Posts Tagged ‘ smartphone ’


Which smartphone is the most secure?

Written by admin
December 25th, 2013

Not all mobile phone operating systems are created equal. As Spencer McIntyre of SecureState explains, there are unique differences and threats specific to each smartphone and, in the end, security is largely up to the user

These days, it is almost impossible to meet someone who doesn’t own a cell phone. More specifically, smartphones, whether it be the trendy iPhone, corporate favored Blackberry or modern Windows Mobile, almost everyone has joined the smart phone frenzy — and with good reason. A smartphone offers more advanced computing ability and connectivity than a contemporary phone.

Just like a handheld computer, most of the population relies on their operating system to multitask the demands of work, personal life and finances. However, many Smartphone users forget about the risks of malware on these crucial devices. In fact, a study from Rutgers’s University disclosed that malicious software for cell phones could pose a greater risk for consumer’s personal and financial well-being than computer viruses.

Clearly, there is a need for greater protection of cell phone software and greater awareness of cell phone vulnerabilities from owners, especially when it comes to what kind of operating system you are using. There are unique differences and threats specific to each Smartphone. Here are some important key points that consumers should consider to protect their mobile operating systems.

iPhone
There is a lot to be found regarding this popular device, half of our research findings surrounded the iPhone. Malware for this device took a different approach with the release of IOS 4. The multitasking that users take part in on their systems easily goes unnoticed, allowing the presence of malware to be easier to miss and less intrusive. Malware is more commonly found on iPhones that have been jail broken.

“Jail breaking” means freeing a phone from the limitations imposed by the wireless provider and in this case, Apple. Users install a software application on their computer, and then transfer it to their iPhone, where it “breaks open” the iPhone’s file system, allowing you to modify it; however, this also opens it up to malware. By jail breaking a phone, users are possibly allowing malicious applications into their device which has access to their personal information including their bank account. These applications are not subjected to the same limitations as Apple and therefore are easier to get from a rogue reference and infect cell phone.

Additionally, by not changing the password on a jail broken iPhone, the SSH service, is easy for malicious attackers to create worms used to infect the users operating device. An example of how important this threat is to note was highlighted by Ike, a worm created to raise security awareness when it comes to using these jail broken devices. It illustrates how once the core app has run its route, the vulnerability can gain complete control of the system.

Apple is slow to pinpoint vulnerabilities, including the SMS (texting) exploit released in the summer of 2010 by Charlie Miller. This also revealed that Apple is so slow to release that third party organizations were able to produce a security patch before Apple.

Windows Mobile
When it comes to threats, Windows Mobile takes the cake when it comes to attracting malware via SMS. Specifically the amount of SMS malware found on Windows Mobile devices is much higher in comparison to others. An interesting facet of the Windows Mobile OS is that many of the system calls are shared with it’s full-featured desktop counterparts. This detail has contributed to many pieces of malware that have originated on the Windows OS being ported to the Windows Mobile OS. A noteworthy example of this is the Zeus botnet that in recent years has begun to appear on mobile versions of Windows.

BlackBerry
A popular alternative to the previous two mobile operating systems, the BlackBerry is also quite different from the typical smart phone. The BlackBerry uses what is arguably the most closed source of the operating systems discussed herein. Research In Motion, the developers of BlackBerry have done an excellent job of keeping the sensitive inner workings of this smart phone a secret from the public. This is a contributing factor for the relatively small number of reliable exploits for the BlackBerry smart phone.

BlackBerry also suffers from the multitasking concerns that make it easier for malware to run unnoticed. An interesting proof of concept developed for the BlackBerry is the BBProxy application that was presented at DEFCON.

Symbian
There is not a lot of information regarding malware for this operating device, although it is the oldest of the smart phones and one of the most popular outside of America. Windows, Blackberry and Symbian are malware populated and not present on Android or iPhone. Along with the Windows Mobile family of Phones, Zeus has be ported the Symbian as well. The mobile version of Zeus is being used to intercept text messages sent as the second factor of authentication in many services.

