Regular blog readers might have noticed my gradual shift from brow-beating about antivirus to an almost muteness about the need.
The truth is,
I’m careless I don’t feel a compelling need to use anti-virus software. (Go get the pitchforks and torches.)
“But what about the security!?”
“Oh for shame,” you say, and my admission probably cost me a good number of subscribers. But the truth is, I don’t think anti-virus is all too necessary. In fact, I’ve secretly ran (i.e. not telling a soul) without antivirus software on my phone for almost 1 year. I’ve checked the status occasionally, and guess what, no infections. (I wasn’t surprised.) And of course, plenty of people will browse across this post and shame me for “my lack of concern about client confidentiality.”
I know, you’ve heard about the large number of devices infected with viruses, malware, and other maladies. Like every good foot soldier, you followed the charge to install “the best” virus protection. And so you hunted, settling on one of the top few apps — probably Lookout, Kaspersky, Norton, or avast!.
Truthfully, I’m not convinced that malware or viruses are really a big issue. At least if you’re in the United States, Canada, or even UK, because of the various levels of security.
First, Google gave a lengthy discussion about the various layers of security built into Android.
These are passive and active layers, and also require some human interactions to ensure security. Two of the most important rings in the protection bubble are Google Play and the individual.
I purchase and download almost all of my applications from Google Play. If you’ve followed Android for very long, then you’ll know that Google stepped up its efforts to bump bad apps before they even reach the Play Store for sale. I think you could pretty safely bet that Play Store catches 80-85% of the malicious apps. You’ll have a greater risk of a malicious app if you’re downloading apps from a non-Google Play market.
The second important ring is the individual user. I’ve become much more aware of each individual application that I install, and I’ve taken a more diligent approach to reading the application’s permissions before clicking “accept.”
More importantly, I refuse to open applications, or click links, from individuals I don’t know, and I don’t install any apps that want me to look at “glamour hunnies” or “sexy babes.” These are almost certainly malware-infected applications. I have a core set of functions that I perform on my devices. An app or an individual that wants me to go outside of that comfort zone must have a compelling reason for the deviation.
If I do have questions about the app or process, I’m diligent about check some of the many Android forums, or even just performing a quick search on Google. Usually one of the top results will give me the information I need. Good developers will develop good applications because their reputations are at stake.
But what about the children!?
My kids are an issue because they’re tempted to install every fun looking application in Google Play. I’ve donated my old devices to my children — check out Swappa.com for some deals on phones — and each has a very restricted account in Google Play.
They can’t install paid applications, and they have to verify each app install with me. It’s a hassle, annoying, and somewhat painful process, but I want them to know I’m always watching. I do occasionally check their device for “bad apps,” and they’ll lose the phone if I find one — don’t tell them, but I don’t ever remember whether I’ve approved the app, or not.
The risks: is the no antivirus movement for you?
My decision to ditch antivirus comes after a long and careful process. I’m also very aware of the risks. And finally, I’m certainly not advocating that you abandon antivirus (although I kind of did, didn’t I?). My point is that I think antivirus makes us a little less diligent in our own security. We forget to not click on bad email links or visit malicious sites.
Android users in the United States, Canada, or UK should probably focus more on their lockscreen security (or WiFi snooping) than Android malware. Personal accountability has a lot to do with being protected.
What do you think? Am I set to catch the next version Android Ebola?