You are viewing 'mobile devices'
Google Pixel and Apple iPhone security
As we begin the New Year, many of us are still enjoying the new toys received during the holiday season — toys such as a new iPhone 7 or maybe even the new Google Pixel. Cell phones, like anything else, come with a variety of choices based on size, OS, manufacturer, storage space, screen clarity, etc. But do most people consider which devices are the most secure?
In our industry, people tend to make this the focal point of research before purchasing a new phone. But most of the time, others outside IT security do not. In this blog, I’m going to review some of the security features that the iPhone7 and Google Pixel offer, as well as a few of the areas where they are lacking in security or have vulnerabilities.Google Pixel Security Features
First, let’s take a look at the Google Pixel and some of its security features. Unlike other smartphones, the Pixel uses file-based encryption rather than full disk encryption. This allows files... read more >
Social Media Scrooges
I recently had the pleasure of providing security guidance for a news story presented by the local Fox® affiliate. Since the reporter took a few liberties with what I actually said, I thought I would give you, the reader, these tips directly. So, here we go!
Some of what I’m about to say may seem like common sense but to the excited traveler anxiously awaiting a getaway weekend for the upcoming holidays, maybe not. There seems to be a common theme lately of people posting images of their boarding pass on social media sites, unaware of the dangers this actually poses. If we take a moment and examine the various boarding documents of the major airlines, we see a common occurrence of information, all of which when used together can pose pretty serious risk to the unaware holiday traveler.
Delta Airlines® Boarding... read more >
Hacked Apple toolset delivers thousands of infected apps
“Trust no one,” goes the mantra of a great 1990s TV show, The X-Files.
Some things, however, we nearly always trust. A carpenter trusts that his hammer will drive a nail, and if it doesn’t, the reason is usually obvious. All craftsmen have to trust their tools, because we don’t have the time to build our own hammers and ladders. Yet for software developers, this means trusting very complex tools we can’t easily validate.
The most important software tool is a compiler, often part of an integrated development environment (IDE) with a debugger and other tools. These tools are like a genie, translating a programmer’s wishes (source code) into something that does his bidding (binary machine code). But sometimes the genie is a bit of a devil. I’ve personally found compiler bugs, cases where it didn’t translate my source code accurately. My own... read more >
7 Tips to Secure and Help Your Cell Phone Get Home
Is your phone set up to protect your data and help it find its way home when lost?
Last night, while on a walk with my amazing wife, we discovered a lost phone on the ground.
Considering that within a half-mile radius of my house there are three churches, two schools, two parks and a golf course, this happens more often than you would think. I'd like to believe that I am a decent, responsible security professional. As such, my first thought wasn't "Hmmm. What can I do with this?", but rather "How can I quickly get this back to its owner?"
Sometimes this is extremely easy. Other times, not so much. This case met a few hiccups. To respect their privacy, I always try to touch as little of their data as possible. So, here’s what I tried to do to get the phone... read more >
Protecting Corporate Assets from BYOD Security Risks
I was reading a blog post about how cybercriminals are increasingly using HTML5 to sneak malware into application code, and it got me thinking.
Protecting application code from theft and reuse is becoming extremely important in mobile application security, along with guarding against the type of apps corporate end users are permitted to download and install.
As the number of mobile applications using HTML5 increase due to HTML5 cross-platform compatibility, or its platform independent nature, I envision more app developers incorporating it into their mobile app development as a time and cost saving measure. The unfortunate downside of doing so, however, is Android's lack of great binary protection mechanism.