What To Do About Mobile Devices That Lie 107
GMGruman writes "InfoWorld has caught two Android devices that falsely report security compliance that the Android OS does not actually support, and Apple quietly has dropped its jailbreak-detection API from iOS 4. So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware? There's no easy answer, but Galen Gruman explains what current technologies can do to help — and how Apple, Google, and others might increase the trustworthiness of their platforms in the future."
Nothing (Score:5, Insightful)
Do nothing. Didn't we read yesterday that the NSA assumes they're compromised. Sounds like a healthy way to operate - for everyone. While it may sound slightly paranoid and a "hassle", this is only true initially IMHO.
You don't. (Score:5, Insightful)
So how can IT and businesses that allow iPhones, iPads, and Androids trust that the new generation of mobile devices won't become Trojan horses for malware?
You don't trust them. Just like you should be doing with desktops/laptops, don't setup services in a way that they allow a phone to ruin your data.
Stop thinking of them as phones. (Score:5, Insightful)
What a Phenomenally Stupid Question (Score:5, Insightful)
And you've been doing this for at least the last 30 years...
And NOW you suddenly claim to give a shit about platform integrity?
And I suppose the complete absence of any mention of WinCE or Windows Mobile in the article is sheerest coincidence.
What selective, partisan crap.
English_101 EPIC FAIL (Score:2, Insightful)
Because nothing ever becomes a trojan horses for malware. In order to do so, that sentence would actually have to make sense. WTF is a Trojan Horse for Malware? A Trojan Horse is, by definiton malware. So long as the general public, and even Slashdot readers, are clueless, then cluelessness will map the security landscape.
Re:What a Phenomenally Stupid Question (Score:4, Insightful)
Windows was excluded because neither of the Windows users have reported any problems. Yet.
P.S. Couldn't agree more.
You reap what you sow.
Keeping your eye firmly planted on next quarter's profit margin (and the resulting bonuses) will eventually bite you in the ass.
Re:Nothing (Score:4, Insightful)
Perhaps it's because when some governments go after their citizens they don't bother with niceties like 'evidence', 'logs' or even 'trials'.
You got the wrong Partisans (Score:5, Insightful)
If you RTFA you discover that the whole second half is boosterism for putting "Trusted Computing" modules inside cell phones. In that light the agnostic condensation of both "jailbroken iThingies" and "that unreliable open source Android thing" makes perfect sense.
This article has nothing to do with exchange boosterism etc, it is back-door partisanship for trying to revive the Trusted Computing Hardware Module that the technical industry managed to ignore into oblivion.
The article _is_ an attack on reason, but the goal isn't about Exchange etc, its about re-initializing the idea of corporate capture of your personal property and turning your device from a personal resource to a limited media consumption node. The media used this time isn't movies, its "corporate email" etc.
Disclaimer: I would _love_ TPM hardware if there were a law that required that _I_ get the _master_ _keys_ for my hardware when I buy it. This would, of course, allow me to lie to an exchange server if I so chose, and would do _nothing_ to prevent jailbreaks. Of course I would also have to demand that there was no "government key" etc. With those elements in place, a TPM would let my paranoia be soothed when I boot my gear.
So anyway, bitching about how bad exchange software is etc, falls into the hands of the author who is trying to false-flag some emergency to spur on "trusted computing" on the "new platform battlefield".