Forgot your password?
typodupeerror
Google Handhelds Iphone

What To Do About Mobile Devices That Lie 107

Posted by timothy
from the spanking-is-harmful-to-the-screen dept.
GMGruman writes "InfoWorld has caught two Android devices that falsely report security compliance that the Android OS does not actually support, and Apple quietly has dropped its jailbreak-detection API from iOS 4. So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware? There's no easy answer, but Galen Gruman explains what current technologies can do to help — and how Apple, Google, and others might increase the trustworthiness of their platforms in the future."
This discussion has been archived. No new comments can be posted.

What To Do About Mobile Devices That Lie

Comments Filter:
  • Re:You don't. (Score:5, Informative)

    by arivanov (12034) on Saturday December 18, 2010 @04:01AM (#34598024) Homepage

    That is the case anyway. At least to some extent.

    The problem is elsewhere. Admins upon security advice upload settings which make the device unusable. In that case "reporting compliance" while it is not from the user viewpoint is actually a useful feature.

    Example - I have a Nokia E71. I was seriously stupid at some point to configure my company exchange server on it. As a result it started autolocking itself in 2 mins requiring a security code. So far so good, however it autolocked and put screensaver on in applications which _MUST_ run in foreground - GPS navigation and the media player. It also autolocked itself when docked on a car craddle, etc.

    After a couple of near misses on the motorway trying to get myself from A-Z or trying to dig out the name someone from contacts I tried to turn it off. Guess what, settings uploaded via these APIs _CANNOT_ be turned off. Even if you wipe out the mail for exchange application, disconnect, etc the settings are either not allowed to be changed any more or come back after a change. At the end I had to factory reset the phone and reset the settings partially from backup to recover the phone to a useable state.

    Thankfully I do not have to read my company mail on my phone for a living. If I had to, I would have paid for one of those HTCs without giving it a second thought.

    Similarly, I am not surprised about Apple starting to take away powers away from the security software (and the people who use it). Apple's key selling point is user experience. The way some corporate security people use these APIs sends the user experience into "Mordok, denier of information services" territory. Knowing Apple, they are guaranteed to do something about it and in the land of "i" noone will hear the security people scream.

  • Re:Nothing (Score:2, Informative)

    by Anonymous Coward on Saturday December 18, 2010 @10:04AM (#34599116)

    I am certain that Liu Xiaobo agrees with you, not that bad at all . . . .

  • Re:Nothing (Score:4, Informative)

    by icebraining (1313345) on Saturday December 18, 2010 @10:51AM (#34599364) Homepage

    Manning released thousands of confidential papers. Regardless of what we think about him (I support his actions, but then again, I'm not American), it's still more grave than a single re-tweet [allheadlinenews.com].

10 to the 12th power microphones = 1 Megaphone

Working...