"Android is terrifying" says ESET's David Harley

Harley, who was previously a threat assessment management centre manager with the NHS, says that his observations of the IT security industry over the last two decades suggest that vendors are "re-inventing the wheel" when it comes to countering security threats.

"It's a cyclical business," he told Infosecurity, adding that shows like Infosecurity Europe and RSA allow vendors to show off their latest defence methodologies, but not all the solutions are that new in terms of the way they operate.

A classic case of this, he says, is application whitelisting, which tends to be wheeled out every few years as the latest method of defending against malware and hacker attacks.

This is despite, he adds, that the problem in today's IT security world is of tracking applications as they execute, and controlling them.

The biggest threat at the moment, says Harley, is the flexibility that a modern 'soft' environment, such as a virtual platform, or a software-driven box, offers hackers and other miscreants.

"And then there is the growing problem of smartphone apps to contend with. They are difficult to control," he said, adding that Google Android is a case in point.

Google Android, he explained, is an open source platform, meaning that almost anyone can create and modify apps for the smartphone, which can then be offered for download on the internet, as well as on the Android Marketplace.

This, he says, differs markedly to the Apple approach of whitelisting apps for use on iPhones, iPads and iPod touches.

"Android is terrifying. Researchers are now saying that there will be 17 billion smartphone apps [not just on Android] downloaded by the end of 2011", he said, adding that it is an almost impossible task to track them.

What’s Hot on Infosecurity Magazine?