Android
The Android operating system is the only open source operating system discussed herein. Android is unique in that it is community driven. The Android operating system is not owned by an individual organization, so it is developed in the best interest of the users. However, the applications are not monitored for vulnerabilities in the marketplace, so anyone can submit applications containing malicious functions which are less likely to be caught. Essentially, it is up to the users to determine if it is a safe and reputable source from which they are getting the app.

Amazon now has a 3rd party market place, which imposes additional policies and restrictions on applications that are distributed.

Android is based on the Linux operating system. On Linux, availability on Android is unlike others and there is not much evidence of ported malware. This is not because there is not any known Linux malware out there, but because it doesn’t receive much attention.

In Conclusion
All operating systems have distinct strengths and weaknesses; however, many are the same and essentially are up to the user and the configuration of the password. Users need to remember not to install apps from unnecessary sources, especially if they are unknown. While users can’t know them all, users need to ensure that they are from a reputable source. If not, that is where malware commonly comes from, with backdoor apps masquerading as secure applications. Also, jail broken phones are at a huge risk if the user maintains the default password and an even higher risk if not used in the Apple marketplace. Instances of malware exist on all of the phones and are even more relevant on ones using untrusted app sources. Consumers can keep this research in mind when using their smartphone to best protect their valuable information.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

With Chromecast, Google reveals Chrome as its strategic big gun
The browser is behind Google’s play for user data from as many screens as possible

Chrome is Google and Google is Chrome.

The Chrome browser is Google’s most potent strategic weapon, a former Microsoft program manager said last week.

“Chrome is the focus at Google; Android is an afterthought,” asserted Ben Thompson, who writes on his Stratechery blog. Thompson, who left Microsoft earlier this month, has quickly made a name for himself with insights into the technology market, in particular Microsoft, Apple and Google, ranging from Microsoft’s massive reorganization to the possible role for a larger, 13-in. iPad.

“Chrome shouldn’t be thought of as a Web browser,” Thompson wrote. “Rather, it’s an optimized bi-directional delivery vehicle: the best experience with Google services for users, and maximum user data for Google. And it runs everywhere. This is why Google has been investing millions of dollars in building the Chrome brand.”

Thompson’s latest post was reacting to the debut of Chromecast, the $35 stream-to-TV device Google introduced last week. Chromecast, said Google, is powered by a simplified version of Chrome OS. (Although GTVHacker.com claimed Chromecast is “more Android than ChromeOS.”)

“As a horizontal company, Google wants to be on every screen, and their vehicle to accomplish that across verticals, both from a technical and brand perspective, is Chrome,” Thompson added. By “verticals,” Thompson meant “devices.”

It’s hard to argue with Thompson.

Google has been expending significant resources to push Chrome into as many corners as possible.

Not only is Chrome (the browser) available for all major desktop and mobile platforms — from Windows and OS X to Android and iOS — the major features of Chrome OS are being added to the browser, including packaged, nee “native,” Web apps and the ability to view and edit Microsoft Office documents.

The goal? From Thompson’s viewpoint, control of a “multi-screen world.”

Others have had similar thoughts.

“It looks like Google is defining the Chrome platform as what I’d call ‘Web Platform Plus,’ and intends for Chrome OS and the Chrome browser to be a ‘platform on a platform’ on any device it is permitted to run on,” said IDC analyst Al Hilwa in a May interview, months before Chromecast.

By defining that “platform on a platform” — Chrome on Windows, on Android, on iOS, on OS X, on the television — Google is trying to turn as many devices and screens as possible into ones locked into the company’s ecosystem, keep users loyal to that same ecosystem of sites, service and apps, and entice others to join them.

The ultimate prize is more revenue, which Google generates almost exclusively from online advertising. All Google does, argued Charles Golvin, an analyst with Forrester, is driven by its search for more, and more expensive, advertising.

