Cybersecurity, Cyber, IT, news, computer, security, hacker, whitehat, blackhat, gray hat, education, penetration tester, information security, hacking, video, operating system, OS, google,googledork, VM, online safety, internet security research, article, ethical, elearning, security+, technology, google hacking, windows administrator, tools, free tools, networking resources, SMB,help, cyber-security

Home - Mobile OS

Mobile Operating Systems

This page is dedicated to security information concerning the security of the Mobile OS community.  This page contains articles pertaining to code flaws, security best practices, and general mobile tools designed to secure the mobile OS community.

KMBL Security Mobile Team.

Mobile OS Article Archive

What is a Mobile OS?

mobile OS market share 2010Today the computing power of many of the common hand held devices is on par with that of desktop systems of only a few years earlier.  Like desktop systems, these mobile appliances need an Operating System (OS) that not only provides capabilities for communication, but execution of a new class of compact, multi-programming developed codebases called Applications (Apps). The creation of Apps has spawned a huge industry netting billions of dollars in sales annually.  However, with the introduction of millions of developers also comes the potential for code flaws, malware, and other potential security risks to be introduced into these mobile devices.  Unlike desktop computing, the market for mobile computing security is immature and most consumers have not embraced its value.  This is flaw in their strategy with potential costly impacts.  Just as you would never consider running an internet connected desktop without some sort of Anti-virus / anti-malware protections, the same rules should apply to the mobile OS.   The mobile OS market is one of the most highly targeted platforms currently due to its general lack of security, protective measures, and access to contact data, credit card information (through apps), and the potential for covert monitoring of the user.  KMBL Security asks you consider all these factors next time you download an application from a marketplace.  Don’t be fooled by the promise of code-review, it’s not for your sake; it’s for the OS providers to ensure stability. 

This month's tip:

Considering the challenges with the current lack of mature security products in the mobile space here are a few tips to lower your risk:

  • Passwords:  Use a unique password for every application.  This sounds like a pain, but if one application (or vender) get hacked, they will not have your passwords to all your apps and accounts.  Consider using a trusted password vault with AES256 encryption like LastPass, which also provide an on device app to make the process easier to manage.
  • Permissions:  Read all the permission requirement for the application prior to installing or downloading.  There is no legitimate reason for a game to need access to your contacts.  If you want to share your highscore, send your own email.
  • Reviews:  Always read the review of a product prior to download and install.  Lots of times the developer will have people seed positive comments like "this is the best application I have used for this...".  Expand the comments and read more than 3-4.  You might find the app isnt everything its reported to be.
  • Updates:  When an application posts an update, its normally to provide enhanced functionality or to fix a bug or security hole.  Regardless, you should always consider installing these patches.  Prior to install its smart to read what the patch is for prior to installation just in case it negatively impacts a function or device you are using.