Running Android apps on Apple iPads presents extreme security risks

Reports are coming in that crackers have ported the Dalvik virtual machine – the heart of the Google Android operating system – to the Apple iPad tablet computing platform.

And whilst the prospect of running one of the latest Android apps on an iPad may seem attractive, users may find that their on-device IT security software will not protect them from malware and other security threats.

IT history is littered with instances of crackers developing methods of running one platform’s software on another – with the Atari ST and Commodore Amiga home computing systems being adapted to run Apple Mac software in the late 1980s being classic examples.

In those instances, users were keen to run Mac software on hardware costing a fraction of the Apple price, but in this case, it seems that the sheer diversity of Android apps – many of which are free – is the attraction for Apple iPad users.

Unfortunately, because of the way in which Android apps are running on the non-Android portable device platform, there is a grave danger that on-device IT security software may not be currently capable of spotting any trojans or similar darkware that have been coded to specifically take advantage of the Dalvik port.

The Dalvik port essential creates a iOS-friendly “software wrapper” around the original Android app, which is then tweaked to handle the I/Os (input/outputs) – and other Android-specific calls – on the alien iOS operating system and Apple hardware, so adapting them to work on the iPad platform.

Since we are dealing with an unofficial port of a virtual machine and third-party apps that were coded quite specifically for the Android smartphone and tablet computing platforms, there is a real risk that the ports will have been created by black hat hackers – or cybercriminals – who have an understandable interest in infecting the users’ iPad.

And the chances of an Android app that has been modified to run on an Apple iPad ending up being infected or trojanised are very high indeed.

The iPad is an especially attractive target owing to the fact that Apple operates a strict walled garden approach to its iTunes software store – which has been – he notes – the sole source of apps for the iPhone and iPad unless the user has jailbroken their device.

Until now, of course. It remains to be seen how Apple reacts to this development, but I suspect that defending the integrity of the Apple tablet computer is going to be no easy task where ported Android software is concerned.

For this reason, I would urge iPad users not to install these ported Android apps, as they could be an avenue for a world of infection pain that cannot be stopped by most conventional iPad IT security software. This is a radical and dangerous new development on the portable device threats front, and users need to exercise extreme caution as a result.

Moreover this discovery puts corporate data held on personal devices at risk, further heightening the need for IT Managers to think clearly about their policies for connecting personal devices to the corporate network.

Grant Taylor is the Vice President of UK and Ireland sales, Cryptzone. With almost 15 year's experience within the IT sector, Grant brings a wealth of knowledge about the IT security market and its sales channel. Grant has previously worked for two major IT distributors (Computer 2000 and Wick Hill) and security vendor Check Point, where he was responsible for the UK distribution channel. Originally a professional rugby player, Grant intuitively understands how to motivate sales teams.