Mobile network dangers
- Wireless transmission is not encrypted.
Information that is sent by a mobile device that is not encrypted during communication, such as e-mail. In addition, many applications are not encrypted by the data they send and receive on the network, and are easily intercepted. For example, if an application transmits data to an unencrypted WiFi network using HTTP (rather than secure HTTP), the data can be easily intercepted. When a wirelessly transmitted data is not encrypted, it can be easily intercepted.
- Mobile devices may contain malware.
Users can download applications that contain malware. Users are unknowingly downloading malware because it can be disguised as a game, security patch, utility, or other useful application. It is difficult for a user to tell the difference between a legitimate application and a malware. For example, an application may repackage malware that users may accidentally download to a mobile device. Data can be easily intercepted.
- Mobile devices usually do not use security software.
Many mobile devices don't come pre-installed with security software to protect against malicious programs, spyware and malware. In addition, users do not always install security software, in part because mobile devices are often pre-installed with security software. While such software may affect operations, if security software is not installed, an attacker can successfully distribute malware such as viruses, trojans, spyware, spam, and entice users to reveal passwords or other confidential information.
- The repair system may be obsolete.
Security patches or fixes for mobile device operating systems are not necessarily installed on mobile devices in a timely manner. It may take several weeks to a few months before the security update is provided to the user's device. Depending on the nature of the vulnerability, the patching process can be complicated and involves many people. But it is the device manufacturer that produces device-specific updates that will fix the bug, which may take time if the software that modifies the device is proprietary. Once the manufacturer produces an update, it is tested by each carrier and updated to the device that is transmitted to the consumer. However, operators can provide delayed updates because they need time to verify that they are interfering with devices or software installed in other ways.
In addition, mobile devices that are more than two years old may not receive security updates because they may no longer be supported by the manufacturer. Many manufacturers may stop supporting smartphone update patches after 12 months to 18 months.
- The software on mobile devices is not up to date.
Security patches for third-party applications are not always developed and released in a timely manner. In addition, third-party applications for mobile phones, including web browsers, generally do not inform users when updates are available. Just like the traditional web browser is rarely updated. With outdated software, an attacker can exploit the increased risk associated with these devices.
- Mobile devices usually do not restrict Internet connections.
Many mobile devices do not have a firewall to restrict connections. When a device is connected to a wide area network, it uses a communication port to connect to other devices and the Internet. A hacker can access a mobile device through an unfixed port. The firewall protects these ports and allows the user to select the mobile device to enter the network. Without a firewall, mobile devices can enter the network through an insecure communication port, and intruders may be able to obtain sensitive information from devices and abuse.
- Mobile devices may be subject to unauthorized modification.
Modified mobile devices to eliminate their limitations and allow consumers to add new features (called "jailbreaking") have changed the security management of the device and may increase security risks. Jailbreak allows the user to gain access to the device in order to allow the functionality and applications of the unauthorized software to be secured. While some users may jailbreak or eradicate security enhancements specifically installed on their mobile devices, such as firewalls, others may just be looking for a cheaper or simpler way to install the required applications. In the latter case, users face greater security risks because they are manufacturers that have established an approval process to bypass the application, in which malware may be inadvertently installed. In addition, jailbroken devices may not be notified of security updates, keeping up-to-date software and patching notifications from manufacturers and users.
Continued in Part 3