Apple, Google need to improve smartphone security: Blue Coat

Vendors should check for malicious content when developing applications, says Cloud services vice president

The practice of “security by obscurity” on the Apple's iOS needs to improve as smartphone adoption increases, according to Blue Coat US vice president of Cloud services, Anthony James.

James, an ex-pat Australian who has worked in the US for 10 years with security companies such as Fortinet, said iOS users have been lulled into a false sense of security because Apple doesn’t check an application for security controls before it is published.

“They’ve had this whole sense of security around to get an application published, you need to go through their scrutiny,” he said. “They don’t check for security controls but for inappropriate content with the app,” he said.

He pointed out that a US principal research consultant called Charlie Miler was able to exploit a bug in iOS which could stock the Apple App Store with malware-infected apps.

Miller built a fake stock ticker app, dubbed "Instastock," as a proof-of-concept, then submitted it to Apple, who approved and placed it in the App Store in September 2011.

“Apple has done a great job of security by obscurity,” James said.

He also criticised Google, the developer of Android, for having an open operating system but said Android 4.0 did contain some security improvements.

“If you look at Android 4.0, the Ice Cream Sandwich, they put in some enterprise management features,” he said.

"We’re starting to see pressure on Google because what’s happening now is that corporate Australia is starting to dictate to these vendors that if they are going to allow these smartphones into their organisation they need to have some control,” he said.

“That’s where we have seen Android take their first step into enterprise management capabilities so I see Google is going to be more active in that.”

James, who was working on Cloud security offerings for release next year, said he was targeting four operating systems, iOS, Android, Blackberry and Windows Mobile.

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

More about: Apple, Blue Coat, Fortinet, Google
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Android, Apple iOS, blue coat, Ice Cream Sandwich
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/133/feeddemon/

FeedDemon

FeedDemon is an easy-to-use RSS reader for Windows which will keep you informed with the latest news and information. The Google Reader Synchronization allows you ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia