Apple has known for Years that 99% of Malware is on Android and Now the FCC is Investigating the Problem
In 2014 we posted a report titled "Apple's CEO Tim Cook had fun poking a Stick in Android's Eye," wherein we noted that "Compared to its chief rival mobile operating system, namely iOS, Android updates are typically slow to reach actual devices. For devices not under Google's own Nexus brand, updates often arrive months from the time the given version is officially released. This is partly due to the extensive variation in hardware of Android devices, to which each upgrade must be specifically tailored, as the official Google source code only runs on their flagship Nexus devices." During Apple's 2014 WWDC CEO Tim Cook pointed to a number of slides aobut Android's ongong problem with malware. One of the slides, as noted in our cover graphic, showed a pie chart where 99% of malware was found on Android. The second slide, as noted below, was a quote from ZDNet's Adrian Kingsley-Hughes: "Android fragmentatioin is turning devices into a toxic hellstew of vulnerabilities."
Today the FCC & FTC Launched an Inquiry into Mobile Device Security Updates
Today the "Federal Communications Commission joined the Federal Trade Commission to better understand, and ultimately to improve, the security of mobile devices. Wireless Telecommunications Bureau Chief Jon Wilkins sent a letter to mobile carriers asking questions about their processes for reviewing and releasing security updates for mobile devices.
At the same time, the FTC has ordered eight mobile device manufacturers to provide the agency with information about how they issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices.
As consumers and businesses turn to mobile broadband to conduct ever more of their daily activities, the safety of their communications and other personal information is directly related to the security of the devices they use. There have recently been a growing number of vulnerabilities associated with mobile operating systems that threaten the security and integrity of a user's device, including "Stagefright" in the Android operating system, which may affect almost 1 billion Android devices globally.
Consumers may be left unprotected, for long periods of time or even indefinitely, by any delays in patching vulnerabilities once they are discovered. To date, operating system providers, original equipment manufacturers, and mobile service providers have responded to address vulnerabilities as they arise. There are, however, significant delays in delivering patches to actual devices—and that older devices may never be patched.
The Commission will continue its longstanding partnership and work cooperatively with the FTC on this issue. Responses to the letters will inform discussions with industry about possible solutions and be shared with the FTC."
Although Apple is listed among the eight mobile device manufacturers, it's pretty clear with 99% of malware on Android, Apple won't be the focus of this investigation to be sure. The FCC didn't say it, and couldn't say it, so we'll say it for them: "Android fragmentation is turning devices into a toxic hellstew of vulnerabilities," and it has to be a priority in forcing Google to get its act together and deal with this nightmare.
No wonder Apple is gaining Android switchers in record numbers. Apple's CEO noted last month that "We continue to see a very high level of customer switching to iPhone from Android and other operating systems. In fact, we added more switchers from Android and other platforms in the first half of this year than any other six-month period ever."
Who wants to own a smartphone from an OEM and Google who don't give a damn about malware! Well, the FCC may finally force Google into finding a solution and finally give relief to their customers.
Lastly, in a secondary FCC document titled "Questions to [Carrier] on Mobile Device Security," it's noted that "Following expressions of public concern surrounding the Stagefright vulnerabilities, Google, Samsung, and LG committed to releasing monthly security updates for mobile devices." Whether Google will further address this ongoing issue at their next developer I/O conference starting next week is unknown at this time.