It seems like there are a lot of smartphone security discussions hitting the news today. After all, you know security has become a major issue when the first story you see talks about malware hidden in "Angry Birds." I've never played the game so I can't talk about the allure of it, but a lot of people seem to play it, so malware hidden in the game could present a lot of problems for smartphone users.
Actually, an assistant professor from North Carolina State University found 10 applications in the Android Market to be infected with malware. According to InformationWeek, Xuxian Jiang named the malware "Plankton." InformationWeek reported:
Plankton is the first one that we are aware of that exploits Dalvik-class loading capability to stay stealthy and dynamically extend its own functionality," wrote Jiang. "Its stealthy design also explains why some earlier variants have been there for more than two months without being detected by current mobile anti-virus software.
This particular piece of malware was embedded in applications that promised to help users cheat their way through Rovio's popular Angry Birds game (Angry Birds itself was not infected).
The malware, apparently, collects data from the phone and launches root-kit exploits.
Moving on to the iPhone, this isn't a malware problem as it is a laziness-with-security problem. In another InformationWeek story, it was reported that iPhone users often use weak, easy-to-break passwords to unlock their phones. Apparently, the memory of the phone will be wiped clean with 10 wrong attempts of trying to unlock the phone and with a 4-digit code, that should be pretty hard to crack in under 10 tries. But the most popular passcode? 1234. How do we know this? According to the InformationWeek story:
Daniel Amitay has an app called Big Brother Camera Security that takes a picture of anyone using your iPhone 4, thanks to the front-mounted camera, without your permission. He recently updated the app to phone home with the PIN codes its users had chosen. He says it records the data anonymously. There is a nice little irony that the software installed to spy on unauthorized users is also spying on these who installed the software.
He collected 204,508 pin codes and has them graphically represented at his site. "1234" was the most common code used and chosen by 4.3% of users. The next biggest was "0000" picked by 2.6%. If you using one of those two, you aren't even trying. You might as well put the home's front door deadbolt lock on backwards so the handle is on the outside.
A little more than 10 percent of all iPhones use these passcode combinations, increasing the odds that if someone stole or found your phone, they'd have little trouble breaking into it.
And I'll end with a positive story about smartphone security. Lookout Mobile Security has added a safe-browsing feature. It checks Web links to make sure they don't lead to malicious sites.