Vendors falling short on smartphone security

[the snapman]

Smartphone handset vendors are failing to ship devices with adequate security protections and software updates, according to researchers.

UK mobile security firm MWR InfoSecurity said that Android vendors in particular have been selling users handsets which lack adequate protections and contain security flaws which could be targeted by attackers for malware and fraud operations.





MWR InfoSecurity director Ian Shaw said that vendors must improve the built-in protections they ship with their handsets.

"Manufacturers must spend more time looking to see how they can safeguard users," Shaw said.
"The problem is that many users just don't realise how vulnerable they actually are."

Malware infections have became a persistent problem for the Android platform. Cyber criminals have taken advantage of the loosely controlled Android to upload malicious tools and trojan applications.

The company said that it had identified a number of vulnerabilities in the platform and has been in contact with manufacturers such as Samsung to report the flaws and develop patches for Smartphones and tablets.

In the meantime, however, MWR believes that users are being left at great risk for infection. With the rise in IT consumerisation, the firm also sees enterprise environments being left vulnerable to attack.

"(Bring your own device) is an enabling policy allowing for greater remote working and as such higher productivity and innovation," Shaw explianed

"However, many of these enterprises are likely to shun models that do not offer at least basic security assurance, so manufacturers need to get their act together or they will be left behind."

[GastonJ]

Not that MWR InfoSecurity are wanting to make some money out of this I guess, they must be highlighting it out of the goodness of their hearts .........