Actu
Cryptzone warns on extreme risks of running Android apps on Apple iPads
October 2011 by Grant Taylor, UK VP of Cryptzone
Reports are coming in that crackers have ported the Dalvik virtual machine – the heart of the Google Android operating system – to the Apple iPad tablet computing platform. And says Cryptzone, whilst the prospect of running one of the latest Android apps on an iPad may seem attractive, users may find that their on-device IT security software will not protect them from malware and other security threats.
According to Grant Taylor, UK VP of Cryptzone, the European IT threat mitigation specialist, IT history is littered with instances of crackers developing methods of running one platform’s software on another - with the Atari ST and Commodore Amiga home computing systems being adapted to run Apple Mac software in the late 1980s being classic examples.
“In those instances, users were keen to run Mac software on hardware costing a fraction of the Apple price, but in this case, it seems that the sheer diversity of Android apps – many of which are free – is the attraction for Apple iPad users,” he said.
“Unfortunately, because of the way in which Android apps are running on the non-Android portable device platform, there is a grave danger that on-device IT security software may not be currently capable of spotting any trojans or similar darkware that have been coded to specifically take advantage of the Dalvik port,” he added.
Taylor went on to say that the Dalvik port essential creates a iOS-friendly `software wrapper’ around the original Android app, which is then tweaked to handle the I/Os (input/outputs) - and other Android-specific calls - on the alien iOS operating system and Apple hardware, so adapting them to work on the iPad platform.
Since we are dealing with an unofficial port of a virtual machine and third-party apps that were coded quite specifically for the Android smartphone and tablet computing platforms, he explained, there is a real risk that the ports will have been created by black hat hackers – or cybercriminals - who have an understandable interest in infecting the users’ iPad.
And, the Cryptzone CEO says, the chances of an Android app that has been modified to run on an Apple iPad ending up being infected or trojanised are very high indeed.
The iPad, he adds, is an especially attractive target owing to the fact that Apple operates a strict walled garden approach to its iTunes software store – which has been - he notes - the sole source of apps for the iPhone and iPad unless the user has jailbroken their device.
“Until now, of course. It remains to be seen how Apple reacts to this development, but I suspect that defending the integrity of the Apple tablet computer is going to be no easy task where ported Android software is concerned,” he said.
“For this reason, I would urge iPad users not to install these ported Android apps, as they could be an avenue for a world of infection pain that cannot be stopped by most conventional iPad IT security software. This is a radical and dangerous new development on the portable device threats front, and users need to exercise extreme caution as a result,” he added.
“Moreover this discovery puts corporate data held on personal devices at risk, further heightening the need for IT Managers to think clearly about their policies for connecting personal devices to the corporate network.”
