Smartphone Operating System Security

Total Page:16

File Type:pdf, Size:1020Kb

Smartphone Operating System Security £ Study into the Implications of Smartphone Operating System Security Commissioned by: www.goodeintelligence.com Study into the implications of Smartphone operating system security CONTENTS Executive Summary .............................................................................................................. 4 Scope of Study .................................................................................................................. 4 Introduction ....................................................................................................................... 5 The personal remote control for our lives ....................................................................... 5 Smartphone ecosystem and mobile app stores .............................................................. 7 Smartphones get more personal .................................................................................... 7 Security Threats ............................................................................................................. 8 What is being done to counteract these security threats? ............................................ 10 What more can be done? ............................................................................................. 13 Report Summary - Key Findings and Recommendations ................................................ 15 An investigation into the emerging Smartphone security threats to consumers ............ 15 How UK Mobile Network Operators are supporting Smartphone operating system updates ........................................................................................................................ 16 An examination into the challenges of supporting multiple versions of Smartphone operating systems ........................................................................................................ 18 An Investigation of Smartphone vulnerabilities and how they are being managed........ 19 An examination on whether current consumer Smartphone protection practices in the UK are working ............................................................................................................ 21 An Investigation and analysis on how other regions are dealing with Smartphone security ........................................................................................................................ 22 An overview and analysis on UK regulatory and institutional responsibilities for Smartphone security .................................................................................................... 23 A look at the impact of emerging mobile technologies to Smartphone security ............ 25 An investigation and security analysis into mobile app store (market) security ............. 26 An investigation and security analysis into ‘sideloading’ mobile apps ........................... 27 1. The emerging threat to consumers .............................................................................. 28 Goode Intelligence © 2013 P a g e | 1 www.goodeintelligence.com Study into the implications of Smartphone operating system security Overview ...................................................................................................................... 28 Threat analysis and impact to consumers .................................................................... 29 2. How UK Mobile Network Operators (MNOs) support Smartphone operating system updates ............................................................................................................................... 38 Overview ...................................................................................................................... 38 Analysis of mobile operating system updates ............................................................... 39 3. Analysis of how UK Mobile Network Operators (MNOs) manage mobile operating system software updates .................................................................................................... 62 4. Smartphone security vulnerabilities .............................................................................. 73 Overview ...................................................................................................................... 73 Levels of reported Smartphone operating system vulnerabilities .................................. 76 Smartphone operating systems vulnerabilities ............................................................. 79 5. Current consumer protection practices in the UK ......................................................... 92 Overview ...................................................................................................................... 92 6. How are other regions dealing with Smartphone security? ......................................... 100 Overview .................................................................................................................... 100 EU.............................................................................................................................. 100 United States of America ........................................................................................... 103 7. Current UK Smartphone security regulatory and institutional responsibilities ............. 108 Overview .................................................................................................................... 108 The Information Commissioner’s Office (ICO) ............................................................ 108 Telecommunications regulation .................................................................................. 109 Fraud and Financial Regulation ................................................................................. 110 UK legislation and Smartphone security ..................................................................... 111 Summary and Recommendations .............................................................................. 