what would be the answer if i ask this question.,which is the most leading device of electronics in usage across the world , the answer that i expecting is MOBILE devices (the smart phones) , the users of these devices are exponentially increasing day by day, of course mobile device vendors are releasing their devices with awesome features according to users flexibility , its a great revolution in electronics . these mobile device became as a part of humans life
Smartphones, or mobile phones with advanced capabilities like those of personal computers (PCs), are appearing in more people’s pockets, purses, and briefcases. Smartphones’ popularity and relatively lax security have made them attractive targets for attackers. According to a report published earlier this year, smartphones recently outsold PCs for the first time, and attackers have been exploiting this expanding market by using old techniques along with new ones. One example is this year’s Valentine’s Day attack, in which attackers distributed a mobile picture-sharing application that secretly sent premium-rate text messages from the user’s mobile phone. One study found that, from 2009 to 2010, the number of new vulnerabilities in mobile operating systems jumped 42 percent. The number and sophistication of attacks on mobile phones is increasing, and countermeasures are slow to catch up.
Smartphones and personal digital assistants (PDAs) give users mobile access to email, the internet, GPS navigation, and many other applications. However, smartphone security has not kept pace with traditional computer security. Technical security measures, such as firewalls, antivirus, and encryption, are uncommon on mobile phones, and mobile phone operating systems are not updated as frequently as those on personal computers.3 Mobile social networking applications sometimes lack the detailed privacy controls of their PC counterparts.
Unfortunately, many smartphone users do not recognize these security shortcomings. Many users fail to enable the security software that comes with their phones, and they believe that surfing the internet on their phones is as safe as or safer than surfing on their computers.mobile phones are becoming more and more valuable as targets for attack. People are using smartphones for an increasing number of activities and often store sensitive data, such as email, calendars, contact information, and passwords, on the devices
• Perhaps most simply, the very portability of mobile phones and PDAs makes them easy to steal. The owner of a stolen phone could lose all the data stored on it, from personal identifiers to financial and corporate data. Worse, a sophisticated attacker with enough time can defeat most security features of mobile phones and gain access to any information they store.
• Many seemingly legitimate software applications, or apps, are malicious.Anyone can develop apps for some of the most popular mobile operating systems, and mobile service providers may offer third
-party apps with little or no evaluation of their safety. Sources that are not affiliated with mobile service providers may also offer unregulated apps that access locked phone capabilities. Some users “root” or “jailbreak” their devices, bypassing operating system lockout features to install these apps.
• Even legitimate smartphone software can be exploited. Mobile phone software and network services have vulnerabilities, just like their PC counterparts do. For years, attackers have exploited mobile phone software to eavesdrop, crash phone software, or conduct other attacks.A user may trigger such an attack through some explicit action, such as clicking a maliciously designed link that exploits a vulnerability in a web browser. A user may also be exposed to attack passively, however, simply by using a device that has a vulnerable application or network service running in the background.
• Phishing attacks use electronic communications to trick users into installing malicious software or giving away sensitive information. Email phishing is a common attack on PCs, and it is just as dangerous on email-enabled mobile phones. Mobile phone users are also vulnerable to phishing voice calls (“vishing”) and SMS/MMS messages (“smishing”).These attacks target feature phones (mobile phones without advanced data and wireless capabilities) as well as smartphones, and they sometimes try to trick usersinto receiving fraudulent charges on their mobile phone bill. Phishers often increase their attacks after major current events, crafting their communications to look like news stories or solicitations for charitable donations.
Smartphones, or mobile phones with advanced capabilities like those of personal computers (PCs), are appearing in more people’s pockets, purses, and briefcases. Smartphones’ popularity and relatively lax security have made them attractive targets for attackers. According to a report published earlier this year, smartphones recently outsold PCs for the first time, and attackers have been exploiting this expanding market by using old techniques along with new ones. One example is this year’s Valentine’s Day attack, in which attackers distributed a mobile picture-sharing application that secretly sent premium-rate text messages from the user’s mobile phone. One study found that, from 2009 to 2010, the number of new vulnerabilities in mobile operating systems jumped 42 percent. The number and sophistication of attacks on mobile phones is increasing, and countermeasures are slow to catch up.
Smartphones and personal digital assistants (PDAs) give users mobile access to email, the internet, GPS navigation, and many other applications. However, smartphone security has not kept pace with traditional computer security. Technical security measures, such as firewalls, antivirus, and encryption, are uncommon on mobile phones, and mobile phone operating systems are not updated as frequently as those on personal computers.3 Mobile social networking applications sometimes lack the detailed privacy controls of their PC counterparts.
