| Visitors Now: | |
| Total Visits: | |
| Total Stories: |
| Story Views | |
| Now: | |
| Last Hour: | |
| Last 24 Hours: | |
| Total: | |
Androids: How To Virus-Proof Your Phone
Android has been getting the worst kind of compliment for its popularity: Malware authors increasingly target Google's operating system by uploading trojan-horse applications to its generally unsupervised Android Market.
But buying an Android phone does not mean you're fated to pick up a pest like the privacy-stealing DroidDream. Taking three steps before installing a new Android app can help keep you safe — and none involve anti-virus utilities.
PHOTOS: Best and Worst Knock-Offs from China
In the example here, I'm considering the Washington Post's DC Rider app. I know this guide to the Metro system here is safe; I worked with the people responsible for it. But if you don't know where an app's authors live (or you simply haven't had a trusted source recommend it), how can you be so sure?
1. Read the app's reviews. The writeups posted in the Android Market can be gamed, but recent and coherent complaints about misbehavior should be a clear warning. In this case, the worst gripe (seen in the second screengrab from the left) was that the DC Rider app kept the phone's GPS receiver active after it had been closed — a battery-life issue, not a security flaw.
2. Check its permissions. If an Android app wants to do anything more involved than responding to your direct input, even just going online, it must ask in a "permissions list" shown before you download it. DOn't skip over the permissions. Requests for access to the phone's storage and Internet connection should be fine (assuming the app stores data and displays online info or ads). But if an app wants to do things with no clear connection to its features, think twice. In particular, beware: access to your contacts list, calendar or browsing history; monitoring or placing phone calls; sending text messages.
Once again, DC Rider looks clean. As the third screengrab shows, it doesn't seek permission to call or text anybody, while its request for access to the phone's GPS fits with the location-specific information it provides.