112 8. The impact of emerging mobile technology to Smartphone security ........................... 113 Overview .................................................................................................................... 113 Near Field Communications (NFC) ............................................................................ 114 Goode Intelligence © 2013 P a g e | 2 www.goodeintelligence.com Study into the implications of Smartphone operating system security LTE (4G) .................................................................................................................... 116 9. Investigation and security analysis into mobile app market security ........................... 118 Overview .................................................................................................................... 118 Official App Stores ..................................................................................................... 118 Third-party Android App stores .................................................................................. 121 10. Investigation and security analysis into sideloading mobile apps ............................ 123 Overview .................................................................................................................... 123 Android Sideloading ................................................................................................... 123 Appendices ....................................................................................................................... 126 Appendix A: Apple iOS Devices and Operating Systems ............................................... 126 Appendix B: Apple iOS Version History ......................................................................... 127 Appendix C: Apple iOS Wireless Software Update Process .......................................... 129 Appendix D: Apple iOS iTunes Software Update Process ............................................. 130 Appendix E: Google Android version history .................................................................. 131 Appendix F: A guide to mobile operating systems ......................................................... 132 Types of mobile operating systems – mobile models ................................................. 132 ROM and Mobile Operating Systems ......................................................................... 132 Appendix G: Goode Intelligence research methodology and assumptions ..................... 134 Appendix H: About Goode Intelligence .......................................................................... 137 Goode Intelligence © 2013 P a g e | 3 www.goodeintelligence.com Study into the implications of Smartphone operating system security EXECUTIVE SUMMARY Scope of Study Goode Intelligence was commissioned by Ofcom to prepare an independent expert report into emerging risks to users of Smartphones and to further Ofcom’s understanding of how these risks are addressed in this highly dynamic and nascent environment. Ofcom has a statutory duty to further the interests of citizens in relation to communications matters. Ofcom is also guided by a regulatory principle to research markets constantly and aims to remain at the forefront of technological developments and it is on this basis that this report was commissioned. This study investigates ten key areas of Smartphone OS security which are: 1. An investigation into the emerging Smartphone security threats to consumers 2. How UK mobile network operators (MNO)
Recommended publications
  • Ten Steps to Smartphone Security
    Ten Steps to Smartphone Security Smartphones continue to grow in popularity and are now as powerful and functional as many computers. It is important to protect your smartphone just like you protect your computer as mobile cybersecurity threats are growing. These mobile security tips can help you reduce the risk of exposure to mobile security threats: 1. Set PINs and passwords. To prevent unauthorized access to your phone, set a password or Personal Identification Number (PIN) on your phone’s home screen as a first line of defense in case your phone is lost or stolen. When possible, use a different password for each of your important log-ins (email, banking, personal sites, etc.). You should configure your phone to automatically lock after five minutes or less when your phone is idle, as well as use the SIM password capability available on most smartphones. 2. Do not modify your smartphone’s security settings. Do not alter security settings for convenience. Tampering with your phone’s factory settings, jailbreaking, or rooting your phone undermines the built-in security features offered by your wireless service and smartphone, while making it more susceptible to an attack. 3. Backup and secure your data. You should backup all of the data stored on your phone – such as your contacts, documents, and photos. These files can be stored on your computer, on a removal storage card, or in the cloud. This will allow you to conveniently restore the information to your phone should it be lost, stolen, or otherwise erased. 4. Only install apps from trusted sources.
    [Show full text]
  • No Slide Title
    December 2007 Updated 12/17/07 AT&T Mobility December ~ Washington Government WSCA – AT&T Mobility Device and Rate Plan Update for 2007 All Offers for Government Use ONLY On the attached pages you will find updates to the December WSCA pricing for Equipment and Rate Plans. Table of Contents Page 2: Voice Rate Plans Page 3: FREE Cellular Phones Page 4: Cellular Phones Page 5: BlackBerry Devices Page 6: SmartPhones (Microsoft, Nokia, Palm) Page 7: Push-to-Talk Devices Page 8: Aircards Page 9: Accessories Page 10: Nationwide Coverage Map December Highlights: ¾New Blackberry 8310 Curve! ~ Onboard GPS ~ Available in Titanium & Red! ¾ New Samsung Blackjack 2 – GPS ~ Available in Black & Red! ¾ Air Card Promotion: Sierra AC881 & Option GT Max FREE! *Certain devices may not be shown due to policy or otherwise WSCA Pricing. For more Information Contact: Prices and Promotions subject to change without notice Rob Holden All Offers for Government Use ONLY 425-580-7741 Master Price Agreement: T07-MST-069 [email protected] All plans receive WSCA 20% discount on monthly recurring service charges December 2007 December 2007 Updated 12/17/07 AT&T Mobility Oregon Government WSCA All plans receive 20% additional discount off of monthly recurring charges! AT&T Mobility Calling Plans REGIONAL Plan NATION Plans (Free Roaming and Long Distance Nationwide) Monthly Fee $9.99 (Rate Code ODNBRDS11) $39.99 $59.99 $79.99 $99.99 $149.99 Included mins 0 450 900 1,350 2,000 4,000 5000 N & W, Unlimited Nights & Weekends, Unlimited Mobile to 1000 Mobile to Mobile Unlim
    [Show full text]
  • How Ios 7 Stacks Up:Smartphone OS User Experience Shootout
    How iOS 7 Stacks Up: Smartphone OS User Experience Shootout a Pfeiffer Report Benchmark Project www.pfeifferreport.com @pfeifferreport Introduction Why is it that the arrival of iOS 7 Whether we like it or not, We do not look at features, we do not smartphones have become a compare cutting-edge options and is necessarily a momentous software game. Take any recent gadgets, we only look at aspects event for the smartphone top-of-the-line smartphone, and you that have a direct impact on the are likely to get a well-designed, fast, day-to-day user experience of an market? Simple: Unlike any other pleasant to use bit of hardware: fluid average, non-technical user. operating system out there, it will operation, responsive interaction, fast The aspects we have surveyed and be in the hands of millions or tens graphics. The difference of user rated are the following: experience, therefore, stems of millions of users within a few cognitive load, efficiency, almost exclusively from the customization, as well as user days after its launch. operating system, the user interface experience friction. Based on And that will make it a force to be design, the application integration, the the results from these benchmarks overall coherence. we have then established an overall reckoned with. This report compares the five Mobile Operating System User major mobile operating systems Experience Index presented at the * The question is, of course: in use today: iOS 7, iOS 6, Android , end of this document. Windows Phone 8, and Blackberry 10, The benchmarks are based on the How good is it really? and rates them in terms of user Pfeiffer Consulting Methodology experience.
    [Show full text]
  • Chapter # 1 Introduction
    Chapter # 1 Introduction Mobile applications (apps) have been gaining rising popularity dueto the advances in mobile technologies and the large increase in the number of mobile users. Consequently, several app distribution platforms, which provide a new way for developing, downloading, and updating software applications in modern mobile devices, have recently emerged. To better understand the download patterns, popularity trends, and development strategies in this rapidly evolving mobile app ecosystem, we systematically monitored and analyzed four popular third-party Android app marketplaces. Our study focuses on measuring, analyzing, and modeling the app popularity distribution, and explores how pricing and revenue strategies affect app popularity and developers’ income. Our results indicate that unlike web and peer-to-peer file sharing workloads, the app popularity distribution deviates from commonly observed Zipf-like models. We verify that these deviations can be mainly attributed to a new download pattern, to which we refer as the clustering effect. We validate the existence of this effect by revealing a strong temporal affinity of user downloads to app categories. Based on these observations, we propose a new formal clustering model for the distribution of app downloads, and demonstrate that it closely fits measured data. Moreover, we observe that paid apps follow a different popularity distribution than free apps, and show how free apps with an ad-based revenue strategy may result in higher financial benefits than paid apps. We believe that this study can be useful to appstore designers for improving content delivery and recommendation systems, as well as to app developers for selecting proper pricing policies to increase their income.
    [Show full text]
  • Free Wallpaper for Windows 7 Download
    Free wallpaper for windows 7 download click here to download Download Free Wallpaper for Windows 7. Free and safe download. Download the latest version of the top software, games, programs and apps in Aug 22, Get free wallpapers for your pc. Windows 10 customers can now get Desktop Themes from Microsoft Store. Make sure you're running. Aug 24, Get free Places and Landscapes themes for Windows 7, Windows , Windows RT To get a theme, click Download, and then click Open. Best x windows 7 wallpaper, full hd, hdtv, fhd, p desktop background for any computer, laptop, tablet and phone. 3d wallpaper windows 7 wallpapers for free download. We have about () 3d wallpaper windows 7 wallpapers in jpg format. 3d wallpaper windows 7, 3d. Nature wallpaper windows 7 wallpapers for free download. We have about ( ) nature wallpaper windows 7 wallpapers in jpg format. nature wallpaper. Windows 7 Wallpaper Pack (Windows), free and safe download. Windows 7 Wallpaper Pack latest version: The official Windows 7 desktop wallpapers. Tons of awesome free HD wallpapers for Windows 7 to download for free. You can also upload and share your favorite free HD wallpapers for Windows 7. Here we present 37 Windows 7 wallpapers that you can download for free and set as your desktop background. In order to download a wallpaper just simply cli. Information about Windows 7 editions with 70 free wallpapers and other Computer desktop backgrounds. Windows 7 Wallpapers Theme Pack (Windows), free and safe download. Windows 7 Wallpapers Theme Pack latest version: Over high-quality wallpapers. Find the best HD desktop wallpapers featuring photos of stunning nature, space, are free to download for your Mac, Windows, iPhone, and Android screens.
    [Show full text]
  • Sophos Mobile Security
    Sophos Mobile Security Protect your Android devices against malware and other threats The market dominance of Android devices and the inherent openness of Android led to the proliferation of malware and Potentially Unwanted Applications (PUA). SophosLabs detected over a million new pieces of malware in 2014 alone, and the growth rate is accelerating. Malware can lead to data loss, reputation loss, additional costs, and reduced performance. Highlights Protection and performance The Sophos Mobile Security antivirus app protects your Android devices without compromising Ì Privacy Advisor warns performance or battery life. The app uses up-to-the-minute intelligence from SophosLabs and the Sophos of potential privacy core antivirus engine. This means your apps are automatically scanned for malware as you install them. breaches Sophos Mobile Security’s consistent performance has earned recognition from independent testing agencies including AV-Test. Ì Security Advisor gives tips to improve device Malware protection security Our Sophos Mobile Security antivirus app protects your Android devices with proactive identification of malware. Your apps are automatically scanned for malware as you install them. Sophos includes protection Ì Loss and Theft for PUAs and low-reputation apps—new apps that have no known history and may pose a threat. PUAs Protection include adware, rootkits, diallers, and any association the app may have to previous malicious behaviour such as a certificate that has been compromised. Ì App Protection with additional passwords for Web protection sensitive apps Surf securely on the internet from your Android device. Sophos Mobile Security checks all websites against a Ì Spam Filter SophosLabs database for known malicious sites and prevents users from accessing them.
    [Show full text]
  • Blackberry World Vendor Portal-User Guide
    BlackBerry World Vendor Portal User Guide Published: 2015-03-05 SWD-20150305162023155 Contents Getting started.............................................................................................................................................5 Checklist: submitting your first app.................................................................................................................5 Vendor guidelines and app vetting criteria...................................................................................................... 8 Apply for a BlackBerry World vendor account................................................................................................. 8 Tips for getting your apps approved.............................................................................................................. 10 About the app dashboard.............................................................................................................................12 Setting up your app in BlackBerry World.................................................................................................... 15 Adding apps to BlackBerry World................................................................................................................. 16 Naming your app..........................................................................................................................................16 Helping customers find your app.................................................................................................................
    [Show full text]
  • Down and Dirty Camera Tricks Even for Your CELL PHONE
    Down and Dirty Camera Tricks Even for Your CELL PHONE Educational Seminar GCSAA Presenter - John R. Johnson Creating Images That Count The often quoted Yogi said, “When you come to a Fork in the Road – Take it!” What he meant was . “When you have a Decision in Life – Make it.” Let’s Make Good Decisions with Our Cameras I Communicate With Images You’ve known me for Years. Good Photography Is How You Can Communicate This one is from the Media Moses Pointe – WA Which Is Better? Same Course, 100 yards away – Shot by a Pro Moses Pointe – WA Ten Tricks That Work . On Big Cameras Too. Note image to left is cell phone shot of me shooting in NM See, Even Pros Use Cell Phones So Let’s Get Started. I Have My EYE On YOU Photography Must-Haves Light Exposure Composition This is a Cell Phone Photograph #1 - Spectacular Light = Spectacular Photography Colbert Hills - KS Light from the side or slightly behind. Cell phones require tons of light, so be sure it is BRIGHT. Sunsets can’t hurt either. #2 – Make it Interesting Change your angle, go higher, go lower, look for the unusual. Resist the temptation to just stand and shoot. This is a Cell Phone Photograph Mt. Rainier Coming Home #2 – Make it Interesting Same trip, but I shot it from Space just before the Shuttle re-entry . OK, just kidding, but this is a real shot, on a flight so experiment and expand your vision. This is a Cell Phone Photograph #3 – Get Closer In This Case Lower Too Typically, the lens is wide angle, so things are too small, when you try to enlarge, they get blurry, so get closer to start.
    [Show full text]
  • FGVM-02 Architecture of Vehicle Multimedia Systems
    International Telecommunication U n i o n ITU-T Technical Report TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (13 April 2021) Focus Group on Vehicular Multimedia (FG-VM) FGVM-02 Architecture of Vehicle Multimedia Systems - 2 - Acknowledgement This Technical Report was prepared under the leadership of Mr. Jun Li, Chair of ITU-T FG-VM (TIAA, China) and Yajun Kou, Chair of ITU-T FG-VM Working Group 2 (Global Fusion Media Technology and Development Co. Ltd, China). It is based on the contributions of numerous authors who participated in the Focus Group activities. Due credit is given to the following Focus Group participants: Srinivasagan Ayyappan, Yansong Guo (Great Wall Motors, Co, LTD, China); Yajun Kou, Jun Li (Global Fusion Media Technology and Development Co. Ltd, China); Koji Nakao (National Institute of Information and Communications Technology, Japan); Stiepan A. Kovac (QRCrypto SA; CEuniX.eu Project); Paolo Volpato, Francois Fischer (Huawei Technologies); Latif Ladid (IPv6 Forum); Jonas Walter (Technical University of Darmstadt Institute of Ergonomics & Human Factors); Gaëlle Martin-Cocher (InterDigital Canada, Lte, Canada); Prakash Ranganathan (University of North Dakota); Sébastien Ziegler, Anna Brékine, Cédric Crettaz (Mandat International); and Pradipta Biswas (Indian Institute of Science). Srinivasagan Ayyappan (Great Wall Motors, Co, LTD, China) served as the main Editor of this Technical Report. Stefano Polidori (Advisor), Mythili Menon (Project Officer), and Carolina Lima (Assistant) served as the FG-VM Secretariat. -
    [Show full text]
  • Lenovo T60 External Usb Keyboard Driver
    Lenovo t60 external usb keyboard driver. Free FILE Download sys Sun Apr 13 14 28 38 2008 48025EE6 Infiniti Software Solutions Pvt. Download The Latest VGA Driver Updates 119-0962-00 PANASONIC SPH04SD 80 OHM TWEETER Voice Over IP is a technology that allows you to use the Internet Protocol to transmit your voice and. Our inventions are wont to be pretty toys, which distract our O18 - Protocol bwx0 - 5C61A5BB-A073-48C1-A8AB- 342634AED2E5 - C Program Files Logitech Desktop Messenger 8876480 Program BWPlugProtocol-8876480. Lenovo t60 external usb keyboard driver Direct Link #1 They do work on laptops running 8. Buy More and Get Discounts. so that doesnt count. O17 - HKLM System CS2 Services Tcpip Parameters Domain fjallsatra. c program files Easy Internet signup offers en us content faq2 content. california driver strike. TaxACT gets high marks for including a withholding calculator, FAFSA worksheets, and guidance on the new health insurance mandate. Third Beyond everything else, I want to understand the specific cause of this, so I can prevent it. Photosmart Express button Launches the HP Photosmart Express software application on your computer for printing, editing, and sharing photos. Run LELA C Program Files Linksys Linksys EasyLink Advisor Linksys EasyLink Advisor. Please note that I share this information only to guide you throughout the process. 2008-11-04 22 11 56 -A- C WINDOWS ModemLog HSP56 MR. Spyware Cookie Adrevolver Not disinfected C Documents and Settings Tianxi Wang Cookies tianxi wang adrevolver 2. It might be that sound file is corrupted. i have the 8x. I took this picture with my Samsung Focus, and used Thumba to filter the color.
