Android vs iOS vs BlackBerry: Which is the most secure holiday gift?
转 http://www.csoonline.com/article/696493/android-vs-ios-vs-blackberry-which-is-the-most-secure-holiday-gift-?page=3
Which smartphone and tablet OS provides the best security? Steve Hunt and the Neohapsis team provide a guide for holiday gift-givers (or any gadget lover).
By Steve Hunt and Neohapsis
November 05, 2012 — CSO —
As the holiday season approaches, smartphones and tablets are some of the most in-demand items for anyone with even a hint of gadget love in their DNA. Coverage of these exciting new tools is full of hype about new features (SIRI) and also new fears (Carrier IQ).
With the sheer volume of marketing and fear being thrown around—eclipsing even the number of holiday songs on the radio—it can be hard for even well-informed users to discern meaning from marketing when it comes to security on mobile devices.
[Also see 5 questions to ask about tablet security | Creating a smart mobile device security policy]
It's a bit like gifting a car: The right choice can greatly improve the recipient's life, while a bad choice could leave them with problems for years to come. This guide is to help you with the security side of the decision, to enable you to take it into account and make the right choices for that special someone (or special self!)
Neohapsis Labs (an independent security think tank based in Chicago) has looked into the general security issues and distilled them down to this short guide (a more detailed report will be released early next year). While there are many available choices of device, the main security decision is what platform to get. There are some main contenders at present (iOS, Android, Blackberry) and a few aspiring players (e.g. Windows Phone, Meego, WebOS, Bada). We are not covering Symbian due to Nokia's recent decision to move to windows phone 7 in 2012. We will focus on the differences between the platforms and not go into any cross-platform issues such as widespread use of mobile analytics packages to track users for advertising purposes.
Android
Google's Android operating system is the most widely deployed platform on tablets and smartphones at present, with a large number of vendors providing their own customized versions. Integrating smoothly with many Google services, Android is rapidly evolving with the latest version (the very well reviewed Ice Cream Sandwich) offering a slew of new features.
Unfortunately, when it comes to security, Android still has a long way to go. The large delay in releasing fixes for security issues is problematic as it requires a different release for each carrier, manufacturer and model. As a result, many Android devices are stuck using old and insecure versions of the operating system.
When it comes to applications, the primary source of applications is the Android Market, which contains tens of thousands of applications, most of them free. These applications are uploaded by developers and go through no review before being published, allowing fast turnaround, but leaving the door open for malicious apps to linger until Google hits the remote kill switch to remove them from devices (as has happened numerous times). Alternatively, curated markets such as the Amazon Appstore show promise for preventing malicious apps getting in—however they also have drawn complaints for the slow rollout of application updates.
Because it uses a very flexible model for applications, Android apps can do things that cannot be done on the other platforms. A user is notified what an application will be allowed to do at install time, and can choose to install it or not. Once installed, third party apps can (if authorized at install time) read and send messages, make and receive calls, access the internet and turn the microphone or camera on and off.
Android vs iOS vs BlackBerry: Which is the most secure holiday gift?
Which smartphone and tablet OS provides the best security? Steve Hunt and the Neohapsis team provide a guide for holiday gift-givers (or any gadget lover).
By Steve Hunt and Neohapsis
Because users are not very good at either reading or understanding the implications of these permissions, Android applications have been caught sending and receiving premium rate calls and messages, recording users keystrokes or sounds, tracking user locations, or even containing botnet-style malware as might be found on a desktop machine. There are quite a few third party solutions available that purport to secure your device, but their effectiveness is in many cases under question.
The flexibility of Android makes it a great choice for a highly capable user, but it can require quite a bit of knowledge to keep secure in the long run—often this will require that users root the device and install their own custom updates directly if the carrier does not provide them. Clearly not for the technical novice!
Blackberry
While Android is taking the biggest bite out of the consumer market, Blackberry has been very much the jewel of the business world. With its users being likened to drug addicts for their dependence upon the device, RIM's Blackbery devices have earned the designation Crackberry. Even President Obama couldn't part with his device, reportedly much to the irritation of the Secret Service and delight of Research in Motion.
Security and control are some of the main selling points of Blackberry, with the ability to completely encrypt data, tightly control what is done with the device, restrict what individual applications can and cannot do, require tunneling of any and all internet traffic through the company's servers, control apps and much more. The downside is that this control comes at a cost, and the ease of management to keep your device secure can be time consuming for a non-enterprise user.
[Also read Al Sacco's Mobile predictions for 2012: Security, payments, Windows phone and more on cio.com]
Blackberry App World, the source for third party applications, offers a degree of review over all submissions. However, source code is not reviewed by RIM, and only so much can be understood of application behavior. While Blackberry hasn't been targeted by nearly the same amount of spyware or malware as Android, there have been instances of nefarious applications and spyware-trojaned carrier updates.
