Feeds

Safe as Windows: Smartphones' security nightmare

Apple, Android and the PC experience

Providing a secure and efficient Helpdesk

Open ... And Shut These days, smartphones are a bit like Dr Seuss' mythical "thneed," doing anything and everything – including (gasp!) making phone calls. Unless you're on AT&T, of course, with its penchant for dropping calls. Ironically, however, we're fast approaching the time when users may care far more about PC-era issues like viruses and other malware, rather than whether they can call home.

Research in Motion's BlackBerry users had a rude awakening last week when RIM's cloud service failed for several consecutive days, turning millions of smartphones into phones that weren't so smart, but still delivered voice traffic, as Noise to Signal cartoonist Rob Cottingham humorously depicts in the cartoon (below) from his website, which he let us use.

The problem is that we no longer rely on our mobile phones for calling friends or family. Not primarily. Over the past few years usage patterns for mobile phones have shifted, with data traffic growing at a torrid pace even as voice traffic stagnates or declines. After all, a 2011 Wireless Intelligence study revealed that apps claimed 667 minutes of users' time per month, compared to 671 minutes for messaging and a mere 531 minutes for voice calling.

Sure, people still complain about dropped calls, but an OccupyTelcos movement would spring up overnight if email/IM/apps/etc were dropped, given how much more of our time we're spending with our mobile devices, whether at work or play.

Given the importance of our mobile devices, we should expect them to become ground zero for more malware, which may put a damper on Android's growth.

Android, after all, is still the Wild West of mobile. Carriers used to control what got on to phones, but now it is Google and Apple that do so, through their respective app stores.

Google is pretty laid-back about what it allows into the Android Marketplace and, hence, onto users' phones. This is particularly troublesome given that Android now tops Apple with 44 per cent of all mobile app downloads. In March of this year, Google torched 21 malware apps. By June, it had to remove 26 more.

Expect more of the same on a regular basis, given Google's laissez-faire approach to its Marketplace.

I'm generally in favour of more openness, not less, and actually would prefer a much more open app distribution mechanism than an app store can provide, for many of the same reasons that venture capitalist Fred Wilson gives.

But this means we'll need to get much more serious about mobile security. Google knows this is an issue, and has been improving Android to make it much more hack-resistant through address space layout randomization (ASLR) and other techniques. But this is just the beginning, not the end.

Third-party applications have hit the market to help people protect their mobile devices, and security giants like McAfee are helping to grow the market. But so far most products are either geared toward enterprises, which have less and less control over the devices employees use, or toward consumers, which have mostly ignored the need to secure their devices.

In short, we have the makings of a serious mobile security problem, particularly for Android users, just as Android seems set to become the Windows of the mobile world, in all the good and bad senses that brand implies. Apple users will likely remain mostly safe, wrapped in the all-encompassing embrace of Apple's closed ecosystem, but will trade freedom for security. Android users, meanwhile, trade security for freedom.

Welcome to the new world of mobile, same as the old world of desktop? ®

Matt Asay is senior vice president of business development at Strobe, a startup that offers an open source framework for building mobile apps. He was formerly chief operating officer of Ubuntu commercial operation Canonical. With more than a decade spent in open source, Asay served as Alfresco's general manager for the Americas and vice president of business development, and he helped put Novell on its open source track. Asay is an emeritus board member of the Open Source Initiative (OSI). His column, Open...and Shut, appears twice a week on The Register.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Same old iPad? NO. The new 'soft SIMs' are BIG NEWS
AppleSIM 'ware to allow quick switch of carriers
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Brits: Google, can you scrape 60k pages from web, pleeease
Hey, c'mon Choc Factory, it's our 'right to be forgotten'
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.