Here is another reason I have personally decided not to go back to Android.
According to a report from cybersecurity firm Check Point, there are tens of vulnerabilities that are found every day, some of them in the apps themselves and others in external shared code libraries that are used by those apps to enable specific features. Updating them to keep up with the most current security threats is a monumental task, so app developers have to prioritize which ones get fixed first.
The researchers decided to take a look at how many apps in the Google Play Store are currently still using vulnerable libraries. They hunted specifically for three vulnerabilities that are rated critical and were disclosed in 2014, 2015, and 2016. This won’t surprise the infosec community, but the resulting list includes over 800 popular Android apps and games that have been downloaded a total of 5 billion times.
Among the affected apps are some that people use very frequently, like Facebook, WeChat, Messenger, Instagram, AliExpress, TuneIn and SHAREit. The shared libraries have all been updated since the vulnerabilities were discovered, but new versions of those popular apps still use the outdated libraries.
If you have a mobile device, you know how important it is to keep the core operating system and all installed apps up to date. It comes as a shock to discover that these precautions are of no help when the app maintainers neglect to incorporate security fixes into their versions of popular components. Keeping track of all security updates in all external components of a sophisticated mobile app is a tedious task, and it’s no surprise that few maintainers are willing to expend the effort. Mobile app stores and security researchers do proactively scan apps for malware patterns, but devote less attention to long-known critical vulnerabilities. Unfortunately, this means there’s not much the end user can do to keep his mobile device fully secure.
It should be noted that the Facebook, Instagram, and Messenger apps are all Facebook products. One of the largest corporations in America, Facebook, cannot be bothered to protect it’s users and find the time and resources to upgrade it’s products.
Furthermore, Google isn’t doing enough to encourage app developers that use the Play Store to keep their apps secure.