The best Samsung Galaxy Note 7 alternatives

So you were a Galaxy Note 7 fan, but your dreams of smartphone-stylus harmony went up in flames. What are your other options? Unfortunately, there aren’t many, but let us present a few that come close.

The Galaxy S8 series
OK, so the 2017 Galaxy S8 series does not officially exist yet, but we do know that Samsung releases new generations of these flagships in the early part of the year. Word is that the Korean company has decided to skip its usual announcement at the Mobile World Congress at the end of February, and will instead announce new products at an Apple-style launch event in March.
Like many others, we expect Samsung to really bring the heat (figuratively, this time) to make up for the Note 7 fiasco. If rumors are to be believed, it’s on track to do just that. Among other things, leaks suggest the S8 series will have larger, practically edgeless curved displays with cutting-edge internals to match. We’ve also heard whispers that there may be a new version of the S Pen as an optional accessory for the S8 series.
Of course, there’s no guaranteeing exactly what the new lineup will offer, and those indications are purely hearsay. But considering that the new phones are only a few months away, that Samsung is in comeback mode, and that there aren’t any other truly high-end stylus-equipped smartphones out there, it could be worth the wait.

Galaxy Note 5
An older Note – especially if you’re able to score a bargain on a slightly used or refurbished model – may be your best option if you’re invested in a premium experience. There was no Note 6, so this 2015 release is only one generation older.
The Galaxy Note 5 is an excellent phone and is by no means obsolete. In terms of dimensions, weight, size and display quality, it’s nearly identical to the now-defunct Note 7. Mostly, you’re just missing out on Note 7’s trendy features, such as its curvy glass display, iris scanner and GIF shortcuts, but you will also miss the Note 7’s microSD slot, USB-C port and water resistance. (Of course a generation-older processor also holds it back a bit.) Here’s a side-by-side look at how the two phones compare.
A new Note 5 retails for around $550-$580, but we recommend copping a lightly used or refurbished model, since new options are on the way. For reference’s sake, the brand-new Note 7 retailed for around $850.

Samsung Galaxy S7 edge
We’re not necessarily trying to push Samsung on you, but if you’re a fan of the Note 7’s characteristic curvy glass build, you’ll find similar contours and quality in the S7 series.
The Galaxy S7 edge is the Note 7’s stylus-free phablet cousin. It has a capacious display, industry-leading water resistance, zippy and still-competitive internals, wireless/fast charging and Samsung’s excellent camera. Find out more through this comparison of the two phones’ tech specs.
The earlier coming-soon caveat applies here as well. A new generation is on the horizon, so we recommend the S7 edge only if you can obtain it at a significant discount over its original $790 asking price.

Google Pixel XL
At the time of this writing, the first made-by-Google phablet is sold out at major retail outlets, and for good reason – it’s one heck of a phone. Still, it could be worth the wait. While it represents a significant departure from the Samsung style and interface, it offers heaps of appeal for Android aficionados.
You’ll have to relinquish key Note 7 features like the stylus, microSD expansion and water resistance. What will you get in return? Google Pixel XL’s stellar camera, top-of-the-line operating system, Google Assistant and buttery-smooth performance. You’ll still be able to enjoy perks like mobile VR (through the Google Daydream headset instead of the Samsung Gear VR) and a forward-looking USB-C charging port. At $769, it’s at a slightly lower price point than the Note.
You may notice we’ve omitted stylus-sporting smartphones like the LG Stylus 2 Plus. Why? Well, they’re decidedly mid-ranged. They don’t offer the high quality internals or user experience of the top-shelf phones above. Since the Note 7 smacked of luxury, middling offerings are not on the same level.
If this list seems short, we feel you – there simply aren’t that many phones that come close to approximating Samsung’s elegant stylus-sporting phablet. If you’re willing to broaden your horizon, you could also take a peek at alternatives to the Pixel XL, a roundup of some of the best larger-sized smartphones currently available.