Unfortunately, many smartphone users do not recognize these security shortcomings. Many users fail to enable the security software that comes with their phones, and they believe that surfing the internet on their phones is as safe as or safer than surfing on their computers.mobile phones are becoming more and more valuable as targets for attack. People are using smartphones for an increasing number of activities and often store sensitive data, such as email, calendars, contact information, and passwords, on the devices
TYPICAL MOBILE DEVICE ATTACKS
• Perhaps most simply, the very portability of mobile phones and PDAs makes them easy to steal. The owner of a stolen phone could lose all the data stored on it, from personal identifiers to financial and corporate data. Worse, a sophisticated attacker with enough time can defeat most security features of mobile phones and gain access to any information they store.
• Many seemingly legitimate software applications, or apps, are malicious.Anyone can develop apps for some of the most popular mobile operating systems, and mobile service providers may offer third
-party apps with little or no evaluation of their safety. Sources that are not affiliated with mobile service providers may also offer unregulated apps that access locked phone capabilities. Some users “root” or “jailbreak” their devices, bypassing operating system lockout features to install these apps.
• Even legitimate smartphone software can be exploited. Mobile phone software and network services have vulnerabilities, just like their PC counterparts do. For years, attackers have exploited mobile phone software to eavesdrop, crash phone software, or conduct other attacks.A user may trigger such an attack through some explicit action, such as clicking a maliciously designed link that exploits a vulnerability in a web browser. A user may also be exposed to attack passively, however, simply by using a device that has a vulnerable application or network service running in the background.
• Phishing attacks use electronic communications to trick users into installing malicious software or giving away sensitive information. Email phishing is a common attack on PCs, and it is just as dangerous on email-enabled mobile phones. Mobile phone users are also vulnerable to phishing voice calls (“vishing”) and SMS/MMS messages (“smishing”).These attacks target feature phones (mobile phones without advanced data and wireless capabilities) as well as smartphones, and they sometimes try to trick usersinto receiving fraudulent charges on their mobile phone bill. Phishers often increase their attacks after major current events, crafting their communications to look like news stories or solicitations for charitable donations.
Steps to Protect Your Mobile Phone
• When choosing a mobile phone, consider its security features. Ask the service provider if the device offers file encryption, the ability for the provider to find and wipe the device remotely, the ability to delete known malicious apps remotely, and authentication features such as device access passwords. If you back up your phone data to a PC, look for an option to encrypt the backup. If you plan to use the device for VPN access, as some users do to access work networks, ask the provider if the device supports certificate-based authentication.
• Configure the device to be more secure. Many smartphones have a password feature that locks the device until the correct PIN or password is entered. Enable this feature, and choose a reasonably complex password. Enable encryption, remote wipe capabilities, and antivirus software if available.
• Configure web accounts to use secure connections. Accounts for certain websites can be configured to use secure, encrypted connections (look for “HTTPS” or “SSL” in account options pages). Enabling this feature deters attackers from eavesdropping on web sessions. Many popular mail and social networking sites include this option.
• Do not follow links sent in suspicious email or text messages. Such links may lead to malicious websites.
• Limit exposure of your mobile phone number. Think carefully before posting your mobile phone number to a public website. Attackers can use software to collect mobile phone numbers from the web and then use those numbers to target attacks.
• Carefully consider what information you want stored on the device. Remember that with enough time, sophistication, and access to the device, any attacker could obtain your stored information.
• Be choosy when selecting and installing apps. Do a little research on apps before installing them. Check what permissions the app requires. If the permissions seem beyond what the app should require, do not install the app; it could be a Trojan horse, carrying malicious code in an attractive package.
• Maintain physical control of the device, especially in public or semi-public places. The portability of mobile phones makes them easy to lose or steal.
• Disable interfaces that are not currently in use, such as Bluetooth, infrared, or Wi-Fi. Attackers can exploit vulnerabilities in software that use these interfaces.
• Set Bluetooth-enabled devices to non-discoverable. When in discoverable mode, your Bluetooth-enabled devices are visible to other nearby devices, which may alert an attacker or infected device to target you. When in non-discoverable mode, your Bluetooth-enabled devices are invisible to other unauthenticated devices.
• Avoid joining unknown Wi-Fi networks and using public Wi-Fi hotspots. Attackers can create phony Wi-Fi hotspots designed to attack mobile phones and may patrol public Wi-Fi networks for unsecured devices. Also, enable encryption on your home Wi-Fi network.
• Delete all information stored in a device prior to discarding it. Check the website of the device’s manufacturer for information about securely deleting data. Your mobile phone provider may also have useful information on securely wiping your device.
• Be careful when using social networking applications. These apps may reveal more personal information than intended, and to unintended parties. Be especially careful when using services that track your location.
• Do not “root” or “jailbreak” the device. Third-party device firmware, which is sometimes used to get access to device features that are locked by default, can contain malicious code or unintentional security vulnerabilities. Altering the firmware could also prevent the device from receiving future operating system updates, which often contain valuable security updates and other feature upgrades.
