In an article posted by Reuters, Scott Totzke, RIM's vice-president of BlackBerry security speaks about the security of smartphones these days making some bold, but reasonable statements about where we could end up if we are not careful.
Totzke, along with Kevin Mahaffey, chief technology officer at Flexilis shared issues and concerns for the smartphone market both agreeing that users need to be more aware of what, exactly they are installing on their devices. Essentially, if warnings are not heeded in these areas your smartphones could be used in DDOS attacks. Totzke was quoted as stating "I think that's an area of concern," while Mahaffey stated "These are not telephones anymore. These are computers. So people are going to have all the problems on their phones that they have on their computers."
The smartphone market is growing massive and it has reached a point where security concerns are now going to be a huge factor with the amount of information and data users store on their devices. We have seen some "proof of concepts" lately wherein security has been breached on a multitude of devices and one can only hope that manufacturers are working hard to help keep their users safe and that users will utilize all offerings such as updates and patches.
So what's your take on it? As a smartphone owner, do you give any thought to security? Or do you just assume it's all good and keep installing apps like crazy?!
22 comments
Digg
Facebook
I've never thought of security to be an issue honestly. What kind of dangers are there? Are we talking like viruses or something?
Yea i would like to know more about the subject
How about all the apps sold here, are they safe?
Some of the apps that Crackberry has reviewed, given away like candy and included for sale in the Crackberry store are very questionable. A couple come to mind that I will not mention by name but they are for sure at minimum dangerous. The need to scrutinize these apps more by resellers and users as to what is getting into the market and what they are really being used for.
So if they're sketchy at best and malicious at worst, why won't you say anything? Or are you just fearmongering?
One friend of mine is a software support person working with Windows programs. For good reasons he is paranoid about security.
In the mobile department as the devices become increasingly popular and functional the danger may exist, but we are forewarned by other systems. RIM must pay attention as must others, but for me as a consumer I am not too bothered. My phone uses few apps these days. Surfing causes me more worries.
It was inevitable that this would be recognized and addressed. Though smart phones are in their comparative infancy when compared to more established computer products, they are indeed true multi-purpose computers and as such can be cracked. I think it's a good time to implement what security we can. Of course such things will have to be trim and efficient due to the current limitations of processors and memory, but it's still something to consider.
I think security is job 1, nothing less - RIM needs to care about this .. and I chose Blackberry for the security ,not because of all the other gadgets that are avail. If I wanted other gadgets I would have gone with some thing else.
you can get toys any where, but you can't get secure architecture anywhere.
I've installed software from SMobile to help protect my Daughter's phone and my phone. This gives me piece of mind that there is protection on my BBs'.
I know it is said over and over, but Security starts with the user. It is up to us to not put too much faith in the products being offered and to keep a weary eye on eveything. Sure sites like CB do a great job simply because of their community size IMO. It forced them to look at securing the products they offer a bit closer. But do they? We don't know. That is the problem now a days. We don't have access to everything sites like this are doing to safeguard their members from, so we are left to assume things are safe. Use common sense, and sometimes realize what we are actually putting on our phones with these apps. Simply because.. You never know. It might just fall on the community to be the watchdog.
I work as Mobile information system professional, so I have been thinks about this for sometime now. I am always looking at ways to protect my clients data expecally now that it is out in the world and not just in the office.
This is definitely something that will become an issue. We're seeing the first iPhone attacks starting (mostly against jailbroken iPhones), and other platforms will follow eventually. Phone makers need to help against this threat by enabling their OS's to be updated more frequently and easily. The Palm Pre does this well - updates are downloaded automatically over the air when the phone is idle, and installations are simple and relatively quick. Blackberry updates take longer and are more difficult, and half the apps have to be reinstalled afterward. Updates will also need to be available from the manufacturer rather than the carrier, without carriers having to approve an update for their network. Otherwise, people won't isntall updates (I avoid updating my BB except for major updates because of this) or updates will be made available too slow to protect the devices.
I'm not surprised to see this article.
A number of months ago, a beta of a great app was released (no names), generating a tremendous amount of excitement amongst us Crackberries. It is now a for-sale app, and is still being raved about.
I was quite concerned reading a comment by someone questioning why it was necessary to include a key-stroke reader in the app. It didn't make sense to me, and that coupled with all the over-riding firewall permissions required for the app to run was enough to keep me from using the app, despite it's great functionality.
I posted asking about this, and was told by the developer (or one of the few obvious supporters of the developer) "this was standard" for this type app.
That alone was enough for me. Giving someone a key reader on my blackberry with the important personal info I keep on it, made me feel uneasy.
Maybe I'm a bit too cautious, but the fact that all the supporters were relatively new posters to Crackberry, their service provider was from a country known to be "technologically unfriendly" to the US, and the speed of addressing the technical issues of the entire program (often within the hour) with updates, sounded too good to be true to me.
As the saying goes, let the buyer beware...
If people think ignorance is bliss then watch issues sneak up on them.
I always take the source of my download into consideration, hold my breath, and hope for the best. I'd like to think I have better odds if my download comes from Crackberry or Appworld. So far I've only had one problem with an app from Appworld. I actually had to call TMO CS --ick-- and to my surprise they were able to help me uninstall it.
I think it's a little of both. My responsibility is to have a device with disaster recovery options I am comfortable with. The manufacturer's responsibility is to provide a device that keeps with consumer confidence. My biggest hope is that one day, my mobile device can separate cellular service from mobile computing while being housed in the same device. Even apart from security concerns, nothing is more annoying than an unresponsive device from software glitches that can't even make a cellular service call. Maybe some lessons can be learned from the VM communities.
My 2 cents.
Right now, security for consumers isn't much on an issue. However, shortly, viruses/trojans/etc will be written for smartphones. There's no denying that. When that time comes, RIM will truly shine.
if you work for the DOD and you keep the plans to the latest smart bomb saved on your blackberry, then YES beef up the security. But if you only have Poynt and a theme on it , be real man DON'T WORRY
Some apps steals contact info and call logs to be sold for market research firms. It's additional and continuous income stream for app makers. They act like spyware.
Considering how rare security issues is raised in this site, most bis users care little about security.
i think if u just download appps dat are actually useful u shouldnt worry about it. plus i chose RIM for the security. Took me 15 minutes to jail break friends iphone. thats not a phone that makes u feel secure
..but seriously, if someone takes their smartphone seriously and actually uses it to even remotely close to it's full potential, the security has to be a priority. Whoever said it starts with the consumer hit the nail on the head. Yes, RIM needs to take some at least basic security measures, but if the average person only took basic measures, a lot of this could be avoided. And to the person who said it all starts with common sense, don't forget "Common sense ain't common"
OK here are my thoughts:
If you have a BlackBerry pay attention to the security warnings when you install stuff. Dont just grant all perms or prefered status to apps without trusting the source.
Avoid Windows Mobile at all costs as Windows is inherently insecure (without third party security apps which are not really available for smart phones)
If you have an iPhone don't jailbreak it; you are crippling the phones on board security system.
If you have an iPhone and don't heed my advice and jailbreak anyway then at least be smart about it and change the &*(%&% root password to something other than "alpine"