Emily Ferron


Android 6.0 Marshmallow review: Google Now is more important than ever

Version 6.0 of Android is rolling out to Nexus devices now, appearing on the brand new Nexus phones very soon, and other recent Android phones over the coming months. Read on for our impressions of Marshmallow – and the difference it’s going to make in your mobile experience.

Unlike Apple, Google has spun its main apps out of Android itself, so much of what you’ll notice as new when you install a new version of the mobile OS is the Google Now launcher and the Settings app. In fact the immediate, on-the-surface changes this time around are so subtle that you might wonder if your Marshmallow upgrade has worked when you first install it.

Many of the new features ushered in by Marshmallow are aimed at making life easier for developers, though users should see the benefit as well. Chrome Custom Tabs, for example, which brings Chrome into third-party apps to save developers from having to code their own web viewers, but that should also make for better in-app web browsers for users.

Android gets smarter: Google Now on Tap

The headline Marshmallow feature you’ll want to get playing with straight away is Google Now on Tap. It essentially gives Google’s digital assistant some extra context for its queries, allowing it to scan the whole screen of whatever app you’re in to try and work out what you want to know.

So launching Google Now on Tap with a movie prominently displayed on screen brings up links to the Internet Movie Database app (if installed), Wikipedia, YouTube (for trailers) and so on; or if there’s a sports team displayed, you get links to the team’s social media profiles, its official website and even directions to the stadium for the next match.

Developers have the choice of whether to grant Google Now this kind of access, so it’s not supported everywhere just yet, and right now it feels more like a new foundation than a feature that’s ready for primetime. It works well, on occasion, but too often it doesn’t pick up the right bit of data, doesn’t provide relevant enough links, or simply isn’t useful enough.

The end goal for Google Now on Tap is to be able to answer a text message like “what time’s the film?” in an instant, by knowing who you’re talking to, what movie you’ve previously been discussing, and the times it’s showing at the local theater. That’s an appealing idea but Google still has a ways to go to reach that level of intelligence.

We tried out Now on Tap in Chrome, Gmail, Rdio, Hangouts and a few other apps, and it is genuinely useful when a movie or place name pops up and you need quick info about it. The feature is more miss than hit right now though, particularly outside of Google’s apps, so mark this down as one for the future rather than something you’re going to rely on straight away.

Google Now is still present and correct in its existing form, of course, and on smartphones the launcher’s app drawer gets a slick-looking facelift, with icons scrolling vertically and the most-used apps at the top — however, this is technically included as part of a Google app update that’s already showing up on Lollipop devices as well as Marshmallow ones. Only the Now on Tap functionality is unique to Marshmallow, at least for now.

Android lasts longer: testing out Doze

Doze is Android Marshmallow’s new battery saver technology, which cuts down on background processes and checks for new notifications less often when your device is not in use – if the screen is off and the device is motionless then Doze kicks in (there’s no switch or setting you need to flick manually to activate it).

Google has promised big improvements with Doze (the Nexus 9 lasts up to twice as long on a single charge, the company says) and we noticed the difference on a 2013 Nexus 7: the battery level only dropped 2-3 percentage points overnight, whereas previously a handful of nights would be enough to almost completely drain this (admittedly rather old) tablet.


The benefits you see will depend on how often your smartphone or tablet is left idle, but we’d bet that Doze is going to make a difference on those devices that are only used occasionally throughout the day or week. For devices that are used more actively and consistently, our testing found battery life seemed to be along similar lines to that in Android Lollipop.

The other main user-facing improvement concerns app permissions, which are much more iOS-like: apps ask for access to the camera, microphone, contacts list and so on as soon as they need them, rather than just as they’re about to be installed. The change makes it easier to understand what rights particular apps want, and it also means you can let an app access one part of the system (like the camera) but block it from another (like the contacts list).

It’s a welcome and overdue change, one which works well in practice. Even if most users are unlikely to delve into the app permissions list very often, it’s there if it’s needed, and the new system should mean more transparency regarding what apps can and can’t do on the device.

