Mobile Security Battle Royale
Last week at the RSA Conference I had the opportunity to attend the “Mobile Security Battle Royale“, featuring a great panel of experts on mobile phone security. Moderated by Zach Lanier, the panel featured Tiago Assumpção and Collin Mulliner paired off against Charlie Miller and Dino Dai Zovi (co-authors of iOS Hacker’s Handbook).
As many great panels typically do, this panel featured no slides and no set talking points. Instead, Zach asked the panel some great questions to just get the ball rolling, and the panel started firing off great quotes left and right. I got busy live-tweeting the session and got (and re-tweeted) a few great quotes from many of the panel members which I have embedded below.
One of the recurring themes was “which is better”, comparing iOS to Android. BlackBerry/RIM got a few mentions as well since Tiago worked for RIM for a long time. The panelists did not come to any final conclusion, all the platforms have their benefits and their drawbacks. However, as a “battle royale”. there was a certain amount of desire from the moderator and the audience to declare a winner. My belief is that currently iOS is currently ahead, but the battle is close. The reason I’d tip my hat toward iOS at this time is for two reasons. First, it is slightly more expensive and difficult to get an app into the Apple App Store than Google Play, which makes things slightly more difficult for malware developers. Second, Apple iOS devices are generally running the latest version of the operating system, unlike the fractured Android ecosystem which has over half of the active devices running multiple major revisions behind.
Enjoy these quotes (paraphrased a little, I don’t have an eidetic memory) from this great panel discussion. I look forward to the rematch at next year’s conference.
“Apple disallowing downloaded code to be put into runtime was a hugely prescient decision.” – @dinodaizovi #RSAC
— Peter Hesse (@pmhesse) February 28, 2013
“Talking about antivirus for mobile, it just doesn’t make sense.” – @0xcharlie #RSAC
— Peter Hesse (@pmhesse) February 28, 2013
“We’ve proven that we can get to the moon. I personally don’t have the resources so the moon is safe from my attacks.” @dinodaizovi
— DennisF (@DennisF) February 28, 2013
Good point by @collinrm there are 3 parties needed to upgrade android: carrier, hw manufacturer, and Google, only 1 has incentive to upgrade
— Peter Hesse (@pmhesse) February 28, 2013
“The amount of web traffic that goes to phones is minuscule. So we might as well be talking about rhinoceros attacks.” @dinodaizovi #RSAC
— DennisF (@DennisF) February 28, 2013
“Jailbreaking should be legitimized, and the way to do it is compartmentalization.” – @coconuthaxor #RSAC
— Peter Hesse (@pmhesse) February 28, 2013
4 thoughts on “Mobile Security Battle Royale”
Tremendous issues here. I’m very satisfied to look your post. Thanks a lot and I’m having a look ahead to touch you. Will you kindly drop me a e-mail?
My partner and i take pleasure in, contribute to I stumbled upon just what I had been taking a look to get. You’ve was over my personal some working day prolonged look! The lord Appreciate it guy. Possess a wonderful evening. L8rs
Many thanks. I’ve been in search of this info. Good facts I will look regarding information and facts linked to your lemonade diet.
Thanks a lot for sharing this with all people you really recognize what you are speaking about! Bookmarked. Please also consult with my website =). We can have a hyperlink alternate agreement between us
Comments are closed.