Security awareness for mobile apps

Smartphones are replacing traditional phones. These handheld devices offer users more than just the ability to make calls; smartphones such as the iPhone, Google Android, or Blackberry let owners browse the Internet, check email, and run applications. In many ways, the modern smartphone is a merger of the computer and the phone into one small pocket sized device delivering information to you anytime, anywhere. But what else is your smartphone up to? With all its similarities to the PC, smartphones also share one of the PCs less desired attributesmalware.

All three vendors, Google, Apple, and RIM maintain a directory of applications, or apps, allowing developers to publish applications to a directory for downloading. Some of those applications contained malicious code allowing phones to be converted into ÔÇ£zombiesÔÇØ for launching attacks or giving attackers access to data on smartphones such as contacts, emails, attachments, browsing history, or passwords. Some applications made calls to 900 numbers or premium texting services that you could be billed for. Both Google and Apple have identified and removed malicious apps from their directory and Google has implemented measures to remotely remove malicious apps from usersÔÇÖ phones. However, even this fact is disturbing because it demonstrates that Google has backdoor access to the Android phone. This system that today is used to remove malware, could one day be used to deploy it.

So you may be asking what you can do to protect yourself from smartphone malware. Here are some recommendations. First, download apps from trusted sites. The best controlled sites are those operated by Google, Apple, and RIM. These apps are reviewed prior to being added to their directory. It should be noted that Apple and RIM have a more stringent review process for apps published to their directory so Google Android users may have a little more difficulty finding malware free applications when using the directory. Directories are still not completely safe so users will need to exercise caution when downloading apps.

Second, you should be aware of the correct name of an application. If someone tells you to get the Facebook app, make sure you get the official application rather than Facebook Notifier or Facebook Express or some other variation. Next, make sure the spelling of the application is correct. Malicious apps masquerade as legitimate apps with a similar name. If you misspell Facebook as Facebok, an application may be available with that name but it is probably that the application in the form of malware.

Third, do not hack your phone or operating system. Many users are tempted to hack their phone by applying unauthorized firmware versions or making software modifications so that their phones will perform actions not intended by the manufacturer. Such modifications can disable vital security features of the device allowing malware to infect the machine or applications to perform unwanted actions on your phone.

Lastly, consider using anti-malware applications on your phone if you run lots of apps. iPhone users may have difficulty locating an anti-malware app for the iPhone because the iPhone OS does not allow applications to run in the background. Apple claims anti-malware applications are not needed in their operating system because of this and because all applications run in a sandbox where they are prohibited from interacting with other apps or with the system directly. However, similar techniques have been used with standard computer operating systems and such techniques have been circumvented.

To sum it up and answer the question posed at the beginning, ÔÇ£does one bad app spoil the bunch?ÔÇØ, use your smartphone with caution. Download only the apps you need and download them from a trusted source. If you utilize many applications, consider anti-malware software for your phone and do not hack your smartphone because doing so may disable security features of the phone. The threat of malicious apps on smartphones is real but you can go a long way in protecting yourself by following these guidelines.

For more information

Google purges tainted apps from Android phones

5 ways to protect your Android phone from malware

Antivirus for Smartphones?