In the past few years, innovations in mobile phone technology—a technology that has been readily available for only the past decade—have already developed and produced a new age mobile phone. They call it the smartphone. “In a nutshell, a smartphone is a device that lets you make telephone calls, but also adds in features that you might find on a personal digital assistant or a computer.”(Cassavoy) One can now perform tasks on a mobile phone, such as send and receive emails, browse the Internet and even upload and edit documents. The most incredible feature about the smartphone, however, is its use of applications, or “apps”—access to various programs from a single box on the home screen of a smartphone. Developers produce these apps at such a high rate that not all apps available to the market prove secure. A recent outbreak of apps containing malicious coding has infected scores of smartphones. The effective use of IT by the companies that produce these smartphones has helped crack down on these breaches in security, and the companies hope to secure their software and prevent future plagues of software bugs.
“Tens of thousands of users of Android-based smartphones have downloaded applications capable of taking over their phones with malicious software designed to steal data or send expensive messages, security experts have warned.”(Menn) The Android smartphone, developed by Google, allows each company to have its own build of the Android operating system. This allows for the complete customization of user interface, graphics and branding based upon various company goals and objectives (Lemos). Without one uniform operating system, security for the Android technology can hardly encompass the various tweaks added by the respective companies that make the Android. In the past year, a total of 58 applications have been discovered to contain malicious coding that could potentially infect an Android. Google, upon analyzing the problem, discovered that over 260,000 Android phones have suffered infection from this malware. Google has recently performed a “clean-up” that destroyed harmful packages within the dirty applications. "Google's fix removes the actual packages that exploited the flaw, but doesn't fix the underlying vulnerability," says Kevin Mahaffey, chief technology officer at mobile security firm Lookout, which has analyzed the malware (Lemos).
To properly fix a phone requires hardware makers to create their own updates that include Google’s fix. These updates must be pushed to the various carriers, who must also test the hardware before selling it to the customer. In the personal computer industry, however, software makers generally release updates and fixes more quickly. “Automated software updates have become necessary features of applications and operating systems, and are typically applied frequently.”(Lemos) PC and Mac users generally experience fewer problems with the ability to constantly “check-up” on their device, and solve the problem much faster if a problem does in fact arise. Google, and smartphone developers in general, continue to search for a way to incorporate this personal computer technology onto their phones. "From a security standpoint, the more automated this stuff is, the greater the penetration of the patching will be and the better off everyone will be," says Tom Cross, a security researcher with IBM (Lemos). IT workers for companies such as Google continue to search for compatible hardware and software that will allow for such a thing.
Works Cited
Cassavoy, Liane. "What Is a Smart Phone." About.com. The New York Times Company, 2011. Web. 21 Mar 2011.
Lemos , Robert. "Securing All Androids Proves Tricky." Technology Review 17 Mar 2011: 1-2. Web. 21 Mar 2011.
Menn, Joseph. "Android Users Hit By Malware Attacks." Financial Times 3 Mar 2011: 2. Web. 21 Mar 2011.
It is without a doubt that smartphones have become increasingly popular and have demonstrated a tremendous effect not for recreational use but for that of businesses as well. As a TechNews article puts it, "The proliferation of smartphones in corporate environments creates a new and wider potential for data loss and leakage, whether by theft, unauthorized access or unauthorized transmission." Smartphone content is more vulnerable to loss or theft, and usernames and passwords are often unsecured or set for automatic log-on. As a personal smartphone user, I realize the security risk everyday. I know that I have auto logins set for my e-mails so that when I click it, I'm not entering my password everytime. This also goes for my facebook and twitter accounts, which I know I'm not the only one (for those of you who have ever changed a friends status from their phone).
ReplyDeleteIt is good to see that companies are taking a much finer interest in this aspect of smartphone security. Norton, a trusted security program for computers has recently released its Norton Smartphone Security package. Personally, as smartphones flood the market and become more widely used, I would like to see security packages come standard on smartphones. After all, if we are going to start making our phones our "virtual wallets' there would need to be a significant increase in security for me to even consider such a possibility.