Study into the Implications of Smartphone Operating System Security

Recommendations

Info

Study into the implications of Smartphone operating system security FIRST FIRST is the Forum of Incident Response and Security Teams and was founded in 1989. It is an international confederation of “trusted computer incident response teams” that allows incident response teams to respond to security incidents. FIRST initiated the Common Vulnerability Scoring System (CVSS). This is a system that provides an open and standardised method for rating computer vulnerabilities. Smartphone operating systems vulnerabilities All Smartphone operating systems will have vulnerabilities and the more popular an operating system becomes the more likely it will come under attack and those vulnerabilities disclosed. The actual risk to Smartphone owners to these vulnerabilities will be dependent on a number of factors including: The nature and risk level of the vulnerability, e.g. will the vulnerability lead to widespread disruption, potential financial fraud or identity theft? Who knows about the vulnerability? Is knowledge of the vulnerability restricted and confined to a criminal organisation or hostile nation state? How easy it is to exploit the vulnerability and has the exploit been automated and shared throughout the security research community? The speed for the vendor that is affected by the vulnerability to initially fix (patch) and then to distribute the remediated software to Smartphone owners Quality of communication. Is news about the vulnerability efficiently distributed to those parties that are affected by it? The willingness of the Smartphone owners to download and install the revised software update This section details specific Smartphone operating system vulnerabilities on a per-platform basis. It investigates the levels of reported vulnerabilities associated with each Smartphone operating system that has been discussed in this report. There will be reference to mobile malware and its impact on each platform. Before we dive down into each platform it is worth taking some time to discuss mobile malware in general. Goode Intelligence © 2013 P a g e | 79 www.goodeintelligence.com
Study into the implications of Smartphone operating system security Mobile Malware According to some security vendors and commentators 2013 will be the year of mobile malware. However, this was stated at the beginning of 2012, 2011 and 2010. When reading mobile threat reports that are created by security vendors it is recommened that the reader is cautious and attempt to validate the claims from other sources. That said, the facts do point to a steady increase in mobile malware since 2008/09. The numbers are still relatively small, especially when compared with the numbers seen in the personal computing space, but the trend is upwards and there have been a number of highprofile examples that have resulted in financial fraud and identity theft. If we take a look at figure x below from F-Secure’s Q4 2012 Mobile Threat Report 70 you can see that Android is the number one Smartphone operating system for reported mobile malware. Goode Intelligence believes that this is because of the following reasons: 1. It is the number one Smartphone operating system in the world and could surpass Microsoft Windows as the most commonly used operating system. 2. Android is a more open platfrom and allows users to ‘sideload’ apps onto the Smartphone from unoffical Android App stores. These third-party App stores may not have the levels of control that is reducing the distribition of malware. 3. Malware has been distributed from Google’s official App store (initially Google Market and now named Google Play). Google are getting better at detecting malware and rogue apps in their offical App store and have deployed ‘gatekeeper’ type solutions to detect and remove malware (Google Bouncer 71 ). 4. Most Android users (over 40 percent) are using older versions of the operating system software (mainly Android Gingerbread) that are known to have vulnerabilities that have been exploited. Newer versions of Android are better equipped to deal with vulnerabilities including malware and have better security features including ASLR 72 and rudimentary anti-malware tools. We shall take a further look at Android malware in the ‘Google Android’ section below. According to the latest figures from F-Secure the majority (66.1 percent) of mobile malware were Trojans and of these many were financial motivated and attacking Premium Rate Services (PRS). 70 F-Secure Mobile Threat Report Q4 2012. Report available for download from http://www.fsecure.com/en/web/labs_global/whitepapers/reports. 71 Google Bouncer checks Apps in Google Play and aims to prevent the distribution of malware from Play. According to Google, Bouncer has been responsible for a 40% drop in the number of malicious apps in Play since being introduced late in 2011. 72 ASLR, Address Space Layout Randomization is a security model that randomly arranges the positions of key data areas. It hinders security attacks by making it harder for an attacker to predict target addresses. This was available in a limited form from Android 4.0 Ice Cream Sandwich (October 2011) with a better implementation seen in Android 4.1 Jelly Bean (July 2012). ASLR was introduced in Apple iOS from version 4.3. (March 2011). Goode Intelligence © 2013 P a g e | 80 www.goodeintelligence.com
Page 1 and 2:
www.goodeintelligence.com £ Study
Page 3 and 4:
Study into the implications of Smar
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30: Study into the implications of Smar
Page 79: Study into the implications of Smar
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
show all

Study into the Implications of Smartphone Operating System Security

Create successful ePaper yourself

Delete template?

Save as template?