I'm not sure why this has quickly devolved into a discussion over whether Android or Apple is less safe in regards to the apps available for it. A far more useful discussion would be how can we as end users protect ourselves from these practices. I like to think I'm a cut above the average person (not necessarily the average slashdotter) by being somewhat selective about the apps I install, paying attention to the permissions they request, and running an iptables based firewall to whitelist the apps that I allow network access to. Even with that though I can't claim to be immune to downloading an app that has some malware on the backend. I've resisted the idea of antivirus/antimalware programs so far as I find that my phone's resources are quite limited enough as is. I'm not all that concerned about premium SMS either as I run a prepay sim with no extra funds on it. Can anyone point out any other obvious practices I may be missing?