Ben and I are heading down to InfoSecurity Europe at Earl’s Court again this week. We’re producing another special edition podcast series for 361 Degrees, focusing on the topic of mobile security. This is quite possibly one of the biggest issues at the forefront of the development of mobile.
Simply ask any Chief Security Officer at a Fortune 100 company how he/she feels about their employees using Android phones and the chances are, they’ll come out in spots and have to be rushed off for immediate treatment. But it’s not just Android that’s vulnerable. When you stop and take a close look, there are clear vulnerabilities throughout the ecosystem. It’s all very well issuing patches for silly programming mistakes (I’m looking at you, Apple), but if people don’t bother updating their devices regularly, they shouldn’t be surprised at being targeted either deliberately or automatically.
So Ben and I will be aiming to talk with a number of key players about what both consumers and enterprises should be doing to better protect themselves.
If you’d like to be included as a spokesperson, we’re recording between 10am-12pm this coming Thursday at InfoSecurity Europe. Drop me a note and we’ll try and get you involved! (Email: ewan@mobileindustryreview.com).
What days are you going to be there?
All of them but Ben will be there on Thursday with me
I;ll look out for you tomorrow then! Have a look at what G&D are doing with Mobicore and the ARM Joint Venture. Potential to really secure a phone and to use it as payment acceptance device to let you put secure PIN into the phone. Lot’s of people claiming to have Mobile Security but it covers such a huge spectrum. Mobile Anti-virus is the biggest con out there.. AV vendors desperate for new revenue.
What’s your view on the anti-malware stuff targeted at the Android marketplace?
Next to useless! Most have a zero detection rate with the best only at about 30% detection. Whilst there is problem of malware in the Android Market and there has been an increase in the number of variates in the last year, most are not downloaded from Google Play, rather they come from alternative markets. China and Russia still dominate in terms of origination of the software.
What is needed is real-time checking when you download with a deep scan of the APK file. None really go deep enough, rather they look at a high level for attributes they know should be in place. These are easily overcome and allow the malware to be installed and then carry out typical money making activities such as sending premium SMS or international dialling. So, the likes of Trend, Kaspersky and others really need to assess what they are trying to achieve with their software and not promote it in the same way as desktop AV.