Other changes and tweaks

Volume control and “silent mode” were something of a mess in Lollipop, and Google has thankfully improved the experience in Marshmallow. Tapping the hardware volume buttons brings up the system, media or alarm volume slider depending on what you’re doing, and with another tap you can show all three on screen at once.

Priority Mode remains, but is easier to understand than it was in Android 5.0. A tap on the Do not disturb button in Quick Settings lets you choose among total silence, alarms only and priority only (the last one means selected contacts, events and apps can make a sound). It’s a better approach, but it still needs work – switching in and out of quiet mode is something most of us do every day, and Google seems intent on making it more convoluted than it needs to be.

It’s worth mentioning the native support for the faster, superior USB Type-C and fingerprint sensing technology that’s built into Android Marshmallow, though you’ll only see the benefit on new devices rather than upgraded ones. Support for Android Pay is also bundled with Marshmallow, though Google’s new mobile payments system works on NFC-enabled devices with Android 4.4 KitKat and above, so it’s not exclusive to the new software.

There are other small tweaks for the better, such as the improved text selection tool that highlights whole words at once so it’s easier to pick out the words and phrases you want (there’s now a floating toolbar for quick access to cut, copy and paste commands as well). A new Direct Share feature brings up the apps and contacts you connect to most often whenever you tap the Share button, meanwhile.

Marshmallow and Android’s future

On the whole using Android Marshmallow is very much like using Android Lollipop, and this isn’t the kind of major upgrade that’s going to dramatically change how you interact with your smartphone or tablet. As with iOS, it’s the intelligent assistant built into Android that’s most interesting at the moment. With the two mobile OS software juggernauts now so mature and established, the innovation responsibility falls largely on Siri and Google Now, and Now on Tap is another step forward in Google’s mission to know as much about you – and what you’re going to want to know next – as possible.

After several days of using Marshmallow, you almost forget it’s there: this feels more like Android 5.2 than 6.0. That’s partly due to apps like Gmail and Google Maps getting updated separately, but partly due to the maturity of Android as a mobile OS. Perhaps from this point on, things like improved battery life, a smarter Google Now and a bunch of smaller tweaks will be big parts of each new edition of the software.


10 ways to get the most bang for your buck with an Android device

Whether you’re new to Android or just looking for ways to optimize convenience and performance, these tips will enhance your mobile experience.

Maybe you just purchased your first Android device–or perhaps you’ve had it for a while but you suspect you aren’t getting the most out of it. Either way, you’re in luck: There is so much available in the way of tweaks, apps, options, and configurations that can make your device more powerful and useful. Here are 10 of my favorite tips to help you get the maximum benefit from the Android platform.

1: Use Google

If there’s one thing you should know about Android, it’s that it’s tightly integrated with Google. If you don’t take advantage of that integration, you’ll be missing out. I’m not just talking about Google Drive, Calendar, Mail, Photos, etc. I also mean search. Google Now is one of the most tightly integrated tools you will find on Android. If you’re not using it to its fullest extent, you’re getting only a partial glimpse of what the platform can do. Set up the Google Now hotword (Can you say, “Okay Google”?) and learn the ins and outs of that powerful digital assistant.

2: Set up auto backup

Most likely, you’ve associated your Android device with your Google account. You’re getting your email and using Google Docs. But all that information on your device is just sitting there… waiting for the day when you lose the device or you drop it and a car zooms by and crushes it to a final, heart-wrenching death. Yes, the cost of replacing a device that doesn’t have insurance and is still in-contract can be a bit much. But what of the data? If you want to avoid such drama, be sure to visit the Backup & Reset section of your device and set it up. Android can back up app data, Wi-Fi passwords, other Google server settings, photos, contacts, and more.

3: Install Tasker

If there was ever an app that can transform your Android experience, it’s Tasker. This app will make your device about as automated as a mobile device can be. Set up automated tasks based on time, location, events, and more. It’s rare that I can say you won’t find a more powerful, usable tool for a mobile platform–yet, here it is. Tasker isn’t free, but the $2.99 price of entry is well worth what this app brings to your device. If you don’t believe me, take a look at the 26K+ 5-star reviews. Tasker is that good.

4: Install a third-party home screen launcher

Don’t get me wrong: The stock Android launcher is good. Problem is, few devices actually come with the stock Android home screen launcher. If you’re not fond of how you interact with your home screen, install my all time favorite, Nova Launcher. This launcher offers a perfect combination of look, feel, and function. With gesture support and a clean interface, Nova is the way to go. But if Nova doesn’t float your boat, there are plenty of other home screen launchers to fit just about every taste.

5: Upgrade

If you’re running an outdated version of Android, make sure you regularly check for upgrades. Currently, the most up-to-date version of Android is 5.1. The difference between this and previous versions is nothing short of astounding. With each iteration, Android gets better and better. The only downfall is that not every device is capable of upgrading to the latest version. If you’re running an Android smartphone or tablet with an outdated release, and you’re near contract end, it’s time to upgrade your phone. If you want to get the most out of Android, you need to stay up to date.

6: Install a file manager

There will be a time when you need to locate a local file (such as a download). When this time comes, the best way to do this is to use a file manager. Some devices (such older Samsung devices) include an app called My Files. Although serviceable, it doesn’t offer nearly the power as, say, Astro File Manager. Most modern mobile file managers have plenty of bells and whistles (such as SMB or Bluetooth plug-ins), but most often you simply need to locate a file on your Android directory structure. When you do, you’ll be glad you’ve installed one.

7: Password protect your lockscreen

Although this won’t add a lot in the way of features or power, it will protect your data. Set up a password, PIN, or pattern to lock your lockscreen so that prying eyes can’t easily get into your data. Period. This should not be up for debate. Yes, it might make it inconvenient. Yes, you’re now one more step away from getting on Facebook or taking a selfie. But your data will thank you in the end. Again: Not up for debate. If, when at home or at work, having to enter your password constantly is an annoyance, you can (if your device is running Lollipop) set up trusted locations. Then you won’t have to enter your password/PIN/pattern when you are within 500 feet of a trusted location.

8: Set up two-step authentication

You might spy a theme here… security. But your mobile data is vulnerable. There’s no reason to hand over the keys to the kingdom in the event that your device is lost. Password protecting your home lockscreen will help prevent people from gaining access to your device. Take that one step further and keep them from gaining access to the account that helps power your platform: Google. If you set up two-step authentication, the only way to get into your Google account is with your account password and a four-digit code randomly generated by the Google Authenticator app. Do this. Now.

9: Make use of the new Gmail

If you’ve upgraded to Lollipop, you better get used to the Gmail app because Google has shelved the stock Email tool. That’s okay. Gmail has come a long way and can handle just about anything you throw at it (even Exchange). What’s best, Gmail doesn’t relegate your email to a universal inbox. Instead, you can now easily switch between accounts by swiping right (from the left edge of the screen) to reveal the sidebar. Tap on your account image at the top of the sidebar to switch between accounts.

10: Switch to Hangouts

You spend a lot of time messaging back and forth. On Android, messaging can be in the form of SMS, Google Hangouts, and more. Make your life easier and install the Hangouts app to combine all your SMS and Google Hangouts chats into one outstanding tool. Hangouts isn’t just a convenient way to receive two types of chats in one location–it’s actually superior to the default SMS app. Why Google hasn’t done away with the standard Messages apps, I’ll never understand.


Google announces Project Brillo operating system for the Internet of Things

Google has announced a new operating system for the Internet of Things, known as Project Brillo. It’s built on a stripped-down version of Android, provides a common language for connected home devices, as well as a user-friendly interface that makes it easier to set up hardware.


Project Brillo is based on Android, running on the same basic code, but stripped back enough that it can run on a wide range of devices, much of which don’t have the horsepower to deal with more complex software. The platform will include a new design language called WEAVE, that can be read by different devices, from smart locks to thermostats and beyond.

Google is taking a modular approach here, with developers given the option of using both the Project Brillo OS and WEAVE together, or just running the new language on top of their existing stack.

