Going Gaga over Google

by

Talk about the ultimate case of “Buyer beware!”google android software

It was recently reported that within the next couple months the meteoric rise of Android Market is all but certain to overtake the iPhone App Store in terms of the number of applications offered. Taken on face value, this should come as little surprise to anyone.

With the wide slate of devices on which Android can operate, its app store should have a much wider customer base than does iPhone, whose apps can run on only one type of device – the iPhone. Add to that the slowing of App Store downloads experienced by iPhone over the last few months – perhaps due to Android infiltration in the “touch phone” market or perhaps due to iPhone being out there awhile so people have what they want – and the fact that Android’s app store is about to overtake iPhone’s makes sense.

What doesn’t make sense is that all this continues to happen under the shadow of Google’s extremely lax criteria regarding the quality of applications being made available in its Android Market.

Standards ... Wherefore Art Thou?

Wait a second…did I just call Google’s criteria for Android Market lax? That might be giving it too much credit!

There are those who openly question if Google has any application software quality standards that need to be met before being offered in Android Market. Google would cite this laissez faire attitude as being part of its open source nature, but the old adage of programming – “Garbage in, garbage out” – should somehow apply to offering mobile apps in Android Market.

By contrast, Apple has a well-known process for posting applications to the iPhone App Store. It even posts a list of application standards for developers to use if they want to post an application to the App Store. (NOTE: This author is not promoting iPhone over Android. In fact, this author is still a BlackBerry owner.)

Granted, Android’s popularity is the number one reason malware maniacs have made it a prime target, but the near complete lack of review of applications posted to Android Market is also a major contributing factor.

A set of standards -- and perhaps even a certification process -- must be put in place to curb the availability of malware in app stores.

Structurally Sound, Malware Free

android software structureBecause so much of business today is conducted on mobile devices that access enterprise networks, an independent third-party assessment program is needed to ensure that applications being accessed via mobile are safe, structurally sound and efficient. The same holds true for consumer apps, such as games and ads.

When it comes to application software quality, there is plenty of responsibility to be shared at each of level of mobile application distribution. The platform owner, Google; the app store, Android Market; and the mobile developers themselves all need to do their parts to ensure quality.

Responsibility rightly should begin at the top. Google needs to take steps to ensure that the software that goes into the devices – for operational purposes or as pre-loaded applications – is of optimal structural quality. It needs to apply some measure of automated analysis and measurement to its own OS to prevent issues and vulnerabilities from older versions creeping into the new versions built on top of them.

The current problem is that Google doesn’t ask much (read that as “anything”) of their developers when it comes to ensuring software security and quality. Were they to demand higher quality, Android Market would need to scrutinize applications more closely – or in Android’s case, at all – before making an application available.

As for the developers themselves –the legitimate ones at least – would likely welcome such scrutiny. They should embrace such a vetting process as a sort of third-party corroboration of their application’s security and quality, which could be a competitive differentiator.

Unfortunately, until Google, Android Market and Android application developers do something to adopt minimum software quality standards, those “going gaga over Google” will continue to find themselves driven gaga trying to fend off malware.

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Jonathan Bloom
Jonathan Bloom Technology Writer & Consultant
Jonathan Bloom has been a technology writer and consultant for over 20 years. During his career, Jon has written thousands of journal and magazine articles, blogs and other materials addressing various topics within the IT sector, including software development, enterprise software, mobile, database, security, BI, SaaS/cloud, Health Care IT and Sustainable Technology.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|