VULNERABILITIES
--Google Fixes Android Flaw
(November 7 & 10, 2008)
Google has fixed a critical vulnerability in its Android operating
system. The flaw can cause keystrokes to pass directly to the root
shell and be executed with root user privileges. For instance, texting
the word "reboot" would actually cause the device to reboot. The flaw
affects G1 handset users running Android firmware updates RC 29 and
earlier. Google is rolling out the fix to all G1 devices.
Showing posts with label Smartphone Security. Show all posts
Showing posts with label Smartphone Security. Show all posts
Tuesday, November 11, 2008
Tuesday, October 14, 2008
Smart Phone Security
Smart phones such as BlackBerrys, Treos and the iPhones has gained great popularity in the consumer and business market. These phones are able to schedule meetings, keep contact information, take notes and record audio and video footage as well as access the Internet. These great features bring conveniences and great security risk.
These cell/smart phones are becoming digital wallets… 10 years ago people did not keep the type of vital information they do today.
Hackers are able to pull information such as address books, text messages, email and notes that may contact account numbers, passwords and PINs.
New trends in the wireless industry are making it easier for hacking attacks, said John Girard, a Gartner vice president, who spoke at the IT Security Summit in London.
A few years ago, there was not a lot of standardization across wireless devices. Differing operating systems, differing implementations of mobile Java, and even varying configurations among devices with the same operating system made it hard to write malicious code that ran on a wide array of devices, Girard said.
But that's changing as the quality control gets better on widely used platforms such as Microsoft's Windows Mobile and the Symbian operating system, he said. That standardization makes it easier for attackers to write code that will run on many devices.
"The more your phone gets like a PC, the more it can host malicious code," Girard said. "People are getting used to sending out executable code."
These cell/smart phones are becoming digital wallets… 10 years ago people did not keep the type of vital information they do today.
Hackers are able to pull information such as address books, text messages, email and notes that may contact account numbers, passwords and PINs.
New trends in the wireless industry are making it easier for hacking attacks, said John Girard, a Gartner vice president, who spoke at the IT Security Summit in London.
A few years ago, there was not a lot of standardization across wireless devices. Differing operating systems, differing implementations of mobile Java, and even varying configurations among devices with the same operating system made it hard to write malicious code that ran on a wide array of devices, Girard said.
But that's changing as the quality control gets better on widely used platforms such as Microsoft's Windows Mobile and the Symbian operating system, he said. That standardization makes it easier for attackers to write code that will run on many devices.
"The more your phone gets like a PC, the more it can host malicious code," Girard said. "People are getting used to sending out executable code."
Thursday, September 4, 2008
Personal Digital Assistant (PDA) Security
A personal digital assistant (PDA) is a handheld computer that allows users to store data, make phone calls as well as conduct web browsing, multimedia viewing and access to various wired and wireless networks.
User fascination and dependency with PDAs have recently put private personal and corporate data in jeopardy. The storage of the names and addresses of corporate customers on PDAs is now common. Passwords, bank account numbers and pictures are also very common data found on users PDAs.
Security practices on these devices are lagging due to the lack of physical security practices, lock codes, passwords, encryption usage and education.
Security for your PDA will only work if you the mobile professional take the proper steps to ensure the security of your PDA and its contents.
All companies should create and enforce PDA Security policies and make sure that they are enforced. Failure to do so will result in grave lost to the individual and company.
For more information on effective PDA security policies and practices, logon to:
www.securityorb.com
Subscribe to:
Posts (Atom)
Posts
