It is quite comforting to know, according to Giles Hogben of the European Network Information Security Agency (ENISA), that when comparing browsing risks, mobile security is still much better than other areas of cyber security threats. For example, for the number of malware risks it is something around 1,000 times less than the threats which are on PCs, he wrote. Nevertheless, Hogben also made it clear that, despite its lower risk level, more usage of smartphones will cause an increase in emerging threats of mobile malware.
Wednesday, October 19, 2011
Mobile: Combating Malicious Apps
ENISA Says Vendors are Key to Smartphone Security
It is quite comforting to know, according to Giles Hogben of the European Network Information Security Agency (ENISA), that when comparing browsing risks, mobile security is still much better than other areas of cyber security threats. For example, for the number of malware risks it is something around 1,000 times less than the threats which are on PCs, he wrote. Nevertheless, Hogben also made it clear that, despite its lower risk level, more usage of smartphones will cause an increase in emerging threats of mobile malware.
Hogben’s main concerns were basically focused on lack of encryption in smartphones data, and “loseability,” which he coined from the ease at which consumers lose their phones. Areas he discussed included “challenges of detecting and blocking malicious apps on mobile devices; conflicts between mobile OS and HTML permissions in mobile browsing; and what the market can expect If HTML 5 becomes the standard.” Public API, for example, involves image gallery, the accelerometer and the address book. The accelerometer data is used to grab peoples’ passwords by just observing the way the phone wiggles as different soft keys are pressed during usage. Sloppy coding, besides malware, also leads to data vulnerabilities.
Furthermore, fingerprinting is another area of concern that must be addressed when considering mobile browsing risks. Users’ fingerprints were identified by the particular kind of headers they transmitted when they looked at headers coming from the browsers.
With such exposures and various risks associated with smartphones, Hobgen concluded that vendors are the main key to smartphone security. But, the question remains, who bears the liability of legal implications of that responsibility? Is it the vendor or the consumer?
It is quite comforting to know, according to Giles Hogben of the European Network Information Security Agency (ENISA), that when comparing browsing risks, mobile security is still much better than other areas of cyber security threats. For example, for the number of malware risks it is something around 1,000 times less than the threats which are on PCs, he wrote. Nevertheless, Hogben also made it clear that, despite its lower risk level, more usage of smartphones will cause an increase in emerging threats of mobile malware.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment