Smartphone Security Issues And The Potential Pitfalls

Smartphone Security Issues

Smartphones, with advanced computing ability and connectivity, have dramatically changed the computing landscape. Smartphones run complete operating system software that provides a standardized interface and platform for a large number of applications in the marketplaces such as the Apple App Store, Android Market, and Amazon App Store. Android Market is the most popular app store among commercial developers. Google Play is the premier store for distributing Android apps. Users can easily and quickly download new apps and games. This popularity of smartphone applications has drawn the attention of attackers. There are several demonstrated Malware attacks on the Android platform. Studies indicate that the number of malicious applications in app repositories has increased with increasing the rate of downloading apps. Therefore, Privacy and security of apps are important issues for smartphone users.

According to new research by University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), “anyone who uses the affected applications is at risk of confidential data breaches. Depending on the app, user locations, passwords, chat logs, images, video, audio, and sketches can be viewed by people invading the user’s privacy”. Moreover, Ibrahim Baggili, assistant professor of computer science at UNH’s Tagliatela College of Engineering stated that “although all of the data transmitted through these apps is supposed to go securely from just one person to another, we have found that private communications can be viewed by others because the data is not being encrypted and the original user has not clue.” Unfortunately, most smartphone users believe that downloading applications from the app repository is risk-free or secure because of existing security controls in the app repository. Hence, majority of smartphone users ignore security messages during application installation due to the lack of security awareness. Therefore, educating users and enhancing their knowledge about the security practices is paramount. “They should learn to run security tests on their own”.

Although several security companies have introduced some security solutions for smartphones (e.g. anti-virus, firewalls, rootkit detectors, intrusion detection system (IDS), and other useful tools) that can be run on the smartphone and smartphone user can take these applications in online market, they cannot prevent attacks from inside caused by using implementation error or user unawareness. They can only prevent attacks from outside like malware. Therefore, users should adopt other security mechanisms to enhance security of their smartphone.

Jeon et al. (2011) conducted a study on smartphone security called A Practical Analysis of Smartphone Security and introduced three ways to keep smartphone secure. They are as follows:

  • Add-on application is easiest way. Smartphone users have to install appropriate applications (like anti-virus or SPAM filtering from appstore ) to their smartphone to increase smartphone security. In fact, this way can’t ensure security improvement.
  • System add-on means system updates. Platform manufacturer and application developer provide updates for their products and this update includes both improvement of functionality and security. So, smartphone users have to update their smartphone platform and applications periodically for smartphone security.
  • System modification is most expensive way to improve smartphone security, because it needs kernel configuration. However, this way can improve entire security of smartphone platform.”

In addition, application developers and smartphone users should adopt cryptographic technology (application and APIs) to enhance confidentiality and integrity in smartphones. In line with this idea, Baggili suggests that “the app stores should have enforced standards for personal messaging applications that enforce developers to use encryption on those apps.”

By Mojgan Afshari

Tech

What is the Difference Between a VPS and a Cloud VPS?

VPS or Cloud VPS? While researching this article it became very apparent that there is a lot of confusion about the differences between VPS Hosting and a Cloud VPS. They are both Virtual Private Servers, ...
Martin Mendelsohn

New Executive Roles in the Post-Corona Era

Executive Roles in the Post-Corona Era As the global economy shows early signs of reviving from past months of rigormortis, forward-looking companies will be busy preparing for the next pandemic. What this means for technology ...
Scott Leatherman

Speeding up Digital Transformation During the Pandemic – 7 Steps to Unlocking the Benefits of Cloud

7 Steps to Unlocking the Benefits of Cloud The pressure for IT leaders to support more workloads and remote staff with limited resources is as contagious as the pandemic. The most powerful tool in their ...
Kip Compton

What’s Ahead for Cloud

The Cloud 2018 was an incredible time for cloud. Its impact on customer experiences, business processes and models, and workforce innovations was undeniable. We saw more and more use cases where customers started leveraging multiple ...
Fahim Kahn

The 5 Biggest Hybrid Cloud Management Challenges—And How to Overcome Them

Hybrid Cloud Management Challenges The benefits of the cloud—reduced costs, greater IT flexibility, and more—are well-established. But now many organizations are moving to hybrid cloud management platforms. While hybrid clouds do offer a greater level ...
Isc2

Episode 2: Coronavirus Phishing Emails and Work-from-Home Meetings

Coronavirus Phishing Emails What to watch out for as scammers exploit pandemic panic, and tips on how to attend meetings while working from home. Working from home this week? There are a few challenges and ...