News & Commentary

10:39 AM
Grayson Milbourne, Webroot
Grayson Milbourne, Webroot
Commentary
50%
50%

Mobility: Who Bears The Brunt Of Data Security & Privacy

OS manufacturers, app developers, and consumers all have a role to play in smartphone data security. But not everyone is equally responsible.

The way I see it, there are three key players when it comes to mobile data privacy and security: the OS manufacturers (Google, Apple, Microsoft); mobile app developers; and the device users themselves. Each party has a role to play but they are not equally responsible or capable of having a significant impact.

Why is this important? For one thing, smartphones are just that -- smart. With access to limitless apps, the Internet, social media, GPS, video camera, a microphone, and more -- today's mobile devices have made life much more efficient and convenient, but also less secure. With this convenience comes a responsibility to protect private user data contained on, as well as transmitted to and from the device. But where does the bulk of the responsibility fall? Read the Full Story on Dark Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
4/29/2014 | 7:59:27 PM
re: Mobility: Who Bears The Brunt Of Data Security & Privacy
Android isn't as strict as Apple, but the real Wild West is the unregulated app stores that exist online. One person told me there's at least 60 of them altogether. Android does have guidelines and asks app owners to answer a bunch of questions before putting their apps in the stores.
Byurcan
50%
50%
Byurcan,
User Rank: Author
4/28/2014 | 11:09:48 PM
re: Mobility: Who Bears The Brunt Of Data Security & Privacy
Yeah I agree, most consumers likely wouldn't pay attention to the security ratings. And then there's the Android Marketplace, which is the wild west...
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
4/28/2014 | 9:25:05 PM
re: Mobility: Who Bears The Brunt Of Data Security & Privacy
That's not a bad idea. But I feel like a lot of customers wouldn't pay attention to it. They see the logo of the company who's app they want to download, and they just go and click on it.
Becca L
50%
50%
Becca L,
User Rank: Author
4/27/2014 | 9:22:21 PM
re: Mobility: Who Bears The Brunt Of Data Security & Privacy
Someone on the original Dark Reading post of this article commented that they would like to see a security ratings for each app in the App Store. It's a simple idea but It would help to share the security burden, and I truly expect it would have a big impact on user behavior. Why choose the free app when it has a 3 stars security rating when the other free app has 5 of 5? And maybe the $1.99 app with 4 stars is more attractive than the free 1-star app.

Skyhigh Networks is actively putting together security ratings of cloud apps in terms of enterprise readiness. Worth a look. http://www.wallstreetandtech.c...
BobH088
50%
50%
BobH088,
User Rank: Apprentice
4/19/2014 | 1:49:40 AM
re: Mobility: Who Bears The Brunt Of Data Security & Privacy
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information. I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.