When cryptographers looked at iOS and Android security, they weren’t happy | #android | #security


For years, the US government begged Apple executives to create a backdoor for law enforcement. Apple publicly resisted, arguing that any such move for law enforcement would quickly become a backdoor for cyberthieves and cyberterrorists.

Good security protects us all, the argument went.

More recently, though, the feds have stopped asking for a workaround to get through Apple security. Why? It turns out that they were able to break through on their own. iOS security, along with Android security, is simply not as strong as Apple and Google suggested.

A cryptography team at John Hopkins University just published a frighteningly detailed report on both of the major mobile operating systems. Bottom line: Both have excellent security, but they do not extend it far enough. Anyone who really wants to get in can do so — with the right tools.

For CIOs and CISOs, that reality means all of those ultra-sensitive discussions happening on employee phones (whether company-owned or BYOD) could be easy pickings for any corporate spy or data thief.

Time to drill into the particulars. Let’s start with Apple’s iOS and the Hopkins researchers’ take.

Copyright © 2021 IDG Communications, Inc.





Original Source link

Leave a Reply

Your email address will not be published.

80 + = eighty four