Tag: mobile security system

Developers find mobile security flaw with Samsung Android devices

Developers associated with XDA Developers, a mobile software development community with over 4 million users worldwide, have found a serious mobile security flaw in recent Samsung mobile devices. One developer, going by the username “Alephzain,” discovered that many Samsung devices that use Google’s Android operating system. The security flaw allowed Alephzain, as well as other developers, to access all of the physical memory contain within a Samsung device. Developers were able to access this memory because of an exploit that provided then with root level permissions.

Flaw could make information vulnerable to theft

Mobile security has been gaining serious attention lately, largely due to the types of information that are stored on mobile devices. A typical smart phone or tablet contains a user’s personal information, such as name, address, and birth date, all of which can be used in identity theft. Mobile devices are quickly becoming mobile payment platforms as well, which means they can store a user’s financial information, such as credit card and bank account numbers. This information is highly valuable to a hacker.

Galaxy S III among most vulnerable devices

According to XDA Developers, the Samsung devices that are most vulnerable are the Galaxy S III, the Galaxy S II, The Galaxy Note II, and Meizu MX. Devices that make use of the Exynos processor are also likely to have some degree of mobile security vulnerabilities. Several developers associated with the community have informed Samsung of the serious security flaw, with one going so far as to hack several mobile devices in order to prove that the flaw exists. There are no known Android malware applications that exploit this particular vulnerability.

Financial information could be at risk

Samsung’s Galaxy S III is one of the most popular smart phones in the world currently, having become a major competitor against the iPhone 5 shortly after its launch. Part of the reason the device is so popular is because of its use of NFC technology for data sharing and mobile commerce. When used to make payments, the device stores a consumer’s financial information. The glaring mobile security flaw that seems to have slipped past Samsung  may have put the financial information of millions of Galaxy S III owners at risk.

Mobile security continues to be a problematic issue for federal government

Mobile security is quickly becoming a major issue for the U.S. government, especially due to the number of agencies that have a heavy reliance on mobile technology. The federal Chief Information Officers Council, an interagency forum that aims to modernize the federal government, highlights mobile security as an issue that should be receiving more serious attention. The Council notes that several agencies are, indeed, moving ahead with mobile security initiatives, but concerted effort is needed to ensure that the sensitive information that is trafficked through mobile devices on a daily basis does not fall victim to exploitation.

Agency highlights the problems of mobile technology and security efforts

The Chief Information Officers Council highlights technical limitations of mobile devices and their associated services as a major problem for mobile security. The Council suggests that federal agencies must adopt more high-tech mobile devices that can more adequately protect their personal information and that of the government they work for. Moreover, very few security-centric mobile applications are approved for use by federal employees. Standards are currently being developed to help expand the availability of such applications, which the Chief Information Officers Council suggests will be a good way to ensure the security of information.

Gap exists between technology and practice

The lack of encryption modules also presents a serious mobile security risk. It is difficult for software developers to create this kind of software for smart phones and other high-tech mobile devices because of the rapid pace at which these devices are becoming more advanced. Changes to operating systems and smart phone technology have created a significant gap that separates the capabilities of modern mobile security solutions and mobile devices.

Cost remains a problematic hurdle

Cost is one of the reasons why federal agencies have avoided mobile security initiatives in the past. Most federal employees have smart phones and other such devices. In order for some agencies to bolster their mobile security endeavors, they would have to replace all of these mobile devices, which accounts for a massive investment of taxpayer money.