iOS 9, Android M Place New Focus On Security, Privacy - InformationWeek
IoT
IoT
IT Life
Commentary
6/24/2015
08:05 AM
Pablo Valerio
Pablo Valerio
Commentary
Connect Directly
Twitter
RSS
100%
0%

iOS 9, Android M Place New Focus On Security, Privacy

Google and Apple have publicly challenged calls from law enforcement agencies to weaken encryption on consumer devices. In turn, iOS 9 and Android M will sport a string of new security and privacy features for users.

8 Ways MDM Can Ease IT Pain
8 Ways MDM Can Ease IT Pain
(Click image for larger view and slideshow.)

I've been using an Android smartphone for the past four years. Since the beginning I have been troubled by the number of permissions many apps require before being installed, and by the almost impossible task of disabling those permissions.

If you want an app such as Twitter to be installed on your Android device, you need to accept a bundle of permissions that include: Identity, contacts, location, SMS, photos/media/files, camera, microphone, WiFi Connection, device ID, and call information. This is just to be able to tweet and read your Twitter feed. The only permission you can actually block on Android now is access to your location, which will have to be disabled for all apps at the same time.

Permissions for Apple iOS devices are no different. While Apple allows users to block apps accessing your contacts and location information, the rest of the permissions apply.

(Image: James Anderson/iStockphoto)

(Image: James Anderson/iStockphoto)

If you have the possibility to root your smartphone and install a different Android OS, such as the one from Cyanogenmod -- I use it on my Sony Xperia phone -- then you can enjoy more control of the privacy settings and disable any permission by app.

Basically there are three permissions that app developers are reluctant to part with: Contacts, browsing history, and location information. This information is the Holy Grail for targeting advertisements.

That is why another permission is becoming omnipresent: WiFi connection info. Since many users are turning off location sharing in order to protect their privacy, app developers have found a way to zero in on the location of the device by looking at WiFi data and matching it with that of other users. The WiFi routers your phone sees during normal operation can be mapped to physical locations with great precision. Out of thousands that you may pass every day just a few are necessary to reconstruct most of your mobility.

The only way to avoid it is to turn off WiFi altogether.

Apple and Google have been heavily criticized for not giving users more control. Meanwhile, corporations are investing billions in Mobile Device Management (MDM) software from companies such as AirWatch, Samsung, and Blackberry in order to block access to sensitive data on mobile devices.

Emphasis On Privacy

However, this dynamic is starting to change. Recently, Apple and Google, during their respective developers conferences, announced new versions of their mobile platforms that will give users more control of the information that apps can mine on the devices. That ability will increase encryption and security.

The next version of Android, codenamed M, will allow users to install apps without agreeing to permissions first. Then they will be able to authorize the app to access some information, such as location, on a one-time or permanent basis. It will also enable hardware developers to start using biometric identification such as fingerprints as part of the Android security settings.

[Read about what you missed at Apple's WWDC.]

Apple's iOS 9 will increase security PINs from four to six digits, making it 100 times harder to break by brute force. Both companies want users to get more comfortable with two-factor verification for certain services, something that Google has been offering for some time now.

But one of the most significant changes to iOS 9 is its new "App Transport Security," which helps app developers use the HTTPS to encrypt Internet traffic. Most apps today are sending and receiving Internet data without any encryption.

Android M and iOS 9 will offer encryption by default, something that law-enforcement agencies have been aggressively fighting. But the two companies have publicly challenged the requirement to give US agencies backdoors out of desires to genuinely increase users' security and to protect their businesses in other countries. 

Pablo Valerio has been in the IT industry for 25+ years, mostly working for American companies in Europe. Over the years he has developed channels, established operations, and served as European general manager for several companies. While primarily based in Spain, he has ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
vervesys
50%
50%
vervesys,
User Rank: Apprentice
7/4/2015 | 3:38:21 AM
Agreed! Request permissions for downloading is such an annoying job
Agreed! Request permissions for downloading is such an annoying job. Ofcourse, security is major concern however, the new version of Andoird M will indeed help the user to set back to know that his data is secured. Also iOS 9 with "App Transport Security" will definitely make users feel secured.
tjgkg
50%
50%
tjgkg,
User Rank: Ninja
7/3/2015 | 12:46:04 PM
Re: Security should be top priority
I agree with you 100% regarding security. It will have to come eventually because i am sure governments will get involved. At that point it will not be an paid option but free. In any case the mindset today is that everything should be free: apps, music, books, etc. I am from the old generation that believes that people should be paid for their efforts.

However i hate the in-app purchases. If you buy an app it should be fully functional.
asksqn
50%
50%
asksqn,
User Rank: Ninja
6/29/2015 | 8:14:25 PM
Too Little Too Late
It's about time consumer privacy and security was taken seriously by the deep-pocketed Fortune 500 tech cos. but seriously, it's too little a lot too late.  I still don't trust a word either Apple or Google says.
Pablo Valerio
50%
50%
Pablo Valerio,
User Rank: Ninja
6/25/2015 | 11:24:48 AM
Re: Security should be top priority
I still want a stronger commitment from Apple and Google to people's privacy. 

We ned to move from opt-out to opt-in and let users decide what to share.

The problem is that most users are not willing to pay for apps, and think those are free. Same as using Facebook or Twitter, if you don't pay, you are the product.

Nevertheless, the ability to turn on and off permissions at will should be part of the standard OS.
tjgkg
50%
50%
tjgkg,
User Rank: Ninja
6/24/2015 | 9:03:35 AM
Security should be top priority
I think these changes are a good start. There really should be more of an ability to restrict access to personal parts of the phone such as contacts, calendars, pictures, etc that have nothing to do with the functionality of most apps. Eventually these will come. I use VPN's when on public wifi to add more security so even if they track wifi IP's, they won't get too much information.
2018 State of the Cloud
2018 State of the Cloud
Cloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Register for InformationWeek Newsletters
White Papers
Current Issue
Cybersecurity Strategies for the Digital Era
At its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll