IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [mobile]

Security in mobile devices. Issues concerning regular cellphones, smartphones, tablet computers and other portable information devices all fit into this category. If your question is specific to one of the following, use it instead: [phone], [smartphone], [iphone], [ios], [windows-phone], [android].

Security in mobile devices - smartphones, netbooks, laptops, blackberries and other computing or communication devices not typically classified as desktop or server.

The rise of mobile devices brings novel risks: the traditional view of a company's computers being inside some privileged boundary with everyone else being outside the same perimeter can no longer be applied. Questions relating to understanding the threat model of mobile devices, configuring security features of particular mobile platforms and addressing mobile-specific security issues all belong in the tag.

Related Tags

This tag is a super-category of: , , , ,

and related to:

1065 questions
9
votes
4 answers

Is Remotely wiping a cell phone really a valid defense?

In this month's issue of the SANS Institutes "Securing the Human" newsletter, the topic was lost and stolen cell phones. In the section on what to do if your cell phone is lost or stolen, it included this: If you installed tracking software on…
David Stratton
  • 2,686
  • 3
  • 23
  • 37
8
votes
1 answer

How are alternative operating systems even possible to load on a mobile device?

The whole idea of a signed boot image is to prevent replacing the boot image with something customized or malicious. However, the entire process seems to be reliant on a single point of failure: the verification of the image signature. The boot…
logicalscope
  • 6,374
  • 3
  • 27
  • 39
6
votes
1 answer

Security Implications of Private/Corporate APNs

I'm interested in what (if any) the practical security implications of a company making use of a Private APN are as opposed to using a standard network provided APN and VPN connection back to the main corporate network. On the face of there's some…
Rory McCune
  • 62,266
  • 14
  • 146
  • 222
6
votes
1 answer

What hardware do I need to monitor mobile traffic?

What kind of hardware would I need to monitor data sent between a mobile handset and a base-station?
jsj
  • 161
  • 2
6
votes
2 answers

Pokémon GO APK file contains malware

In some countries, the game isn't launched officially yet, but this is getting vastly popular as people are downloading from links containing APK files. I suspect that it is possible that the file contains malwares. How to check for it? What…
one
  • 1,821
  • 3
  • 22
  • 47
5
votes
2 answers

Spoofing USSD messages

I'm looking into USSD messages for a project I'm currently working upon and hoping someone can shed some light into spoofing. Firstly, I know it should be possible if you have the relevant information (correct IMSIs and global titles etc.) and…
SomethingSmithe
  • 452
  • 3
  • 13
5
votes
2 answers

MobileIron Access, clarification needed

Running Android 6.0 Got a reminder to update Mobile Iron 9.1.0.1. According to description it Mobile Iron has access to SMS, Browsing History etc. This notification directly contradicts with what they say The facts: what the employer cannot see: -…
JAM
  • 161
  • 5
4
votes
4 answers

Top Mobile Device Security Concerns?

What does everyone see as the top security concerns for mobile devices at the present time? I am working on a paper on the topic, but it seemed worth asking here to see if I might have missed anything.
Brad Andrews
  • 49
  • 1
4
votes
2 answers

How am I supposed to verify the origin of a sign-in page in a web view?

I just had to sign in into my google account in an iPhone app. It's a third party, that only uses the google account for authentication. The familiar google sign in page appeared in what is known as a "web view", that is a browser that is embedded…
eikes
  • 141
  • 1
3
votes
3 answers

Do telecom operators listen to every phone calls

I usually don't answer unknown numbers. Few days back i got couple of calls from unknown numbers and i didn't answer it. That evening i had contacted one of my lady friend and the next day i got a call from that friend but when i answered it, to my…
hata
  • 31
  • 1
  • 2
3
votes
2 answers

When cellphone providers give "unlimited social networking", how do they identify the traffic?

Some providers will give unlimited traffic for things like Facebook, Twitter, LinkedIn and even YouTube in some rare cases on smartphones. I'm wondering if there's any documented way they identify this traffic. Not for malicious purposes but from an…
Vaughan Hilts
  • 313
  • 1
  • 8
3
votes
1 answer

Can iMessages be fabricated?

I am looking to understand if it is possible to create fake messages (Apple iMessages) that can appear to be messages that were created years ago? I have read that using SQlite a person can modify and create messages. Is that really the case? And…
AmericanDream
  • 31
  • 2
3
votes
1 answer

I thought MDM software was meant to make smartphones more secure?

From The Verge (March 2016): The new attack takes advantage of less rigorous software controls for corporate device users, particularly those who use Mobile Device Management solutions (or MDMs) to get apps delivered to their phones. Granted this…
daikin
  • 1,069
  • 1
  • 8
  • 9
3
votes
3 answers

How the mobile operator knows whether I'm use phone, tablet or a computer for data service?

I have a mobile plan with unlimited data. It works overseas as well in the country of origin. It does not work for overseas tethering - I cannot use internet on my computer when travelling - it displays a webpage telling me it's not allowed. There…
Mars Robertson
  • 565
  • 4
  • 14
3
votes
2 answers

Is there any point in preventing apps from running on rooted phones, if you also offer a web interface?

Some banks prevent their apps from running on rooted phones, for alleged "security reasons". However, you can usually use their services from the web interface anyway. Using the same phone, having the same features. Moreover, the web interface can,…
Sìrohol
  • 31
  • 2
1
2 3 4