[ainolsupporter]

Quote:

[align=center][/align]

None of the leading mobile browsers have security that’s up to snuff, according to researchers at Georgia Tech.

“We found vulnerabilities in all 10 of the mobile browsers we tested, which together account for more than 90% of the mobile browsers in use [in the U.S.],” Patrick Traynor, assistant professor at Georgia Tech’s School of Computer Science, said in a school press release.

On mobile browsers, even experts have trouble determining the legitimacy of a website due to the lack of graphic indicators such as a lock icon that show when a browser is using the security protocols secure sockets layer (SSL) or transport layer security (TLS).

Such icons amd indicators, present on almost all desktop browsers, quickly tell users whether the site they’re visiting is secure and legitimate. Examples include the HTTPS address prefix and the padlock icon that appears when users are entering sensitive data like payment information.

The World Wide Web Consortium (W3C) puts forth specific guidelines as to how SSL and TLS should be implemented, something desktop browsers typically do well. When it comes to their mobile counterparts, the W3C recommendations don’t seem to be taken as seriously. Because people regularly use their smartphones to shop and conduct banking transactions, that’s a big problem.

“Research has shown that mobile browser users are three times more likely to access phishing sites than users of desktop browsers,” said Chaitrali Amrutkar, the main author of the Georgia Tech paper. “Is that all due to the lack of these SSL indicators? Probably not, but giving these tools a consistent and complete presence in mobile browsers would definitely help.”

Mobile developers are constantly faced with the challenge of creating an enjoyable browsing experience on a display that’s only a fraction of the size of a desktop. But a malware-ridden or hacked phone isn’t enjoyable at all.

Once developers figure out a smart and consistent way to implement SSL and TLS, Traynor said, everyone will be more secure and better served.

“With a little coordination, we can do a better job and make mobile browsing a safer experience for all users,” he said.

Source: http://mashable.com/2012/12/07/mobile-browsers-unsafe

This is why I try to use apps and not my mobile browser when I’m on my mobile. I have an app for Facebook, one for Gmail, one for PayPal, etc. That way, at least, I know I’m not exposed to any vulnerabilities… that I know of.

[mbarrett]

This is sort of frightening. I skimmed over the article and couldn’t find the browsers they tested. I use the Dolphin Browser and it seems safe to me. I hope there aren’t any security flaws that I am unaware of. Thanks for posting this article and warning others to be cautious while on their phones.

[ppmint]

Interesting read. I use Dolphin as well, but keep it updated and have installed mobile anti-virus software and I haven’t noticed any viruses/problems yet. I’ll definitely consider being more careful about the types of sites I visit from now on, because mobile security definitely isn’t advanced as the desktop counterpoint, and it lacks the sort of intensive cleaning apps like ADW.

[evafiskan]

it’s better not to remember the password on your phone.

[LREC94]

Interesting article, but I would have liked to see what browsers they tested so we could see which ones they consider unsafe.

[Author]

Posts