Smartphones are big business, prompting fierce competition between providers. One major concern for consumers is whether a smartphone will keep their private data safe from malicious programs. To date, however, little independent research has been undertaken to compare security across different platforms.
Now, Jin Han and co-workers at the A*STAR Institute for Infocomm Research and Singapore Management University have conducted the first systematic comparison of the two biggest operating systems in mobile software1 — Apple’s iOS and Google’s Android. The two companies take markedly different approaches to security.
Apple famously maintains complete control over iOS security, promising that all applications are thoroughly screened before release and security patches are smoothly applied across all their phones. However, malicious software has appeared in the iTunes store.
Android, in contrast, displays everything that an application will need to access so that users can decide themselves whether to go ahead with an installation. Some critics argue that handing such control to unqualified users could present a security risk in itself.
To compare these two security models, Han and co-workers identified 1,300 popular applications that work identically on both iOS and Android. These applications, such as Facebook, often access code libraries on smartphones called security-sensitive application programing interfaces (SS-APIs), which provide private user data or grant control over devices such as the camera.
“We needed to establish a fair baseline for the security comparison between Android and iOS,” says Han. “We achieved this goal by examining the SS-API usage of cross-platform applications.”
The researchers found that 73% of iOS applications, especially advertising and analytical code, consistently accessed more SS-APIs than their counterparts on Android. Additionally, the SS-APIs invoked by iOS tended to be those providing access to sensitive resources such as user contacts.
The results imply that by allowing users to control permissions, Android may be better at preventing stealthy applications from getting hold of private information. Notably, Android also intentionally avoids using SS-APIs if non-security-sensitive APIs can be used to achieve the same functions.
To avoid jumping to conclusions about the risk to Apple users from the iOS process, Han urges caution in interpreting the results. “Mobile platforms are constantly evolving,” he says. “Our experiments were mainly conducted on iOS 5, but iOS 6 has enhanced its privacy protection so that users will be notified when an app is trying to access their contacts, calendar, photos or reminders. This may encourage developers to modify their apps so that they access less private data.”
The A*STAR-affiliated researchers contributing to this research are from the Institute for Infocomm Research
Han, J., Yan, Q., Gao, D., Zhou, J. & Deng, R. Comparing mobile privacy protection through cross-platform applications. The 20th Annual Network & Distributed System Security Symposium, 26 February 2013.
ECG procedure indicates whether an implantable defibrillator will extend a patient's life
02.09.2019 | Technische Universität München
Fracking prompts global spike in atmospheric methane
14.08.2019 | European Geosciences Union
To process information, photons must interact. However, these tiny packets of light want nothing to do with each other, each passing by without altering the...
Researchers from the Department of Atomically Resolved Dynamics of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) at the Center for Free-Electron Laser Science in Hamburg, the University of Hamburg and the European Molecular Biology Laboratory (EMBL) outstation in the city have developed a new method to watch biomolecules at work. This method dramatically simplifies starting enzymatic reactions by mixing a cocktail of small amounts of liquids with protein crystals. Determination of the protein structures at different times after mixing can be assembled into a time-lapse sequence that shows the molecular foundations of biology.
The functions of biomolecules are determined by their motions and structural changes. Yet it is a formidable challenge to understand these dynamic motions.
At the International Symposium on Automotive Lighting 2019 (ISAL) in Darmstadt from September 23 to 25, 2019, the Fraunhofer Institute for Organic Electronics, Electron Beam and Plasma Technology FEP, a provider of research and development services in the field of organic electronics, will present OLED light strips of any length with additional functionalities for the first time at booth no. 37.
Almost everyone is familiar with light strips for interior design. LED strips are available by the metre in DIY stores around the corner and are just as often...
Later during this century, around 2060, a paradigm shift in global energy consumption is expected: we will spend more energy for cooling than for heating....
Researchers from the Department of Atomically Resolved Dynamics of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) at the Center for Free-Electron Laser Science in Hamburg, the University of Potsdam (both in Germany) and the University of Toronto (Canada) have pieced together a detailed time-lapse movie revealing all the major steps during the catalytic cycle of an enzyme. Surprisingly, the communication between the protein units is accomplished via a water-network akin to a string telephone. This communication is aligned with a ‘breathing’ motion, that is the expansion and contraction of the protein.
This time-lapse sequence of structures reveals dynamic motions as a fundamental element in the molecular foundations of biology.
19.09.2019 | Event News
10.09.2019 | Event News
04.09.2019 | Event News
19.09.2019 | Power and Electrical Engineering
19.09.2019 | Physics and Astronomy
19.09.2019 | Event News