So security through obscurity isn’t going to work anymore with our ’smart’ phones. The more popular and ‘open’ the platform is, the more likely it is to be a target for hackers. But is the converse also true? Are more diverse and closed operating environments safer than general purpose platforms? Apparently not.
As highlighted by a fellow security blogger, it was only a matter of time before cell phones would be prone to botnets. Even with 3rd party code signing in this case, malware made it through the cloud and stole the phone subcriber’s information by posting to a web site. Even worse, people on the subscriber’s contact list could be spammed with SMS/text messages.
What does this mean for subscribers and carriers?
Advice to subcribers: Get that unlimited plan now!
Advice to carriers: It’s your cloud. Your problem. So THERE!
Carriers make money by selling services, not by selling security. Period. Expecting them to ‘do the right thing’ and protect their subscribers is wishful thinking (expect a future blog on my issues w/ the iphone/AT&T data plan….it’s KILLING me!). If this new breed of malware infects cell phones through a carrier network, causing a botnet of SMS/spam texts, the end users will only be annoyed, but the carriers will be livid. They’ll be losing money as these spam texts increase, due to unlimited texting plans.
So what options do the carriers have? They could deploy any number of anti-spam/anti-malware technologies in their own cloud infrastructure or they could provision the same using hosted security services from other vendors.
Nice. What consumer advocacy groups have tried to do for years now may only be realized due to the likely growth of SMS/text spam. Now if I could only figure out how to spin malware as a threat to the beaucoup $$ AT&T is making off of me with this iPhone/data plan.
ROTFL! 
{ 0 comments }
