Archive for May, 2010

Mobile Device Applications Security: Part 4

This blog posting is the last in a series of four on mobile device applications security. The prognosis is not good—I’ve repeatedly tried to drive home the point that there is little if any security built into these applications, with the exception of applications that utilize Microsoft’s trusted application model. Interestingly, some app stores claim that applications are “screened” before they are available through the store, but what is meant by “screening” is not clear. It appears that powers-that-be behind the Apple iTunes App Store are more concerned about potentially offensive application content within its applications than anything else. Those in charge of the BlackBerry App World appear to care mostly about weeding out applications that are likely to cause BlackBerrys to crash or hang. And Symbian’s application screening process appears to consist only of scanning for viruses and eradicating them if they are found. But even if app stores were to offer only truly secure versions of applications, bypassing the stores altogether to obtain basically the same, but less secure versions of applications that an app store offers would be easy. Read more…

Categories: Network Security Tags: