Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Apple, Google need to improve smartphone security: Blue Coat

Vendors should check for malicious content when developing applications, says Cloud services vice president

The practice of “security by obscurity” on the Apple's iOS needs to improve as smartphone adoption increases, according to Blue Coat US vice president of Cloud services, Anthony James.

James, an ex-pat Australian who has worked in the US for 10 years with security companies such as Fortinet, said iOS users have been lulled into a false sense of security because Apple doesn’t check an application for security controls before it is published.

“They’ve had this whole sense of security around to get an application published, you need to go through their scrutiny,” he said. “They don’t check for security controls but for inappropriate content with the app,” he said.

He pointed out that a US principal research consultant called Charlie Miler was able to exploit a bug in iOS which could stock the Apple App Store with malware-infected apps.

Miller built a fake stock ticker app, dubbed "Instastock," as a proof-of-concept, then submitted it to Apple, who approved and placed it in the App Store in September 2011.

“Apple has done a great job of security by obscurity,” James said.

He also criticised Google, the developer of Android, for having an open operating system but said Android 4.0 did contain some security improvements.

“If you look at Android 4.0, the Ice Cream Sandwich, they put in some enterprise management features,” he said.

"We’re starting to see pressure on Google because what’s happening now is that corporate Australia is starting to dictate to these vendors that if they are going to allow these smartphones into their organisation they need to have some control,” he said.

“That’s where we have seen Android take their first step into enterprise management capabilities so I see Google is going to be more active in that.”

James, who was working on Cloud security offerings for release next year, said he was targeting four operating systems, iOS, Android, Blackberry and Windows Mobile.

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Apple, Blue Coat, Fortinet, Google
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Android, Apple iOS, blue coat, Ice Cream Sandwich
Latest Blog Posts
Whitepapers
  • Cost Effective Security and Compliance with Oracle Database 11g Release 2
    Information ranging from trade secrets to financial data to privacy related information has become the target of sophisticated attacks from both sides of the firewall. Built upon 30 years of security experience, the Oracle database provides defense-in-depth security controls that enable organizations to transparently protect data. By leveraging these controls, organizations can safeguard data, ensure regulatory compliance, and achieve business goals such as consolidation, globalization, right sourcing and cloud computing while still maintaining scalability, performance and availability. Read this whitepaper.
    Learn more »
  • Blurring boundaries: The disappearing gap between work and home life
    Call it multi-tasking, life-splicing or bleisure but increasingly, fuelled by advances in technology, employees are blurring the boundaries between home and work. ‘Generation Standby’ employees, never truly ‘switched off’ and always ready to be called upon, are now enjoying, and expecting, greater levels of flexibility and mobility than ever before. Read on.
    Learn more »
  • Justifying Business Intelligence Applications
    This white paper explores the decision criteria used in a build vs. buy scenario when considering the Oracle BI Applications. The major benefits of the BI Applications will be discussed in the framework of an overall buy vs. build argument.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments