Blog

Android and IOS security mechanisms. OS vulnerabilities

Everyone knows that Android is an “open” system, which means a user should expect a great number of vulnerabilities in the system. Nevertheless, it is iOS that is considered to be a more vulnerable operating system. According to the research of 2014 the amount of vulnerabilities in all iOS versions reached the number of 335, while in Android system only 36.
17 July 2014
Cybersecurity testing
Mobile app testing
The article by a1qa
a1qa

Everyone knows that Android is an “open” system, which means a user should expect a great number of vulnerabilities in the system. Nevertheless, it is iOS that is considered to be a more vulnerable operating system. According to the research of 2014 the amount of vulnerabilities in all iOS versions reached the number of 335, while in Android system only 36.

From the perspective of mobile app security testing, it is assumed that the number of vulnerabilities in the iOS system would increase, as after the presentation of iOS8 beta-version there appeared new targets for attack: a side keypad, increased number of API-calls new in the innovative SDK and HomeKit system. Still, Apple users should not much worry about security as Apple engineers quickly response to new issues.

Google, in its turn, amplifies the protection mechanisms of operating system. SELinux module integrated in Android 4.4 performs severe access control on the kernel level, while in Android 4.3 SELinux is turned off. This module runs independently from the basic Linux security model.

So, none of the both operating systems wins the “security mechanisms competition”, though Android and Apple have powerful mechanisms to provide protection from the hackers` attacks and pay special attention to OS security.

Above these all, the BYOD tendency rapidly increases its popularity. Though using mobile device for different purposes is a great thing, it is also a great security risk for corporations. Attacking any vulnerable or lost device – a smartphone or a tablet – hackers can get secret documentation and access internal resources like corporate email. As a result, there is a great demand for Mobile Device Management (MDM) solutions that allow managing security policy of mobile devices that run in corporate networks.

From the corporations` viewpoint Apple OS has more advantages over Android. There are powerful means for centralized device management in iOS: configuration profiles, remote data reset and incorporated support of outside MDM solutions. Android has no such an opportunity. To integrate with MDM system Android needs downloading a specialized OS.

It is worth mentioning that Samsung corporate security mechanisms left behind lots of Android devices producers. I mean the SAFE (Samsung For Enterprise) program and KNOX suite. They separate all work activities in MDM-system from all others. Thus all Samsung devices operating on Android 4.3 and higher versions fully comply with corporate security principles. Comparing with Android running devices, Apple has a smaller range of products and can easily provide support for corporate security systems for all versions of its smartphones, tablets and OSs. In this case the winner is iOS.

The topic of the security mechanisms of both operating systems deserves, I guess, a series of articles, this was just an overview. Those who want to have more profound information about Android and Apple security mechanisms can read detailed manuals on the companies` websites.

I would like to resume pros & cons of the OSs from the security viewpoint:

Android

Pros

  • “Open” for security research
  • Applications are immune to buffer overloads
  • Severe access control on the kernel level

Cons

  • Lots potentially harmful software in Google Play
  • Poor corporate security opportunities
  • Great number of OS versions and device models, which complicates the security methods standardization

iOS

Pros

  • Control of downloaded applications in App Store
  • Quick response to the security issues
  • Opportunities to support corporate security systems

Cons

  • Lots of vulnerabilities in the operating system
  • Increase of potential targets for attacks

To cut the long story short, I want to say that today very few people choose a smartphone because of high security protection. And that`s not a mistake, as Android and iOS are similar in their security approach. Still, if the device security is really essential for you, choose any Apple device or something by Samsung operating on Android 4.3 version and higher ones.

More Posts

19 April 2022,
by a1qa
5 min read
What prevents companies from boosting eCommerce customer experience: 4 common mistakes
Dreaming of a flawless online shopping journey for your users? Explore 4 widespread situations that hamper achieving this goal.
Cybersecurity testing
Performance testing
Test automation
Usability testing
Clutch awards
23 March 2022,
by a1qa
2 min read
a1qa recognized for cybersecurity expertise by Clutch!
The global online review platform Clutch added a1qa to the Top 15 Penetration Testing Companies for 2022.
Cybersecurity testing
Mobile app security
3 January 2022,
by a1qa
4 min read
Cybersecurity testing: 4 best practices to ensure highly safe IT solutions
Find out 4 cybersecurity tips to release highly secure software and protect end-user data.
Cybersecurity testing
Mobile app testing
eLearning and mLearning QA_mini
29 December 2021,
by a1qa
4 min read
6 must-have testing types for eLearning and mLearning software
Discover how to ensure top-notch educational solutions through QA, provide end users with boosted studying experience, and make the grade in the IT market.
General
Localization testing
Mobile app testing
Performance testing
streaming services
30 November 2021,
by a1qa
4 min read
Ho ho ho! QA to enable crash-proof streaming platforms for Holidays season
Isn’t it high time to forget about the Christmas rush and truly enjoy the pre-holidays season? Read the article about how to put peak-load anxiety behind by applying rigorous testing of your streaming solution.
Cybersecurity testing
Functional testing
Performance testing
Usability testing
Mobile app compatibility_mini
14 October 2021,
by a1qa
4 min read
Compatibility testing: 5 key tips to ensure high quality of mobile apps
Billions of mobile solutions and portable devices. Can you imagine that? Learn how to ensure robust software compatibility with accurate testing.
Mobile app testing
19 August 2021,
by a1qa
4 min read
Cybersecurity: Top 5 questions to ask a QA vendor
What information to request from QA providers to get confident in the complete security of your software and protect end-user sensitive data? Read about that in the article.
Cybersecurity testing
5G impact
31 May 2021,
by a1qa
4 min read
5G network impact on mobile app testing
Check out what 5G connectivity will bring to the IT world and how it will modify mobile app testing.
Cybersecurity testing
Mobile app testing
Performance testing
29 April 2021,
by a1qa
4 min read
Addressing 4 security issues for digital transformation programs
Find out the top 4 safety challenges of digital transformation and a QA playbook to address them and contribute to a higher level of cybersecurity.
Cybersecurity testing

Get in touch

Please fill in the required field.
Email address seems invalid.
Please fill in the required field.
We use cookies on our website to improve its functionality and to enhance your user experience. We also use cookies for analytics. If you continue to browse this website, we will assume you agree that we can place cookies on your device. For more details, please read our Privacy and Cookies Policy.