Perhaps the most compelling part of the platform from a consumer point of view is the new, slick-looking user interface. We’ve only seen a brief glimpse of the software, but we know that it’s designed to bring together the user’s smart home hardware, providing the same unified setup for any device.

A developer preview of Project Brillo will be available in Q3 2015, while WEAVE will be available from Q4 2015.


Google shows off Android M, its smartphone future

Google has been showing off the next version of Android at its Google I/O conference in San Francisco. It doesn’t have an official name yet – it’s still called Android M Developer Preview – but we’ve got our first glimpse at some of the features arriving in the mobile OS in the near future.

Google’s Dave Burke was keen to emphasize that the update was focused on small but significant improvements. Developers can now create smoother links between apps, for example, so tapping on a tweet in an email opens Twitter automatically. Coders can also take advantage of new Chrome Custom Tabs, browsing tabs that stay within an app (like Twitter) but bring all the benefits of Chrome (such as passwords and history).

With Android M, app permissions are going to become more iOS-like. Access to location, the camera, contacts and other elements isn’t granted when the app is installed, but the first time these permissions are needed. After that, they can be toggled on or off from inside Android’s settings.


Android M will also come with Android Pay, which Google had previously hinted at, and it’s ready to go in over 700,000 stores in the U.S. from today. There are partnerships with AT&T;, Verizon and T-Mobile, and it covers payments inside apps as well as NFC payments in stores.

Tying into that is the new fingerprint sensor technology built right into Android M, something that had previously been left to manufacturers such as Samsung to add on top. It’s very much Google’s version of Touch ID, and it will let you authorize purchases from the Play Store as well as unlock your phone.

Finally, Google had some power and charging news to share. Android M will bring with it a new feature called Doze, which recognizes when your device isn’t being used and sends it into a deeper sleep. According to Google, phones or tablets can last up to twice as long with Doze enabled. The new OS also supports devices with the USB Type-C socket we have already seen in Apple’s new MacBook.

There are smaller tweaks too: Simplified volume controls, a sharing widget that identifies the people you share with most often, improved word selection. In general, though, this is a much smaller step forward than Android Lollipop was.

Google Now is getting some extra smarts too. A new feature called Now on Tap better integrates Google Now with other apps – with one tap it can recognize content inside an email app or chat app and make reminders or bring up relevant information.


Google unveils Android’s latest technological tricks

The upgrade will give Android’s personal assistant, Google Now, expanded powers of intuition that may be greeted as a great convenience to some and a tad too creepy for others.

Google’s next version of its Android operating system will boast new ways to fetch information, pay merchants and protect privacy on mobile devices as the Internet company duels with Apple in the quest to make their technology indispensable.

The upgrade will give Android’s personal assistant, Google Now, expanded powers of intuition that may be greeted as a great convenience to some and a tad too creepy for others.

Most of the renovations unveiled Thursday at Google’s annual developers’ conference won’t be available until late summer or early fall, around the same time that Apple is expected to release the latest overhaul of the iOS software that powers the iPhone and iPad.

The annual changes to Android and iOS are becoming increasingly important as people become more dependent on smartphones to manage their lives. Android holds about an 80 percent share of the worldwide smartphone market, with iOS a distant second at 16 percent, according to the research firm International Data Corp.

Both Google and Apple are vying to make their products even more ubiquitous by transplanting much of their mobile technology into automobiles and Internet-connected televisions and appliances. Google hopes to play a prominent role in the management of home security and appliances with a new operating system called Brillo that will interact with Android devices.

Here’s a closer look at some of the key features in the upcoming Android upgrade, currently known simply as “M”:



Google Now currently learns a user’s interests and habits by analyzing search requests and scanning emails so it can automatically present helpful information, such as the latest news about a favorite sports team or how long it will take to get to work.

With the M upgrade, users will be able to summon Google Now to scan whatever content might be on a mobile device’s screen so it can present pertinent information about the topic of a text, a song, a video clip or an article.

The new Android feature, called “Now on Tap,” will be activated by holding down the device’s home button or speaking, “OK Google,” into the microphone. That action will prompt Now on Tap to scan the screen in attempt to figure out how to be the most helpful. Or, if speaking, users can just say what they are seeking, such as “Who sings this?”

