An unhackable phone? Could it be True?

The mobile security market is taking flight due to high-profile hackings, but is there such a thing as an unhackable phone? Especially one that costs as much as $14,000?

Consider this: The smartphone in your pocket is 10 times more powerful than the fastest multi-million dollar supercomputers of just 20 years ago. There are tens of millions of lines of software in that phone of yours. There are hundreds of apps written by more than one million developers, some of whom are hackers, and some of whom are just incompetent at security. And then there are chips in your phone that run sophisticated software, from companies located in countries all around the world, all of which have security bugs.

The complexity is mind-boggling — and so are all the security vulnerabilities that exist and will be found in the future.

In short, anyone who claims to sell an “unhackable phone” is either ignorant or lying.

Despite the marketing hype, it is impossible to detect all malicious app behavior through a one-time scan of an app before it’s published on an app store. Bad apps often exploit operating system vulnerabilities that have not been discovered or fixed by the mobile device vendor.

You can be assured that every mobile device has 10-50 security vulnerabilities that will be discovered in the next month. And the month after that. And so on.

Of interest is that about half of the discovered vulnerabilities were not in the phone’s operating system itself, but instead were found in the operating systems and software that run the chips inside the device. These tiny bits of software, called firmware, contain dozens of security bugs, which are discovered every month. These firmware security vulnerabilities impact the software that operates cell phone modems, cameras, Wi-Fi, sound, displays, USB, Bluetooth, power drivers and more on each device. These components are from a variety of manufacturers around the world. It is simply impossible to ensure that these myriad components are secure.

Consumers need to be vigilant before downloading apps (read and confirm permissions are in place), be wary of text messages from unknown sources and only join known and trusted Wi-Fi networks.

And hang up on the hype of an “unhackable phone.”

 

Courtesy of TechCrunch