Dr. Gerry Santoro
Founding Associate Professor
covered so far with regard to desktop and laptop computers also applie
s to mobile
devices such as PDAs, tablet computers, and smart
phones running the android or
IOS operating systems are among the fastest growing targets for malware and spyware.
does not create different accounts, so the issue of le
ast privilege is moot
single user is assumed
to be the device administrator, so extra care must be taken when downloading
and installing applications.
generally good advice
that applications only be acquired from reputable
such as Android Marketplace or the Apple Store.
It may also b
e advisable to
on an app before downloading it
to ensure that there are no reports of that app containing a Trojan.
However, even this may not be enough
Instances have occurred
where applications obtained from
reputable sources have been
found to be infected with malware.
A few examples are listed in this
Information Week article
8 Notorious Android Malware Attacks
While doing research on an app, such
as googling its name, can often help prevent the installation of an infected app, this is not sufficient. For
you should install
malware software as with a desktop or laptop system.
Protect Your Mobile Device
There are many anti
spyware applications for mobile devices. A few are listed in the resources
section for this topic.
Some are free
a small fee.
They work much like anti
spyware applications on a desktop computer
. Some may require
You will want to
the application you choose
is tailored for the OS of your device.
Patches are imp
mobile device malware is application dependent,
apply any OS and application patches that are released
as soon as possible. These patches
created to close specific vulnerabilities.
y have noticed when viewing a friend’s smartphone that they have
what seems to be
access to certain features on their phone. This may be a result of “jail
breaking” or “rooting.” Jail
breaking is when a user circumvents the proprietary system so
ftware locks to access the underlying
operating software of the device.
Users may do this to install applications that have not been approved
by their service provider or to allow the device to be used with a different service provider.
breaking is against the user agreement with the
and may void the
warranty. (The legality of jail breaking is still a grey area.)
The biggest problem with jail breaking
and rooting your device
is that it may open
s that could be exploited by malware
that are built into your
As a rule
, unless you are
of what you are doing and are willing to take on the
security risk, you should avoid jail breaking
or mobile device is lost or stolen?
The least worry is that you may
lose all of your contact information or any other data (pictures, etc.) on the device.
Some carriers offer
services that will allo
w this information to be backed up
so it is available if you lose your
or it is stolen, and you need to get a replacement.
to designate a PIN or password to prevent access
s have applications that can be used to track and locate the device
should it be stolen
information (such as account IDs or credit card numbers)
should not be stored
on a mobile device.
Even if the device
is password protected it may be possible to
use forensics methods to acquire that data.
Some protection programs for mobile devices go a step further
based portal that
can be alerted when the device is lost or stolen.
The portal can be u
sed to track the location of the
device if it is used.
The portal can also issue a command to wipe the memory of the device clean to
prevent the thief from obtaining contact information or other data stored on the phone.
A current concern
to mobile users lately is if a
be used to track
2010, much controversy ensued when it was revealed that manufacturers had installed software on the
iPhone and other
s that could be used to record and track
The developers of
the software insisted that this was only used to
improve the user
and that the data was
not personal in nature.
Nevertheless, it is quite possible to track the location of any mobile device.
Many mobile device
s have built
in GPS circuitry that keeps a record of locations.
The intent of this
capability is to allow
applications to provide you with geographically
relevant information such as local
maps, information on hotels near you, or local weather reports.
ecent controversy arose over reports
that Apple was collecting geo
data from iPhone users without their knowledge.
Although Apple insists
the intent is to improve the user experience, this shows a potential vulnerability
as others might have
to this unencrypted data.
information can be accessed through forensics methods
that pull the data from the
Generally such a method is only done by law enforcement
using specialized tools
It is also
possible to determine the locati
on of a mobile device by triangulating the signals from
This method has been used by law enforcement to establish the whereabouts of
persons suspected of committing a crime
in cases where GPS data is not available.
Is it l
That is still a grey area being debated by the courts.
enforcement organizations are
arguing that the GPS information for a user’s phone is not protected information and should not require
a warrant for access.
Any time the phone is turned
it will be in contact with cell towers, and that
information can often be used to establish a location.
Simply turning the telephone off may not be
he safest approach
if location tracking is a genuine worry
is to turn the phone off and
remain safely stored
in the device
s SIM memory.
Sidebar for small businesses
An additional consideration for
is the use of the mobile device in the workplace.
could bypass firewalls
and establish a foothold in an organization’s
many smartphones have cameras and free software is available for picture
uploading, these devices can be used for industrial espionage.
Many organizations do not permit
e devices to be connected to the organization’s networks.
A number of security
minded companies provide separate smartphones specifically for business use.
Businesses should also encourage their employees to install good anti
malware applications on their
personal mobile devices.
One way to do this
to reimburse the employee for the cost of the software.
An employee’s personal
might record internal numbers or
/password sets to services
such as a company’s electronic mail.
If the device is
this information may be stolen
used against the business.
Best Mobile Anti
2013 Best Mobile Security Software Comparisons and Reviews
Virus for Mobile Phones
Avast Free Mobile Security
virus for Android