Chuckling Safely from Within the “Walled Garden”

Apple runs a tight ship. It is very particular about its hardware, and the user experience. It has stringent controls, and sometimes seemingly capricious or arbitrary guidelines restricting the types of apps that are allowed in the Apple App Store.

Some might say it is controlling, or that Apple policies and restrictions within iOS and for iOS app developers lean toward draconian. But, sometimes there are benefits to the “walled garden” approach.

Android users have been hit by more than 50 malicious Trojan apps that somehow made their way into the official Google Android Market. What is even worse is that these DroidDream malicious apps are able to bypass Android security controls and gain root access to the system–granting the malware almost limitless power to further infect or compromise the Android smartphone.

Well, not only would the stringent app review process at Apple be more likely to uncover hidden malicious code like DroidDream, but the success of DroidDream is largely a result of the fragmented Android landscape. Google is on Android 2.3 Gingerbread for smartphones, and recently launched Android 3.0 Honeycomb for tablets. The vulnerabilities exploited by DroidDream to root Android were fixed in Gingerbread–which has been available for nearly three months. However, only about one percent of all Android devices have actually received the update to Gingerbread, and the rest are at the mercy of individual smartphone manufacturers to determine when–or if–they will get it.

Meanwhile, more than 90 percent of the iOS devices out there are running the latest version and anxiously awaiting the release of iOS 4.3 later this week. When iOS 4.3 is released, it will be available to virtually all iPhone, iPad, and iPod Touch devices (Verizon iPhones are already running a more current version of iOS than other devices and are excluded from the iOS 4.3 update for now).

The diversity of hardware, and the open software platform of Android are a double-edged sword. There are certainly benefits, but there is a problem when known vulnerabilities still exist in 99 percent of the Android devices because of device and OS fragmentation.