Security Risks In iOS And Android - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile
Commentary
11/30/2010
12:40 AM
Ed Hansberry
Ed Hansberry
Commentary
50%
50%

Security Risks In iOS And Android

Both Apple and Google are faced with security issues in their platforms that may put user's data at risk. The more computer-like smartphones become, the more they become at risk for having security holes and being the target of attackers to exploit those holes.

Both Apple and Google are faced with security issues in their platforms that may put user's data at risk. The more computer-like smartphones become, the more they become at risk for having security holes and being the target of attackers to exploit those holes.The security issue on iOS is with the Safari browser. An identity thief can hide the URL on the browser making it difficult for someone using an iPhone to accurately determine what site they are at. This phishing attack is worse than what is usually found on a PC. On a PC, you can generally avoid phishing by always paying attention to the URL in the browser's address bar. With the smaller screen of an iPhone, it is easier to hide the URL.

The proof-of-concept code is at Sans.org. So far there are no known public exploits and Apple has been notified of the issue, though there is no word when or if a fix will be available.

Google is also working on a patch for its Android operating system. This security hole allows a web site to get just about any data directly off of the devices SD card according to this InformationWeek article. The code can also retrieve some data from the device itself.

These and other risks are just part of the normal course of business on computing devices today. If Apple fixes its issue, it will be able to pass that to users very quickly through iTunes and remove the threat. Google though may have a harder time getting its fix into users hands. It doesn't own the update channel to the consumer. The hardware manufacturer or carrier does and they have often been slower to push updates to the consumer than Google has been at releasing updates in the first place.

This will be an interesting test to see if a security update spurs Google's partners to issue patches faster than they have issued other updates. Of course, Google has to write the patch for a number of older operating systems. They are only working on the patch for the Gingerbread release, but there are a lot of devices out there with this issue that don't run the latest. Now fragmentation isn't a nuisance, it is a potential threat to the safety of your data.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
News
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
Commentary
Study: Cloud Migration Gaining Momentum
John Edwards, Technology Journalist & Author,  6/22/2020
White Papers
Register for InformationWeek Newsletters
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll