Android Ecosystem: Still Fragmented, Insecure

The latest data from Google on use of its Android mobile operating systems highlights the challenge facing the company, with just over 16% of Android users running Versions 4.1 or 4.2 –  the latest versions of the OS, dubbed “Jelly Bean” more than six months after its release.

Android operating system adoption
Adoption of the latest versions of Android have lagged, according to data released by Google.

In fact, fully 44% of Android users are still running the “Gingerbread” release – Versions 2.3.3 through 2.3.7, a two year-old version of the operating system that has known security vulnerabilities. This according to data released by Google on the Android  developer blog.

The operating system data was culled from Android devices that accessed Google Play, the company’s mobile application marketplace, during a 14 day period that ended on March 4.

The diversity of the Android ecosystem is a byproduct of Google’s go-to-market strategy for the mobile OS. Unlike Apple, which controls both the hardware and software for its iPhones and iPads in a closed, “walled garden” ecosystem, Google delegates responsibility for updating its open source operating system to device makers and carriers. The result has been slow adoption of OS updates, as each handset maker and carrier tests new OS updates against their specific brew of hardware and software.

Apple doesn’t provide a comparable market share breakdown by IOS version, but third party estimates put the market share for iOS 6.x, the latest version, close to 90%, and around 98% of all iOS users running either iOS 6.x or 5.x.

That’s creating security headaches. Recent reports from anti-virus vendors Trend Micro, F-Secure and others have noted the rapid growth in the population of Android malware. The anti-virus firm Kaspersky Lab found that Gingerbread was the most popular target for Android hackers and malware authors, accounting for around 30% of the blocked Android malware installations in the Third Quarter, 2012. The second most commonly attacked version was the 4.0.4 “Ice Cream Sandwich,” build which accounted for 22% of attempts, Kaspersky said.

Comments are closed.