The ability to lock down and secure Blackberry devices is definitely a plus, but because much of it was designed with enterprises in mind it can get a bit complex for a standard user unless they are careful. The release of more consumer oriented devices based upon Blackberry 10 shows promise, but as it is unreleased at present, this one should stay on hold for individual users for now.
IOS (iPhone / iPad / iPod Touch)
In a market where the market leader is represented by a green robot, and the trailer (Blackberry) is likened to a notoriously addictive drug, the company with second-place market share has a level of customer loyalty and satisfaction often described as a cult. (All of which gives you some idea about how seriously people take these devices!) We are, of course, talking about Apple's iOS, the platform where it seems every new addition will sell more than the predecessor no matter what they do.
iOS is a slower-moving and far more tightly controlled platform than Android, with features designed to give a consistent, fluid, and controlled experience. As a result, the platform is great for doing things within Apple's designs, but beyond that it is by design inflexible. Because of the level of control Apple exerts over iOS, users cannot patch vulnerabilities until Apple releases an update - which in sometimes takes months and in many cases older devices are not compatible with the updates and so are never patched.
[See a security-approved smartphone!]
For applications there is the Apple app store, which Apple can be quite restrictive over. There have been many reported instances of applications being rejected for mysterious/unknown reasons, most famously Google's voice app in 2009. Because applications are all granted the ability to do everything allowed (with the exceptions of some things such as notifications and reading location) there are no complex permissions for users to keep track of and manage. While there has been at least one instance of a malicious app getting into the App Store, the most notable example was only a researcher's proof of concept.
Also of note though is the parallel ecosystem surrounding Jailbroken (where users have forcibly removed Apple's software protections) Apple devices. Jailbreaking gives users the ability to give devices new features, protect themselves from issues which Apple has not yet fixed, and install unapproved (or pirated) applications. At the same time, however, the removal of these protections potentially leaves users more vulnerable from a security perspective, as happened with the ikee worm in 2008.
iOS devices are a good balance when it comes to security, but this does come at a cost of flexibility that more experienced smartphone/tablet users may not like.
Windows Phone 7 and Other Aspirants
There are numerous other potential contenders in the smartphone space, most notably Microsoft's Windows Phone 7, but also including the Linux Foundation's Meego and Samsung's Bada. Symbian (formerly pushed by Nokia) and WebOS (formerly from HP) may in future rise or reappear as contenders, but at this stage they have both been dropped by their main proponents and open-sourced and so we will wait and see.
The other platforms all have their own pluses and minuses when it comes to security, and they seem to have learned from the experiences of the big players. However, they also all have much smaller market shares so we will not discuss them here. In particular we will be keeping a close eye on Windows Phone 7 as the relationship between Microsoft (big software) and Nokia (big hardware) may provide some interesting results for enterprise consideration.
Conclusions
So, which platform should you buy from a security standpoint? For most users the answer will be iOS, but for the technically experienced Android can work if they are careful. However, if a user is willing to jailbreak they can get many of Android's benefits anyway. Blackberry may be a good choice from a security standpoint, but generally those who want a consumer device will prefer the others for non-security reasons. Windows Phone and the other platforms may be good in future, but at present there probably has not been enough exposure to make this risk a good long term bet, especially after what happened to the touchpad.
In short, our recommendation for each type of phone user:
Non-technical person: iOS (iPhone/iPad/iPod touch)
Techie: iOS/Android
Business user: Blackberry / iOS (but check what the company standard is first)
Note: Others have reached similar conclusions on these points; for instance see http://www.symantec.com/content/en/us/about/media/pdfs/symc_mobile_device_security_june2011.pdf
Security industry veteran Steve Hunt is CTO of Neohapsis Labs.
Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.
FREE DOWNLOADS: CSO Ultimate Guides
- Business Continuity and Disaster Recovery Executive Guide
- Social Engineering - Methods and Prevention
- Intellectual Property Protection
转载于:https://www.cnblogs.com/xun99/archive/2013/01/20/2868575.html
Android vs iOS vs BlackBerry: Which is the most secure holiday gift?相关推荐
- BlackBerry Live 2013最大亮点:BBM今夏将登陆Android和iOS平台在今晚举办的“BlackBerry Live 2013”发布会上,黑莓除了推出新款BB10手机Q5外, 黑莓
在今晚举办的"BlackBerry Live 2013"发布会上,黑莓除了推出新款BB10手机Q5外, 黑莓CEO Thorsten Heins在发布会末尾宣布了一个振奋人心的消息 ...
- Mac下配置cocos2d-x开发环境(android和ios)
一.下载cocos2d-x http://cocos2d-x.org/projects/cocos2d-x/wiki/Download cocos2d-x-2.1.4.zip @ June.18, 2 ...