Google is hoping to provide Android users with what they need at the precise moment they need it without forcing them to hopscotch from one app to another.



Android M will include an alternative to the mobile payment system that Apple introduced last fall. Google’s response, called Android Pay, will replace Google Wallet for making mobile purchases in stores and applications. Google Wallet, which came out in 2011, will still work for sending payments from one person to another.

Like Apple’s system, Android Pay can be used to store major credit and debit cards in smartphones that can be used to pay merchants equipped with terminals that work with the technology. Android Pay will also work on devices running on the KitKat and Lollipop versions of Android released the past two years.



Android M will be compatible with fingerprint scanners so device users can verify their identities by pressing a button instead of entering a passcode. Apple’s iPhones began using a fingerprint reader in 2013.

Besides supporting fingerprint scanners, Android M will make it easier to users to prevent mobile applications from grabbing their personal information. Permission will only need to be granted to each app if the access is needed for a specific action. That means Android users won’t be asked to share information about their contact lists, photo rolls or locations until an app won’t work without it.

–Associated Press

Experts bust Android security myths

A set of mobile security experts provides insight on the current state of Android security.

Thanks to its inherent “openness,” the open source Android OS is vulnerable to a variety of security risks, but how often do people you know actually fall victim to Android malware or other attacks?

Is the Android security risk overstated? Is the Android risk really greater than the risks posed by its iOS and Windows Mobile counterparts? And what can users, and the enterprise IT departments that support them, do to better protect their Android devices?

We asked these questions, and more, to a variety of mobile security experts from companies including Cisco, Dell and Lookout. Here’s what they had to say:

Android security threat is real

Android malware that affected U.S. users increased by 75 percent from 2013 to 2014, according to security firm Lookout’s “2014 Mobile Threat Report.”

“That’s a significant jump, predominantly driven by an increase in ransomware, a nasty form of malware that locks a person’s device and demands money in exchange for reinstated access,” says Michael Bentley, Lookout’s senior manager of security research and response.

Android devices were the targets of 97 percent of all mobile malware in 2014, according to Pulse Secure‘s “2015 Mobile Threat Report.” And the Android security risk level “increased substantially year-over-year,” says Troy Vennon, director of Pulse Secure’s Mobile Threat Center. In 2012, there were 238 specific Android malware threat “families,” and that number jumped to 804 in 2013 and 1,268 in 2014, according to Vennon.

At least 15 million mobile devices were infected with malware in September 2014, according to a report from Alcatel-Lucent’s Kindsight Security Labs. Of those devices, 60 percent were Android smartphones and about 40 percent were Windows PCs that connected to the Web via mobile networks. Windows Mobile, iOS, BlackBerry and Symbian devices represented less than 1 percent of mobile malware infestations.

Symantec’s 2015 “Internet Security Threat Report” says 17 percent of all Android apps (nearly a million) are malware in disguise. In comparison, Symantec uncovered approximately 700,000 Android malware apps in 2013.

Android more vulnerable than iOS, Windows Mobile

Android is more vulnerable than iOS because of its OS fragmentation, according to Geoff Sanders, cofounder and CEO of LaunchKey.

“Even when Google releases a security patch, it’s ultimately up to the [device] manufacturer to provide this patch to end users,” Sanders says. “This puts many more users at risk as their devices age.”

The overall risk level for Android is also higher because it’s the most popular mobile OS, according to Bojan Simic, CTO of HYPR Corp.

Apple deploys iOS only on its own devices, so the company has “far better control and knowledge of risk,” Simic says. Apple’s app verification system is also significantly more rigorous than Google’s process in the Play store, and it results in less malware, according to Simic.

Windows Mobile users are safer due to the rule of “security by obscurity,” Simic says. “Most hackers will direct their efforts where the biggest payoff is, and right now that target is Android due to its sheer amount of users.

Documented high-profile Android attacks

During the past year or so, a number of high-profile Android-based attacks and vulnerabilities made headlines.

