Security experts warn that running apps on the iPad in an Android virtual machine is a ‘grave danger’, and has ramifications for corporate data held on iPads
Running Android in a virtual machine on an iPad is a "grave danger", according to security experts Cryptzone.
It has been reported that crackers have ported the Dalvik virtual machine – the heart of the Google Android operating system – to the Apple iPad tablet computing platform. And according to Cryptzone, while the prospect of running one of the latest Android apps on an iPad may seem attractive, users may find that their on-device IT security software will not protect them from malware and other security threats.
"Because of the way in which Android apps are running on the non-Android portable device platform, there is a grave danger that on-device IT security software may not be capable of spotting any trojans or similar darkware that has been coded to specifically take advantage of the Dalvik port," said Grant Taylor, VP of Cryptzone, an IT security firm.
Taylor said there’s a precedent for this – the Atari ST and Commodore Amiga home computing systems were adapted to run Apple Mac software in the late 1980’s, giving rise to the potential for similar attacks.
"In those instances, users were keen to run Mac software on hardware costing a fraction of the Apple price, but in this case, it seems that the sheer diversity of Android apps – many of which are free – is the attraction for Apple iPad users," Taylor said.
He went on to say that the Dalvik port essentially creates an iOS-friendly `software wrapper’ around the original Android app, which is then tweaked to handle the I/Os (input/outputs) – and other Android-specific calls – on the alien iOS operating system and Apple hardware, so adapting them to work on the iPad platform.
Since we are dealing with an unofficial port of a virtual machine and third-party apps that were coded quite specifically for the Android smartphone and tablet computing platforms, he explained, there is a real risk that the ports will have been created by black hat hackers – or cybercriminals – who have an understandable interest in infecting the user’s iPad.
And, the Cryptzone VP says, the chances of an Android app that has been modified to run on an Apple iPad ending up being infected or ‘trojanised’ are very high.
The iPad, he adds, is an especially attractive target owing to the fact that Apple operates a strict walled garden approach to its iTunes software store, which has been the sole source of apps for the iPhone and iPad unless the user has ‘jailbroken’ their device.
"Until now, of course. It remains to be seen how Apple reacts to this development, but I suspect that defending the integrity of the Apple tablet computer is going to be no easy task where ported Android software is concerned," he said.
"For this reason, I would urge iPad users not to install these ported Android apps, as they could be an avenue for a world of infection pain that cannot be stopped by most conventional iPad IT security software. This is a radical and dangerous new development on the portable device threats front, and users need to exercise extreme caution as a result," he added.
"Moreover this discovery puts corporate data held on personal devices at risk, further heightening the need for IT managers to think clearly about their policies for connecting personal devices to the corporate network."
Readers who read this article also read ‘iPad 2’s password lock vulnerable to hack: report‘.