http://www.darkreading.com/security-services/167801101/security/security-management/240004217/darpa-funded-service-seeks-flaws-in-smartphones.html By Robert Lemos Contributing Writer Dark Reading July 24, 2012 Beset by malware and malicious attackers, developers in the personal-computer world have found ways to reduce the time between the release of a patch and the installation of the fix on vulnerable systems. With Android smartphones and tablets, however, long delays between the release of a fix and the installation of the patch regularly leave devices open to attack. About two-third of all Android smartphones, for example, are using Android version 2.3, codenamed "Gingerbread," a major update released more than a year and a half ago, according to the Android developers' dashboard. Since then, two major revisions -- not including the tablet-focused "Honeycomb" -- have been released to add features and fix security issues. Companies and consumers need a way to get smartphone manufacturers and wireless carriers to fix and deploy security issues faster, says Jon Oberheide, chief technology officer for start-up Duo Security. For businesses, the situation is particularly worrisome as most firm have had to deal with workers bringing a host of mobile devices inside the corporate firewall. "It's not like patches for the vulnerabilities don't exist," Oberheide says. "In many cases, they've been around for 6 months to a year, but they just have not been rolled out." [...] -- Learn how to be a Pen Tester, CISSP, ISSMP, or ISSAP with Expanding Security online. Come to a free class and see how good and fun the program really is. http://www.expandingsecurity.com/PainPillReceived on Tue Jul 24 2012 - 02:03:16 PDT
This archive was generated by hypermail 2.2.0 : Tue Jul 24 2012 - 02:30:20 PDT