- cocos2d-x系列 Mac下配置cocos2d-x开发环境(android和ios)
一.下载cocos2d-x http://cocos2d-x.org/projects/cocos2d-x/wiki/Download cocos2d-x-2.1.4.zip @ June.18, 2 ...
- 化解Android 和iOS“恩怨”的Flutter ,凭的是什么?
移动研发由来已久,从早期的 J2ME 开始,到后来居上的 Windows Mobile . Symbian ,小众却各领风骚的 BREW . Palm . BlackBerry ,以及当前几乎平分市场 ...
- Fruit Ninja(水果忍者)游戏源代码下载、分析(中)---可运行Android,Ios,Window,Mac,Html5平台
背景: 上一篇,已经实现了水果不断向上抛的效果和开始界面,这一篇我们将分析如何切水果,获得分数:运行demo需要配置好CocosEditor,暂不支持其他工具.demo是跨平台的,可移植运行andro ...
- MUI+H5plus+HBuilder开发app(android,ios)介绍
前言 现在介绍一款只需要懂html+css+js就能开发app的框架,不需要懂原生语言,完全只需要前端web工程师就能独立开发出android和ios的应用,且一套代码搞定,效率很高.(其实更省事可以 ...
- Fruit Ninja(水果忍者)游戏源代码下载、分析(上)---可运行Android,Ios,Window,Mac,Html5平台
背景: 本来打算下一个游戏是涂鸦跳跃的,因为图片资源没准备好,暂时往后推迟.刚好笔者手头上有部分水果忍者的游戏素材,于是上周末花了一些时间把水果忍者实现了:以前读大学的时候这款游戏就风靡大街小巷,记得 ...
- ios android安全性分析,Android与iOS的对比分析及Android安全技术的设计与实现
摘要: 近年来科技的发展和进步极大的推动了智能手机的飞速发展,手机功能的日益强大使人们对其依赖度显著上升.作为与人们生活密不可分通讯工具,手机安全的重要性不言而喻.现如今,随着手机网络的迅猛发展和形形 ...
- Android和iOS那个好?
Android和iOS那个好? 应该先往哪个上面投入资源? 多次被人问到此类问题,笔者刚好自己的项目也需要考虑iOS版本.就索性进行了一番调研,于是有了本文(本次不讨论越狱的iOS) 首先 ...
- 百度android 测试平台,集成百度活体检测(Android、iOS)
更新记录 1.1.0(2020-06-18) 插件增加iOS版本 1.0.2(2020-06-08) 优化插件打包无法使用的问题 插件调用方法添加sound字段,表示是否开启声音,true为开启,默认 ...
最新文章
- android9多了什么功能,Android 9.0 都增加了什么功能?
- 移动端整屏滑动的实现
- 文件用户如何将一个有界面的正常app和一个或多个越狱插件.deb同时安装到手机上...
- React Native之通过createStackNavigator实现携带参数的页面与页面之间的跳转
- 编写脚本电脑怎么编写界面_在任何无法理解的情况下,请编写脚本
- 【学习笔记】数据链路层——信道划分访问控制(FDM、TDM、STDM、WDM、CDM CDMA)
- [Unity] Perfab 和 Scene 中显示的物体局部坐标系的原点不是实际原点
- 强跟踪卡尔曼滤波STF估算车辆质量——matab simulink仿真
- linux上apache目录在哪,Linux下Apache目录明细
- 安卓手机管理器_神器推荐,安卓手机拯救者来了!!!
- python3语法学习第四天--序列
- paip.支付宝即时到账接口改双功能接口.txt
- 计算机原理专科试卷带答案,计算机组成原理专科生期末试卷一
- iOS之HealthKit使用
- Chrome谷歌浏览器Flash Player被屏蔽如何解决
- Linux部署单体架构,从单体式架构迁移到微服务架构:三个策略叙述
- qq留言板html代码,qq主人寄语代码_QQ留言板主人寄语
- redis—redis概述
- 利用scp 在linux之间传输文件
- Python网络数据爬取及分析-智联招聘
热门文章
- lbe android,LBE安全大师极速版
- C语言求字符串并集,怎样用c语言写求集合的交集,并集,补集”这个程序?
- python爬虫百度翻译997_python爬取百度翻译返回:{'error': 997, 'from': 'zh', 'to': 'en', ......
- 数字孪生应用白皮书_工信部发布数字孪生应用白皮书:特斯联入选智慧城市建设标杆案例...
- cpp map 获取所有 key_微信小程序获取地理位置和地名的方法
- Linux进阶之Jenkins持续集成介绍及安装演示
- shell应用之简单计算器
- 【luogu P2831 愤怒的小鸟】 题解
- java中 CopyOnWriteArrayList 的使用
- 白话文阐述openTSDB