Apple's iOS has taken majority market share in education, government and the enterprise, but Google's Android has become the favored mobile platform among Al-Qaeda operatives.
A new report by intelligence firm Recorded Future examined Al-Qaeda's changes in encryption in response to the Snowden leaks, noting "an increased pace of innovation, specifically new competing jihadist platforms and three major new encryption tools from three different organizations - GIMF, Al-Fajr Technical Committee, and ISIS - within a three to five-month time frame of the leaks."
The report noted that Al-Fajr and GIMF have both released new Android apps since the public exposure of the widespread nature of American spying, with the apps being advertised as using the "latest technological advancements" in order to evade detection.
The download page for GIMF's Tashfeer al-Jawwal app for Android and Symbian phones notes, "take your precautions, especially in the midst of the rapidly developing news about the cooperation of global companies with the international intelligence agencies, in the detection of data exchanged over smartphones."
The report stated that the release of these new Android apps highlights a continued "bet on mobile and Android as the preferred platform for these groups."
Android's unrestricted ability to sideload apps (install software that is not signed, from outside of a secure App Store) may be part of the platform's appeal to Al-Qaeda, in addition to terrorists' fears that Apple might cooperate with Western governments seeking to identify and stop their activities.
However, the primary reason Al-Qaeda likes Android is "the large availability and affordability of Android phones, especially in underdeveloped countries" the group stated. Android phones are the only choice for terrorist operatives in some locations.
Android is the cheap option
IDC, Gartner and Strategy Analytics have been incessantly calling attention to the percentage of worldwide smartphone and tablet users of products not using iOS, downplaying both usage stats and the Average Selling Prices of these devices in order to focus their audiences' attention entirely on their shipment estimates, which can be flexibly shifted to tell any desired story.
IDC's latest estimates on the smartphone market in 2014 have retracted all mention of ASPs, data which had previously shown that the shipment volumes supporting some form of Android were precipitously falling in price while Apple's sales of iPhones were not (below).
With ASPs of all Android phones falling from $441 in 2010 to just $276 in 2013, it is clear that the majority of Android phones are not devices comparable in functionality the iPhones Apple sells at an ASP of $650.
Samsung itself revealed that the majority of its "smartphones" were not its premium Galaxy S or Note devices but rather "mass market" devices it has referred to as "carrier friendly, good enough" phones.
Al-Qaeda bad news for Android users
While being naturally attracted to Android by its price, availability and unrestricted app policy, Al-Qaeda's preference for Google's platform also means that its operatives are increasingly likely to target Android vulnerabilities simply due to their familiarity with the platform. In addition to Android users being singled out for targeted malware attacks, the insecure nature of the platform provides Al-Qaeda with a vast network of devices to exploit for use in either distributed Denial of Service attacks or as a supercomputing cluster.
Google has left open plenty of vectors for malware attacks seeking to spy on users or take control of their devices to form botnets.
The search giant has found it extremely difficult to distribute security patches and updates to its Android users, even among late modeled smartphone customers in affluent countries, as represented by the company's Google Play statistics.
A series of failures to properly authenticate security credentials in Android has opened up widespread vulnerabilities for hundreds of millions of Android users, many of whom are in the very same undeveloped countries that Al-Qaeda operates within, where nobody accesses Google Play and therefore is unlikely to ever get Android security updates delivered from Google in any form.
In addition to Android users being singled out for targeted malware attacks, the insecure nature of the platform provides Al-Qaeda with a vast network of devices to exploit for use in either distributed Denial of Service attacks or as a supercomputing cluster.
All users, including those on iOS, can be victims of such distributed DoS attacks, which generally seek to prevent a user's access to the network or disable a network server from being reachable.
228 Comments
You've gotta be fucking kidding me with this article. I can't even make it past the headline, DED opinion articles have reached a new all time low.
Daniel, I don't often scratch my head reading your pieces, but this one left a bald spot. And this is AI news because?
[@]Apple ][[/@] is gonna love this article.
Android fans have been insisting that Google's security issues (like the most recent Fake ID) are not a problem because Google Play Services and store scanning can prevent many users from falling victim. However, the fact that there are hundreds of millions of insecure Android installations outside of the US and other Play-using nations means that Al-Qaeda -- which is already developing Android apps to encrypt messages among jihadists -- has large numbers of mobile users to easily target. Thanks, Google. Too bad you didn't think about security at all before creating a massively insecure mobile installed base for malware.
It wouldn't surprise me if this was the case, the lower price of android handsets and the lack of needing to pass through the App Store gate would make android more attractive to those with evil intent. In fact, I would find it hard to believe Apple would approve an app openly aimed at helping jihadis encrypt communications. And the wide distribution of where the phones can be obtained means that it would be hard for counter terrorism agencies to intercept the phone prior to delivery to install snooping software/hardware. The downside for the lunatics is that no doubt it would be easier to compromise an android based network using cheap handsets, and thus using older versions of Android OS. So I doubt NSA is worried, maybe it even sneakily encourages it.