Slashdot Mirror

← Back to Stories (view on slashdot.org)

Making Carriers Shoulder Smartphone Security

Posted by timothy on from the wait-for-per-byte-malware-removal-fee dept.

alphadogg writes "Georgia Tech researchers have received a $450,000 NSF grant to boost security of iPhones, BlackBerries and other smartphones and the wireless networks on which they run. And it's those networks where the researchers are really zeroing in. The researchers are looking into ways wireless carriers such as AT&T and Verizon can detect malware on devices and clean up the devices before they do further damage. 'While a single user might realize that a phone is behaving differently, that person probably won't know why,' says Patrick Traynor, assistant professor at Georgia Tech’s School of Computer Science. 'But a cell phone provider may see a thousand devices behaving in the same way and have the ability to do something about it.' Georgia Tech is going to build out a cellular network test bed to try out its remote repair techniques."

3 of 57 comments (clear)

  1. Anyone else have a bad feeling about this? by rolfwind · · Score: 5, Insightful

    The researchers are looking into ways wireless carriers such as AT&T and Verizon can detect malware on devices and clean up the devices before they do further damage.

    Last time a company had access to the contents of a device (Amazon -> Kindle), they caused a really big uproar.

  2. Oh great by the_Bionic_lemming · · Score: 5, Interesting

    So they are going to deploy the ability to remotely update the users device. Because the bad guys will never figure out how the company does it. I can see it now. An entire carriers smart cell line bricked by a remote exploit that updates phones.

    --
    _ _ _ Go for the eyes Boo! GO FOR THE EYES!
  3. Bitpipe by BodeNGE · · Score: 5, Insightful
    Wireless Internet Providers are just that, ISP's. They should have the same level of monitoring and control of the sites I surf and the applications I run as a terrestrial ISP, ie NONE. I can see that they would welcome this move, it helps them disguise the fact that they have become dumb bitpipes and are losing money on value added services.

    In the corporate space however there are device management solutions available for Windows Mobile, Blackberry and Symbian that have seldom been rolled out at carrier level. These can lock down devices so that malware cannot be installed, and unauthorized applications removed. I cannot see that working as a consumer proposition, it really doesn't work well at the corporate level either. importantly these solutions are all at the IP layer (dumb bitpipe) and don't care how the device connects to the management server. ActiveSync, WiFi, cellular connection (and yes, via SMS too) will all trigger a wiped device or an app uninstall.

    Nothing to do with telcos. Move along.