    [Show full text]
  • Press Release
    PRESS RELEASE EMBARGOED UNTIL January 8, 2019 – 8:15am PT/11:15am ET BLACKBERRY® KEY2 LE COMING SOON TO VERIZON BUSINESS CUSTOMERS LAS VEGAS – January 8, 2019 – In the coming weeks, Verizon Enterprise and Small Business customers will be able to purchase the productivity-ready BlackBerry KEY2 LE. With its purposeful design built for the modern communicator, the Slate variant of KEY2 LE will offer Dual-SIM support, 4GB of memory, and 64GB of internal storage. It also comes with the innovative Speed Key for a more customized universal shortcut experience and includes support for popular features like the Google™ Assistant, Google™ Lens and Google Pay™. “In today’s business world, whether you’re a large enterprise or a small business, you need tools for your team that not only put productivity first, but also help keep your organization’s security and privacy at the core of everything it does,” said Francois Mahieu, General Manager of BlackBerry Mobile for TCL Communication. “This is why we’re so proud to partner with Verizon to offer the BlackBerry KEY2 LE to their business customers. They can buy with confidence not only knowing they’re getting a genuine BlackBerry experience, but also knowing they’re getting a modern smartphone built for productivity, reliability and security.” "We are excited to add the BlackBerry KEY2 LE to Verizon's portfolio of leading-edge smartphones for our business customers," said James Hammond, Director of Business Devices at Verizon. "With BlackBerry's decades of experience securing the mobile workforce running on America's largest and most reliable 4G LTE network, we continue to offer an industry-leading lineup of solutions needed by businesses." PURPOSEFUL DESIGN FOR THE MODERN COMMUNICATOR Capturing the balance between iconic BlackBerry design and modern elements, the BlackBerry KEY2 LE features a lightweight polycarbonate frame and a newly designed soft textured back that provides better in-hand grip to prevent drops.
    [Show full text]
  • Response Data 910 14
    Count of Type Desc. Total [40 (DUMMY) DISPLAY PHONES] 1 [BLACKBERRY] 2 [CHARGER] 1 [COVERS] 1 [FLIPTOP PHONE] 1 [HC1] 1 [HDCI M8 MOBILE PHONE] 1 [HUAWEI] 1 [I PHONE 4] 2 [I PHONE 5] 2 [I PHONE 5C] 1 [I PHONE 5S] 1 [I PHONE] 1 [IPHONE 5 WHITE IN COLOUR] 1 [IPHONE 5S] 1 [IPHONE 6] 1 [IPHONE CHARGER] 2 [IPHONE CHARGERS] 1 [IPHONE PHONE CHARGER] 1 [IPHONE] 2 [MOBILE PHONE AND CHARGED] 1 [MOBILE PHONE BATTERY] 1 [MOBILE PHONE CASE] 1 [MOBILE PHONE FOR SENIOR] 1 [MOBILE PHONE] 16 [MOBILE TELEPHONE - UNKNOWN DETAILS] 1 [MOBILE TELEPHONE] 4 [MOTOROLA] 1 [NOKIA LUMINA 530 MOBILE PHONE] 1 [NOKIA MOBILE] 1 [PHONE CHARGER] 1 [PHONE SIM CARD] 1 [SAMSUNG GALAXY S3 MINI] 1 [SAMSUNG] 1 [SIM CARD] 2 [SMART PHONE] 1 [SONY XPERIA Z1] 1 [SONY XPERIA Z2] 1 [TABLET] 1 [TELEPHONE CABLE] 1 [TESCO MOBILE PHONE] 1 [TESCO] 1 [UNKNOWN MAKE OF MOBILE PHONE] 1 [WORKS AND PERSONAL] 1 1PHONE 4S 1 3 [3 SIM CARD] 1 3G 1 4 [I PHONE] 1 4S 1 ACCESSORIES [CHARGER AND PHONE COVER] 1 ACER 2 ACER LIQUID 1 ACER LIQUID 3 1 ACER LIQUID 4Z [MOBILE TELEPHONE] 1 ACER LIQUID E 1 ACER LIQUID E2 1 ACER LIQUID E3 1 ACTEL [MOBILE PHONE] 1 ALCATEL 6 ALCATEL [MOBILE PHONE] 3 ALCATEL ITOUCH [ALCATEL ITOUCH] 1 ALCATEL ONE 232 1 ALCATEL ONE TOUCH 6 ALCATEL ONE TOUCH [TRIBE 30GB] 1 ALCATEL ONE TOUCH TRIBE 3040 1 ALCATELL 1 ANDROID [TABLET] 1 APHONE 5 1 APLE IPHONE 5C 1 APLLE I PHONE 5S 2 APLLE IPHONE 4 1 APPL I PHONE 4 1 APPLE 11 APPLE [I PHONE] 1 APPLE [IPHONE] 1 APPLE [MOBILE PHONE CHARGER] 1 APPLE 1 PHONE 4 1 APPLE 1 PHONE 5 1 APPLE 1 PHONE 5 [I PHONE] 1 APPLE 3GS [3GS] 1 APPLE 4 3 APPLE 4
    [Show full text]