“Google is advertising driven. All its efforts, including Chromecast, are not just about selling more ads, they’re about aggregating data about the customer to make those ads more valuable,” said Golvin in an interview last week. “The more you can target the ads, the more attractive they are to advertisers, and the more Google’s real customers — advertisers — are willing to pay.”

Thompson dubbed that “maximum user data,” but his meaning was the same as Golvin’s.

Chromecast is Google’s newest blatant example of a Chrome-centric strategy. Not only does it carry the “Chrome” moniker, important in itself as an expression of brand identity, but it heavily leans on the browser for functionality.

Only a handful of dedicated apps support Chromecast out the gate: Google’s own YouTube, Google Play Movies & TV and Google Play Music; and the only third-party entry, Netflix. The rest of the lifting is done by Chrome, the browser.

Content on any Chrome tab active on a device within range of a Chromecast-equipped TV can be displayed on the television. During installation on a Windows or OS X personal computer, Chromecast automatically adds the Google Cast add-on to the browser; it can be downloaded separately from the Chrome Web Store, but again, requires Chromecast.

Not only does Chrome’s ability to cast ease the early adopter pain of too-few Chromecast-supporting apps, but it circumvents the limitations of accumulating data when third-party apps are used to display content on a television.

Instead, the normal data collection rules — as Google spells them out in its privacy policy for Chrome — apply.

Specifically, Google knows what you watch, at least in a general way.

“For Chromecast users, Google may collect system activity, crashes, and other details about how you use Chromecast, including use of apps and domains (but not full URLs) accessed by Chromecast,” Google’s privacy policy states.

Maximum user data, as Thompson put it.

In fact, argued Thompson, Google has bet its strategic coin on Chrome, not Android, the mobile operating system also launched in 2008, the same year as Chrome. Thompson noted that Android was largely absent from last week’s unveiling of Chromecast — even to the point, if GTVHacker.com was correct, fudging the code foundation of the device’s firmware — as it was earlier this year at Google’s I/O developer conference.

That’s no coincidence, Thompson said.

“Android … enables several of those verticals [devices], and keeps Apple honest in phones especially,” said Thompson. “However, by virtue of the hardware world it lives in, it’s not the best vehicle for reaching all users, and Google is fine with that. Now that Android is good enough on phones, there simply isn’t any point in investing in it as heavily as before.”

Put plainly, Chrome is Google … and Google is Chrome.

 


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

However, NASA is not the first group to launch Nexus Ones into space.

NASA on Monday launched three 2010-vintage Nexus One smartphones into orbit via an Antares rocket, saying that the Android devices would be among the cheapest satellites ever devised.

The devices are part of the administration’s PhoneSat program, which is designed to ascertain the suitability of consumer smartphone processors as cheaper satellite brains.

Michael Gazarik, NASA associate administrator for space technology, said in a statement that there’s no shortage of possible applications for the space-going Android phones.

“Smartphones offer a wealth of potential capabilities for flying small, low-cost, powerful satellites for atmospheric or Earth science, communications, or other space-born applications. They also may open space to a whole new generation of commercial, academic and citizen-space

The devices contain much of the hardware needed for basic satellite functionality, including reasonably modern processors, cameras, GPS receivers, radios and a host of other small sensors.

The phones are housed in four-inch cubesat structures, and will attempt to take photos of the Earth via their onboard cameras.

The PhoneSats are also part of an elaborate game, as they transmit packets of data back to Earth, where they can be received by amateur radio operators. While some packets are simple status reports, others are tiny fragments of the Earth pictures being captured from orbit, which can be reassembled into complete photographs.

Interestingly, however, NASA is not the first to undertake this type of project – a privately-held British company called Surrey Satellite Technology Limited launched a Nexus One into space aboard the Indian Space Research Organization’s PSLV-C20 mission in late February. However, the STRaND-1’s price tag – “about as much as a high-end family car,” according to SSTL – is likely significantly higher than NASA’s PhoneSat, which cost less than $7,000.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com