Security Issues in Smartphone Markets
Are you buzzing about the new Verizon Blackberry Storm or the T Mobile G1? They are the new crave and everyone wants one right? What these owners many not know are the security risks that surround the raving technology. Most of the unawareness starts at companies and customers not placing more significance on security as smartphones get smarter. Although a smartphone may not be at greater risk than a PC, some security issues and risks are still present with PDA’s and smartphones. In the United Kingdom, a whooping 800,000 people were the victim of mobile phone theft in 2006. Even though 90 percent of these phones deactivated within 48 hours, what happened to the other 10% of users that lost data to the crime. Smartphones are linked to the corporate network and are as vital as a laptop on the company network. Also, you cannot stop your employees from having accidents by underestimating these devices. Mobile phone operators can stop SIM cards and stop expensive calls from being made. However, a smartphone differs from regular mobile phones. Executives carry all kinds of information on the device, from confidential announcements, to financial results and business in progress. If any of these were ever lost, it could result in the lost of business and trust within company IT infrastructures. It is important to recognize the dangers before permitting a full mobile device network within the company. When sending emails, texts, and using smartphone applications may seem harmless, however your phone could be very vulnerable to hijacker attacks. We will explore some security issues that surround some of the primary smartphones leading the markets today and address how to mitigate users’ risk of being attacked. Some of the issues that smartphones are having problems with securing encryption keys that can unlock cell phone holders’ private information. Digital signatures are also being compromised through man in the middle and proxy attacks. While these may not seem to affect every user, surely the danger of having your password captured due to spyware may catch your attention. On the other hand, many Symbian Operating System security flaws that smartphones use to operate have proven to be the source of some application hijacks. Since smartphones such as Blackberry do not require an application code signature, network access is permitted attackers access to owners’ applications. This could cause third parties to send messages, edit, delete, and add contracts and PIM (Product Information Management) data, read and call phone numbers. Simple functions such as sending and receiving SMS (short message service) text messages can be intercepted by another application that could cause outgoing text messages to be picked up by an expensive application. This causes confusion to the smartphone owner who is oblivious that his or her messages have been negotiated leaving the customer to pay the bill. A problem for businessmen and/or businesswomen smartphone owners is opening certain files from their smartphone application can contain this malicious code causing the data to be compromised. A hackers’ claim that they can pay one hundred dollars for an API key that can open backdoor to Blackberry’s RIM (Research in Motion) devices. If this is true than owners and companies have to worry about the data integrity of within application and software. Some issues that are present are the talk about an API key that can be bought for one hundred dollars. It gives hackers the ability to allow unauthorized network access. Let’s take the iPhone developers. They have yet to incorporate Microsoft Exchange or Lotus Notes. This makes it easy for an Internet provider to expose private data due to unsecured connections to servers. The current iPhone user must forward their e-mail to an Internet service provider, potentially exposing data. Trust could be gained if communications were encrypted...
Please join StudyMode to read the full document