Bottom of Form

Operation Emmental, which targeted 34 European banks, is probably the highest profile attack that used Android malware as a key component, according to Simic.

“The sophisticated attack was used to bypass two-factor security implementations that banks had deployed to protect their users,” Simic says. “Throughout the attacks, it is estimated that about $1 billion was stolen.”

The WebView bug in Android 4.3 (and older versions) was also widely reported, according to Gleb Sviripa, an Android developer at KeepSolid, and it left around 930 million Android devices vulnerable to potential attacks. WebView let “apps display Web pages without launching a separate app, and the bug could open up affected phones to malicious hackers,” Sviripa says.

Google launched security patches for Android 4.4 and above but said it wouldn’t develop patches for earlier OS builds. Instead, it encouraged the development community to step in. Google’s head Android security engineer said the decision was due to “the complexity of applying patches to older branches of WebKit,” according to ZDNet.

AndroidLocker, another very real threat, is “a new malware variant discovered last year by Dell, which mirrored the functionalities of ransomware,” says Swarup Selvaraman, senior product manager at Dell SonicWALL. “The malware would lock down mobile devices, claiming to be the FBI, and demand users pay a ‘fine’ within a certain time to unlock their devices and avoid criminal charges.

In 2014, Dell also discovered an Android Trojan that targeted South Korean banks, Selvaraman says. “When users would download the malware, it would appear in their app drawer as ‘googl app stoy,'” Selvaraman says. “If opened, it would show an error message, shut down, and seemingly uninstall itself. However, it was secretly still running in the background, specifically monitoring South Korean financial apps.”

Android security threat is real but ‘overblown’

The mobile security threat exists, but it is “overblown,” according to new research from Damballa. For its spring 2015 report, the company monitored about 50 percent of U.S. mobile traffic (including but not limited to Android). Damballa concluded that mobile users are 1.3 times more likely to be struck by lightning than to have their mobile devices compromised by malware.

“This research shows that mobile malware in the Unites States is very much like Ebola – harmful, but greatly over exaggerated, and contained to a limited percentage of the population that is engaging in behavior that puts them at risk for infection,” said Charles Lever, a Damballa senior scientific researcher, in a press release on the company’s website.

Mark Hammond, senior manager for Cisco Security Solutions, agrees the Android threat has been greatly exaggerated. “The threat of Android malware is also directly associated with the source. If the average user is sticking with a well-regulated app store, like Google Play, then the risk of malware diminishes significantly.”

The mobile malware threat is “really minimal,” according to John Gunn, vice president of VASCO Data Security. While many people have some sort of malware on their computers, “few know anyone who has had malware on their mobile device,” he says.

Verizon’s 2015 “Data Breach Investigations Report” also concluded that “mobile threats are overblown,” and “the overall number of exploited security vulnerabilities across all mobile platforms is negligible.”

The risk of malware making its way into a native Android app is lower than ever thanks to Google’s automated scanning and other new security improvements, according to Terry May, an Android developer with Detroit Labs. Google “reinforced the Android sandbox with SELinux and enhancements to the Google Play services library that can scan for vulnerabilities on the local device and not just the apps in the store,” May says. “This means that even apps that have been side-loaded can be scanned.”

Less than 1 percent of Android devices had a potentially harmful app (PHA) installed in 2014, and the number of PHAs on Android devices dropped by 50 percent between the first and fourth quarters of last year, according to a Google Online Security Blog post published by Android security lead engineer Adrian Ludwig in April 2015. Less than 0.15 percent of devices that only installed apps from Google Play had a PHA installed last year, Ludwig wrote.

The bottom line is that malware attacks “are increasing because users are spending more time on mobile devices than ever before, the value of the data on mobile keeps increasing, and a single OS (Android) dominates the market, increasing the footprint for attackers,” says Domingo Guerra, president and cofounder of Appthority.

However, mobile malware isn’t necessarily more prevalent. “Although the number of mobile malware apps is definitely booming, so is the number of good and benign apps,” Guerra says