of malware for Android, they must of course take into account the fact that it is the most popular operating system in the world. If I had a company dedicated to malware, I would also be addressing my attacks on Android. – Google’s Sundar Pichai

Full article here.

MacDailyNews Take: Android. Bend over and “open” wide.

[Thanks to MacDailyNews Readers “Fred Mertz” and “boecherer” for the heads up.]

Related articles:
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010

38 Comments

  1. Are we sure this was translated correctly from the French site? Because if it is then HAHAHAHAHA! Google/Fandroid User bends over, open wide and asks *Please may I have some more?”!!!

    1. Here is the original text:

      Au cours des dernières années, de nombreux rapports des entreprises de sécurité sur Internet ont indiqué que la majorité des attaques de logiciels malveillants mobiles visaient la plate-forme Android. Pichar a voulu être clair sur ce point : selon lui, les attaques sont en effet dirigées vers la plate-forme pour porter atteinte à l’utilisateur.

      « Nous ne pouvons garantir que Android est conçu pour être sûr, son format a été conçu pour donner plus de liberté. Quand ils parlent de 90 % des logiciels malveillants destinés à Android, ils doivent bien entendu tenir compte du fait que c’est le système d’exploitation le plus utilisé dans le monde. Si j’avais une entreprise dédiée aux logiciels malveillants, j’adresserais également mes attaques à Android« , a t-il déclaré avec un grand sourire.

      In other words, the English translation is pretty accurate. Now, I’m not sure but I have a feeling that Pichai didn’t answer in French, so the quote in the French article is probably a translation from original English.

      The essence of the message is still in the first sentence: “We cannot guarantee that the Android was conceived to be secure; its system was conceived to provide maximum freedom

      He could have also thrown in a Benjamin Franklin quote here for a good measure (“He who sacrifices freedom for security deserves neither.”)… MDN tends to be very fond of that one.

      1. Well the Ben Franklin quote would only apply if we were talking about some sort of government-forced service. The walled-garden approach of Apple makes us no less free because it’s a consumer product that we personally chose from a sea of many. The Founding Fathers were chiefly concerned with keeping us free from a tyrannical government, not what kind of phone we buy.

          1. I am free to stop purchasing Apple products any time I damn well choose. I am not oppressed by Apple but I could certainly be oppressed by a government that has gained full control over my life. That never ending fear is what prompted Ben Franklin’s timeless words.

      2. “He who sacrifices freedom for security deserves neither.”

        Depend’s who’s freedom and who’s security. If I leave my back door opened, I’m giving thieves more freedom to break my security. That’s NOT what Ben Franklin had in mind and he certainly didn’t imply, as Pichai does, that there is no way to get both.

        When you misconstrue the meaning of individual words in a famous quote, you can make it say pretty much whatever you want and look pretty smart (or not).

        1. Well, you and I obviously know what Ben Franklin meant by that, but for the people of Google, in their hubris, the famous quote, yanked out of its historic context, could provide perfect ammunition; you are either free (with Android) or not (with iOS); if you’re “foolish” enough to go with iOS, you deserve neither security nor freedom… Meanwhile, Ben Franklin would be spinning in his grave like a turbine…

          1. Google has appropriated several tropes and twisted them to its own purposes. I sense the mind of the beast. It will continue to do so without irony, unaware of its delusion of heroism and unmindful of history. While the money rolls in, there persists great danger to the public good, from continued erosion of its corporate sanity as its tentacles probe new flesh.

  2. Unfortunately, the downside of this is going to be the Fandroids applying the “security through obscurity” myth. They’ll just read the parts where he says that Android is the most popular mobile OS and where he says he’d target Android. The Fandroids will extrapolate this to read that he’d target Android **ONLY** because it is [his claim] the most popular mobile OS. Thus the only “logical” Fandroid conclusion must be that iOS has a tiny fraction of the security issues because no one uses it!

    Ah, the myth continues.

    1. Just counter that with…

      Hmmm… If that were that case, even commercial developers would target Android first, but that’s not what’s happening. Developers who want to make an honest buck, develop apps for iOS. Those that would rather steal your money and data, develop malware for Android.

    1. Perhaps he meant ALL of malware out there (including desktop), in which case it is quite possible that nine out of ten new malware incidents are for Android, and the remaining one is for Windows…

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.