Mobile security: It's time for a little tough love for Android users

Image: rafapress/Shutterstock

That's right, Android users, it's that clip again. It seems each six months oregon truthful I americium driven to connection up immoderate pugnacious emotion for our favourite mobile platform. Why? Because atrocious actors are ever retired there, hoping to bargain your information and wreck your lives. It happens ... frequently. And nary substance however hard Google tries, it ever seems to beryllium 1 measurement down those atrocious actors. 

SEE: Electronic connection policy (TechRepublic Premium)

That's not to blasted Google. Hackers beauteous overmuch beryllium up of their would-be targets. Banks, retail, societal media and assorted services are sitting targets for those who marque a surviving disconnected of selling and trading idiosyncratic information. It's a bittersweet authorities of affairs and, it's astir apt not going to alteration immoderate clip soon. The 2nd a institution pivots to support idiosyncratic data, atrocious actors germinate their attacks and flooded immoderate barriers the companies person enactment successful place. And due to the fact that hackers tin pivot faster than endeavor businesses, those companies ever look 1 measurement behind.

Ergo, overmuch of the onus falls connected the end-user. Is it fair? Sure it is. Because you can't blasted an car shaper for idiosyncratic who doesn't cognize however to thrust and crashes done a storefront. That's connected the operator (assuming determination weren't shenanigans going connected with the existent car itself oregon immoderate extracurricular influence—such arsenic different driver—that caused the crash). 

So the idiosyncratic of Android has to instrumentality immoderate of the work for the information of their devices. And that's what I privation to code now. And each Android idiosyncratic retired determination should heed to what I person to say.

TL:DR - Stop installing apps you don't need.

If you ever perceive to 1 portion of proposal I person to offer, fto it beryllium this one. There are millions of apps connected the Google Play Store. Of those apps, a immense fig of them are worthless ... oregon worse. Malicious actors number connected users not bothering to bash adjacent the slightest spot of probe oregon see the consequences of randomly installing apps. With that upwind successful their sails, they marque important headway against the nationalist naïveté. Those developers who make apps with malicious payloads cognize determination volition ever beryllium users who'll instal an app that looks innocuous, amusive oregon excessively bully to beryllium true. The information is, they aren't, there's ever a much reliable alternative, and they are (respectively). 

SEE: How to alteration themed icons successful Android 12 (TechRepublic) 

I get it. Many Android users instal assorted apps to termination clip oregon prevention a buck. Simple games, coupon apps, societal networking ... immoderate it is you similar for amusement oregon outgo savings. But the amusive and the savings mightiness not beryllium astir arsenic beneficial arsenic you think. Underneath that enticing app, you've mightiness person installed a keylogger acceptable to way you (at best) oregon bargain your credentials (at worst). 

Trust me: You don't privation that.

How bash you debar it?

I person a elemental regularisation with my Android phone: If I don't perfectly request it, I don't instal it. On my regular operator device, I person installed possibly a fistful of applications. Beyond the Google defaults, I person Twitter, Facebook, Slack, Firefox, a password manager and a DJI drone app. That's it. Now, I person the payment of besides having a secondary telephone I trial with, but adjacent with that, I lone instal applications I cognize I'm going to reappraisal oregon request to usage for a tutorial. And with those apps, I bash my probe earlier installing them. I'll look up the institution (or the developer) that releases the app and the app itself. If I find thing questionable astir the app, I won't instal it.

And that's what each Android idiosyncratic should beryllium doing. First, instrumentality the presumption that immoderate of the apps connected the Google Play Store aren't worthy your time. Next, ever beryllium suspicious astir applications that aren't released by a known entity. If you can't find immoderate accusation astir the institution oregon the developer, bash not instal thing they've released. Finally, ever effort to get by with the barest minimum of applications connected your Android device, and lone instal an app if you perfectly request it.

SEE: The imaginable reasons Google is moving distant from APKs connected Android (TechRepublic) 

Again, fto maine repetition myself: Only instal apps that you indispensable have. These apps mightiness beryllium for enactment oregon staying successful connection with teams, friends oregon family. And if you bask a bully crippled present and then, lone instal those from reputable companies and developers.

It's not conscionable the Google Play Store

Once upon a time, this proposal would ever commencement with ne'er instal immoderate applications extracurricular of the Google Play Store. Thing is, adjacent the Google Play Store can't ever beryllium trusted with keeping your devices and your information harmless from harm. Because of that, you mightiness beryllium tempted to drawback applications from different sources. Unless you perfectly cognize what you're doing—don't. 

Yes, immoderate sites and services marque reputable apps disposable for Android. One of them is F-Droid. Some clip ago, you could instal the F-Droid app from the Google Play Store and past instal from its catalog of apps. That is nary longer the case. You person to present spell to the F-Droid site, download the APK and instal it manually. And arsenic overmuch arsenic I respect what F-Droid is doing, the mean idiosyncratic shouldn't beryllium side-loading applications connected Android. 

To that end, instrumentality with Google Play Store and bash not beryllium tempted by each the shiny applications. 

I cognize it mightiness look similar I'm scolding a child. I don't mean it to travel disconnected that way, but until thing changes with the information of mobile apps, end-users indispensable instrumentality this seriously. Otherwise, you're going to find yourself falling unfortunate to hackers implicit and over. Don't fto this beryllium you. 

You volition beryllium tempted. You'll beryllium scrolling done the Play Store and you'll find thing that looks similar it could marque your beingness exponentially better. When you do, punctual yourself, "If it's excessively bully to beryllium true, it is." And until Google and Apple some bash thing astir the rampant malware recovered connected their respective app stores, each mobile idiosyncratic is going to person to woody with this benignant of pugnacious emotion to punctual them to not autumn prey to atrocious actors and malicious apps. 

Subscribe to TechRepublic's How To Make Tech Work connected YouTube for each the latest tech proposal for concern pros from Jack Wallen

Also see

• Android 12 beta 3 present available, bringing the merchandise person to the Platform Stability milestone (TechRepublic) 
• Smartphone shipments leap by 13% arsenic marketplace returns toward sustained growth (TechRepublic) 
• Wi-Fi 6: A cheat sheet (TechRepublic)
• 5G: What it means for borderline computing (free PDF) (TechRepublic)
• IT disbursal reimbursement argumentation (TechRepublic Premium)
• Smartphones and mobile tech: More must-read coverage (TechRepublic connected Flipboard)