Silicon Shecky

Infosec Practitioner

Connect

Androids Biggest Weakness

By Leave a Comment

I have an Android phone, and I enjoy it. I don’t care for the iPhone. That being said, Apple has one huge advantage over Android.

The Android Smartphones are popular. The work well (for the most part), and are reliable (again for the most part). The open development community for apps has produced some great free applications, that you would have to pay for on iOS. There is a drawback to Android though, and it is something that by all rights should be more of a strength.

When you look into the world and history of Operating Systems, you see a bloody trail over security. Which OS is more secure, which one addresses security problems the fastest, etc. The Open Source community has always claimed that because more people can look at the code, patches can come out faster, and in the Desktop arena this definitely seems to be true. In the world of Smart Phones though, this “advantage” is lost.

The problem is not directly Android or Google, or the Open Source community. The problem is in Manufacturers, and even more so on the carriers. There is a process for patches and updates. Google writes an update, tests, sends to the manufacturer who tests, approves and then sends to the carrier. Android is so customizable, and on so many different manufacturer’s phones that this process has to happen for each model, each customized OS, and each carrier.

Now we are getting into a situation with this long protracted system of updates. Holes being found in the systems are there for months, possibly years before a patch gets pushed out. In this age of phone upgrades every 18 months, of more mobile applications for smart phones, more people banking and shopping off smart phones, and the upcoming Near Field Communications, updates for security need to happen a lot faster. The risk of more and more identity theft is growing, and the slowness of the pipeline is maddening.

Now add on that every manufacturer has been customizing the Android OS to try and differentiate itself from the others. How many more security issues can this raise. How many of the mods are creating security holes (we won’t go into other issues these mods cause)?

Yes, Apple has to go through the same sort of pipeline, but Apple has only piece of hardware (with different chips for GSM or CDMA) and just the carriers to deal with. Its a much shorter pipeline, and Apple can cut a carrier off from future iPhone releases if it wants to. Android needs to come up with something similar soon, especially with all the malware that has been coming out for the platform already.

Beware the Patent Trolls…

By Leave a Comment

So here we are, a society that considers itself civilized. A society that has tons of issues. A society that loves clogging up the court system with litigation. You get litigation if you buy coffee at McDonald’s and spill it on yourself, if you are a 4 year old who hit an older lady while riding your bicycle, and especially if you try to make anything in the technology field.

I look at the lawsuits being brought out recently. Apple Sues Motorola, Motorola sues Apple, Microsoft sues Motorola, some company that bought a software patent sues major websites, and so on, and so on. Heck I’m waiting to see who is going to sue whom over what next.

With all the big companies suing each other, its no wonder that you don’t have much technological advancement anymore. You get repackaged versions of older ideas that work better cause of faster processing power. No real innovation, and this is I feel is due to 2 things. Patent trolling, and lack of entrepreneurial spirit.

Seriously, who wants to try to build new things when you can just keep making money off what you already have, and who wants to try to start up a new company, when virtually every method of doing anything is patented, and thereby a potential death by litigation for a small company.

Now, don’t get me wrong. There is a good reason to have patents, just like copyrights. The issue is the length of time they last for. At some point you need to reduce that amount of time back to something more normal, just so that we can innovate and move forward.  Of course, that is just my opinion.