security and smartphones by parker moore. the smartphone takeover half of mobile phone subscribers...
TRANSCRIPT
S
Security and Smartphones
By Parker Moore
The Smartphone Takeover
Half of mobile phone subscribers in the United States have a smartphone. An estimated 128 million
smartphones
Over 90% of these people are on Verizon, AT&T, Sprint, and T-Mobile.
Uses of Smartphones
Sending and Receiving emails
Money transactions
Entertainment
Social Networking
Location based navigation
Surfing the internet
The Two Contenders
iPhone A single line of phones,
single OS
Closed source operating system
“App store” for software downloads
Android Many different phones,
single OS
Open source operating system
“Android market” for software downloads
iPhone Security Measures
“Chain of trust” Boot ROM Low Level Bootloader “iBoot” runs the OS
kernel Apple Signed Code only
No Operating System Downgrading Prevents use of old
vulnerabilities
iPhone Security Measures
Third party applications run in a “Sandbox” Applications are designated a random
“home” directory Applications may not access another
applications data If an application does need to access outside of its
sandbox it must use a designated API.
iPhone Security Measures
AES encryption AES 256-bit keys fused into the application processor
during manufacturing AES crypto engine built into path between flash storage
and main memory
Passcodes 4 digit and arbitrary length Iteration count to slow down brute force Optional: wipe device after 10 failed passwords
Carriers and Privacy
Typically, smartphones are connected to the internet through a data plan arranged with a cellphone provider.
Carriers have too much information about the user As many as 1.3 million request for call information
made by law enforcement Potential for GPS tracking
Conclusion
Cell phones are a great innovation
In many cases, consumers must trust creators to be smart about security
Should still strive to keep personal information personal
Utilize extra security features available if necessary
Sources
Information: http://www.nytimes.com/2012/07/15/sunday-review/thats-not-my-phone-its-my-tracker.html?_r=0 http://source.android.com/tech/security/ http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf http://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=6&ved=0CIIBEBYwBQ&url=http%3A%2F%2Fmarketingland.com%2Fpew-and-nielsen-say-smartphones-now-50-percent-when-will-comscore-join-the-club-8979&ei=Sai-UK-PFpPU8wTT5YDoCA&usg=AFQjCNFSRmXIvPcIEmBf_YxYZqBeAIfD_g
Images: http://www.macworld.co.uk/macsoftware/news/?newsid=3360179 http://www.avocados.com.ua/ru-13316/eshop/15-1-Parrot-kvadrokopter/0/5/365-Parrot-A-R-Drone-2-0 http://telecominrwanda.blogspot.com/ http://www.ferra.ru/ru/soft/news/2012/06/06/Apple-iOS-Security-pdf/ http://www.trendbird.biz/entry/Trendbird-Smartphones-Have-Become-a-Digital-%E2%80%9CSwiss-
Army-Knife%E2%80%9