I selected only 9 participants because I couldn’t run a focus group with more. You want everyone in your focus group to be able to sit around a table to talk together. Five ended up being a sufficient amount; I don’t think I would have gotten any more information with more people.

You say, “the number of pretest participants was initially 30.” That is not true: I say that I invited 9 people. I paid them $30 each.

I am also a PhD student, however I am attending Walden University in the Management & Technology program with a specialization in Knowledge and Learning Management.

My question is what was the result for the real test and how many participants attended the real test. You indicated that the number of pretest participants was initially 30 of which 9 were selected for the test and were provided the survey to take on their laptop. However, for the test only 5 of the 9 participants showed up. I think that selecting only 9 participants did decrease the sample size which, mostly likely contributed to the lack luster attendance for the test. Would you agree?

Thanks for your reply to my post.

iOS runs all applications as the same user, and utilizes a kernel-level mandatory access control mechanism known as “SeatBelt” to limit interaction between applications. While SeatBelt policies could, in theory, be customized for each downloaded application, in practice customization is only used for a handful of pre-loaded apps (like mobile Safari) and all downloaded apps run with the same set of permissions. This set of permissions is not visible to users, and the standard seatbelt policy has actually become more permissive as the platform has evolved, with iOS 4 granting many more rights than iPhone OS 2.

The security of iOS is really provided by the lack of application choice. All applications are supposed to be loaded from the Apple App Store, and Apple uses human review, static and dynamic analysis to look for potentially malicious actions by uploaded apps. You are not allowed to sideload applications from the Internet or your PC, so in theory every bit of executable code your phone has passed by Apple’s gatekeepers. In reality, mobile Safari has had hundreds of vulnerabilities and the sandbox mechanism is regularly defeated, as evidenced by the success of enthusiasts in creating jailbreak software for pretty much every version of iOS.

Android was always intended to allow users to load software from untrusted sources, so the security model needed to be “collapsed” onto the phone and can’t rely on external review processes. Every application on Android is assigned its own uid on install, and by default the application’s user is granted no rights outside of access to its home directory, the ability to execute itself and write to the screen. Android applications request permissions to perform other actions, like access the network, use the Bluetooth stack, make phone calls or read the user’s contacts. The user needs to approve these permissions on install, and a lot of work has gone into designing a UX that makes this decision easier to understand while not “lying” to the user. A handful of these permissions are enforced in the Linux kernel by use of group membership by each app’s user, but the majority of them are enforced on IPC calls between the application and services that provide these abilities.

So a very long answer to a short question. How would I sum it up? It is more likely that an Android phone will be exposed to malicious software than a non-jailbroken iPhone over its lifetime, because the Android market is not as controlled and the user can download applications whenever he/she pleases. If you were trying to attack a fully patched Android phone and a fully patched iPhone, then the iPhone is probably the softer target, especially if you can get the user to navigate to a malicious page using Safari. In this way, Android and iOS play out the Windows/OS X security drama in miniature and reflect the difference between security and safety. The former OSes are like very secure homes in bad neighborhoods, the Apple OSes are like mansions with unlocked front doors in much safer neighborhoods.”

http://www.quora.com/Which-platform-is-more-vulnerable-to-viruses-iOS-or-Android