A security firm has released a new report that highlights the 'dirty dozen', the 12most vulnerable, and popular, smartphones.
Bit9 published a research report that illuminates which smartphones carry the most security and privacy risks to users. All 12 smartphones determined to be the weakest in terms of security run Android.
Perhaps this is not all that surprising. Recent statistics have indicated mobile malware is on the rise and Android is seeing the most infections.
According to a press release, the report highlights the following smartphones as being the least security and privacy friendly:
1. Samsung Galaxy Mini
2. HTC Desire
3. Sony Ericsson Xperia X10
4. Sanyo Zio
5. HTC Wildfire
6. Samsung Epic 4G
7. LG Optimus S
8. Samsung Galaxy S
9. Motorola Droid X
10. LG Optimus One
11. Motorola Droid 2
12. HTC Evo 4G
The Apple iPhone 4 (and older models) comes in at "honorary mention" number 13, according to Bit9. Criteria used to create the list were the smartphone's market share, what outdated and insecure software was running on the model, and how long it took for the phone to receive updates.
Part of the problem is associated with the fact that 56 percent of the Android smartphones on the market are running on out-of-date versions of the Android OS, opening up security holes. Bit9 said they found in their study smartphone manufacturers were not loading new phones with the most upgraded versions, but launching phones with "outdated software out of the box", as phone-makers move on to newer products without ensuring their current models are running the most secure versions of released software.
As the market for mobile continues to experience rapid growth, society is rapidly becoming a mobile one with both consumers and businesses relying on their smartphones to stay connected.
Bit9's press release said, "Smartphones are the new laptop and represent the fastest emerging threat vector,” said Harry Sverdlove, CTO of Bit9.
“In our bring-your-own-device work culture, people are using their smartphones for both personal and business use, and attacks on these devices are on the rise. This dynamic is changing the way corporations think about protecting their confidential data and intellectual property. This is the new security frontier.”
In Android's case, the system of updating is too fragmented. Currently the system in place for expectations to update Android phones is laid at the feet of individual hardware vendors and their various carriers.
Sverdlove said, "It's like buying a PC from Dell and expecting Dell and Comcast to be responsible for your Windows updates."
Statistically smartphone users are not using their devices for traditional phone use, but rather as a computing device. It is becoming evident mobile gadgets need to be secured, not unlike traditional computers need continuous software patches and updates. Due to the increased exchange of sensitive information, security in mobile is likely to only become more prominent as time goes on.
PC World reported Sverdlove said in an interview, "The challenge isn't so much to create perfect software, but to know the vulnerabilities and, more importantly, to be able to update the software, to be able to respond to them quickly."