Google has now announced the Open Handset Alliance and the Android Platform.

Android is a Linux-based open source operating system for mobile devices. With this, Google hopes to challenge other open Linux-based devices, such as the Nokia N810.

Of course, we at F-Secure have to think what effect, if any, open platforms might have on the future of mobile malware. Will an open standard for mobile phones make mobile malware more or less of a problem? Might this accelerate or decelerate the evolution of mobile malware?

The key issue here is whether Android will go for totally open systems or whether they will adopt a system for signing approved applications (such as Symbian).

If unsigned and unknown applications written by anyone have full access to phone features, we smell trouble.

Quoting Android's homepage:

    "... an application could call upon
    any of the phone's core functionality
    such as making calls, sending text
    messages, or using the camera ..."

Of course, we won't know the full specifications of Android phones until they become available in late 2008.

And it's pretty guaranteed that no criminal attacks will take place until the installed base for Android has become large enough to interest the bad guys financially. This might never happen.

P.S. The installed base is already there for the iPhone. iPhone malware could easily become reality in the near future.