Forgot your password?
typodupeerror
Google Handhelds Iphone

What To Do About Mobile Devices That Lie 107

Posted by timothy
from the spanking-is-harmful-to-the-screen dept.
GMGruman writes "InfoWorld has caught two Android devices that falsely report security compliance that the Android OS does not actually support, and Apple quietly has dropped its jailbreak-detection API from iOS 4. So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware? There's no easy answer, but Galen Gruman explains what current technologies can do to help — and how Apple, Google, and others might increase the trustworthiness of their platforms in the future."
This discussion has been archived. No new comments can be posted.

What To Do About Mobile Devices That Lie

Comments Filter:
  • Nothing (Score:5, Insightful)

    by xnpu (963139) on Saturday December 18, 2010 @03:02AM (#34597782)

    Do nothing. Didn't we read yesterday that the NSA assumes they're compromised. Sounds like a healthy way to operate - for everyone. While it may sound slightly paranoid and a "hassle", this is only true initially IMHO.

  • You don't. (Score:5, Insightful)

    by PhrostyMcByte (589271) <phrosty@gmail.com> on Saturday December 18, 2010 @03:06AM (#34597794) Homepage

    So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware?

    You don't trust them. Just like you should be doing with desktops/laptops, don't setup services in a way that they allow a phone to ruin your data.

  • by Kenja (541830) on Saturday December 18, 2010 @03:28AM (#34597892)
    Treat them like any other computer.
  • by ewhac (5844) on Saturday December 18, 2010 @03:29AM (#34597894) Homepage Journal
    Let me get this straight: You've been acquiring personal computers, integrating them into your businesses, and installing on them software products so monumentally shitty that it beggars the imagination that anyone with even the slightest sense of pride would admit to writing them. What's more, you were told by people who actually know what the fsck they're talking about that the products were shitty, both at a superficial and fundamental level -- and you systematically ignored them, and kept throwing bad money after worse money, all the while complaining when your systems crashed, your data was corrupted, and your networks infiltrated...

    And you've been doing this for at least the last 30 years...

    And NOW you suddenly claim to give a shit about platform integrity?

    And I suppose the complete absence of any mention of WinCE or Windows Mobile in the article is sheerest coincidence.

    What selective, partisan crap.

  • by Zero__Kelvin (151819) on Saturday December 18, 2010 @03:37AM (#34597940) Homepage

    "So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware? "

    Because nothing ever becomes a trojan horses for malware. In order to do so, that sentence would actually have to make sense. WTF is a Trojan Horse for Malware? A Trojan Horse is, by definiton malware. So long as the general public, and even Slashdot readers, are clueless, then cluelessness will map the security landscape.

  • by IchBinEinPenguin (589252) on Saturday December 18, 2010 @07:50AM (#34598730)
    And I suppose the complete absence of any mention of WinCE or Windows Mobile in the article is sheerest coincidence.

    Windows was excluded because neither of the Windows users have reported any problems. Yet.

    P.S. Couldn't agree more.
    You reap what you sow.
    Keeping your eye firmly planted on next quarter's profit margin (and the resulting bonuses) will eventually bite you in the ass.
  • Re:Nothing (Score:4, Insightful)

    by IchBinEinPenguin (589252) on Saturday December 18, 2010 @08:28AM (#34598818)
    Indeed. The Chinese measures seem geared mostly towards stopping people (connection resets, dns poisoning, etc), whereas the US ones towards criminalizing people (logs.) Which is not to say that the Chinese would never prosecute you as a criminal, they probably will if it suits them, but it's not their default modus operandi.

    Perhaps it's because when some governments go after their citizens they don't bother with niceties like 'evidence', 'logs' or even 'trials'.
  • by IBitOBear (410965) on Saturday December 18, 2010 @02:54PM (#34601334) Homepage Journal

    If you RTFA you discover that the whole second half is boosterism for putting "Trusted Computing" modules inside cell phones. In that light the agnostic condensation of both "jailbroken iThingies" and "that unreliable open source Android thing" makes perfect sense.

    This article has nothing to do with exchange boosterism etc, it is back-door partisanship for trying to revive the Trusted Computing Hardware Module that the technical industry managed to ignore into oblivion.

    The article _is_ an attack on reason, but the goal isn't about Exchange etc, its about re-initializing the idea of corporate capture of your personal property and turning your device from a personal resource to a limited media consumption node. The media used this time isn't movies, its "corporate email" etc.

    Disclaimer: I would _love_ TPM hardware if there were a law that required that _I_ get the _master_ _keys_ for my hardware when I buy it. This would, of course, allow me to lie to an exchange server if I so chose, and would do _nothing_ to prevent jailbreaks. Of course I would also have to demand that there was no "government key" etc. With those elements in place, a TPM would let my paranoia be soothed when I boot my gear.

    So anyway, bitching about how bad exchange software is etc, falls into the hands of the author who is trying to false-flag some emergency to spur on "trusted computing" on the "new platform battlefield".

Imitation is the sincerest form of plagarism.

Working...