View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Networks
October 28, 2011

Running Android on your iPad is ‘like pointing a gun at your own head’

Security experts warn that running apps on the iPad in an Android virtual machine is a 'grave danger', and has ramifications for corporate data held on iPads

By Jason Stamper

Running Android in a virtual machine on an iPad is a "grave danger", according to security experts Cryptzone.

It has been reported that crackers have ported the Dalvik virtual machine – the heart of the Google Android operating system – to the Apple iPad tablet computing platform. And according to Cryptzone, while the prospect of running one of the latest Android apps on an iPad may seem attractive, users may find that their on-device IT security software will not protect them from malware and other security threats.

"Because of the way in which Android apps are running on the non-Android portable device platform, there is a grave danger that on-device IT security software may not be capable of spotting any trojans or similar darkware that has been coded to specifically take advantage of the Dalvik port," said Grant Taylor, VP of Cryptzone, an IT security firm.

Taylor said there’s a precedent for this – the Atari ST and Commodore Amiga home computing systems were adapted to run Apple Mac software in the late 1980’s, giving rise to the potential for similar attacks.

"In those instances, users were keen to run Mac software on hardware costing a fraction of the Apple price, but in this case, it seems that the sheer diversity of Android apps – many of which are free – is the attraction for Apple iPad users," Taylor said.

He went on to say that the Dalvik port essentially creates an iOS-friendly `software wrapper’ around the original Android app, which is then tweaked to handle the I/Os (input/outputs) – and other Android-specific calls – on the alien iOS operating system and Apple hardware, so adapting them to work on the iPad platform.

Since we are dealing with an unofficial port of a virtual machine and third-party apps that were coded quite specifically for the Android smartphone and tablet computing platforms, he explained, there is a real risk that the ports will have been created by black hat hackers – or cybercriminals – who have an understandable interest in infecting the user’s iPad.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

And, the Cryptzone VP says, the chances of an Android app that has been modified to run on an Apple iPad ending up being infected or ‘trojanised’ are very high.

The iPad, he adds, is an especially attractive target owing to the fact that Apple operates a strict walled garden approach to its iTunes software store, which has been the sole source of apps for the iPhone and iPad unless the user has ‘jailbroken’ their device.

"Until now, of course. It remains to be seen how Apple reacts to this development, but I suspect that defending the integrity of the Apple tablet computer is going to be no easy task where ported Android software is concerned," he said.

"For this reason, I would urge iPad users not to install these ported Android apps, as they could be an avenue for a world of infection pain that cannot be stopped by most conventional iPad IT security software. This is a radical and dangerous new development on the portable device threats front, and users need to exercise extreme caution as a result," he added.

"Moreover this discovery puts corporate data held on personal devices at risk, further heightening the need for IT managers to think clearly about their policies for connecting personal devices to the corporate network."

Readers who read this article also read ‘iPad 2’s password lock vulnerable to hack: report‘.

 

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU