As mobile device sales continue to multiply, so do the hack attacks to get into their valuable data cores. We may not know where the hacks originate, but we do know who the target is: the phones and the platforms with the greatest users.
A new study from Sourcefire delineates the number of vulnerabilities – or software flaws – in the smartphone industry over the last 25 years.
The results may surprise you: the iPhone has the greatest number of vulnerabilities at 81%, followed by Google Android (NASDAQ:GOOG), Windows (NASDAQ:MSFT) and Blackberry. In fact, as far as trends go, since 2007 both Blackberry (NASDAQ:BBRY) and Windows phones have seen a decline in flaws.
But Apple (NASDAQ:AAPL) is doing its part to defend the iPhone. The study goes on to say: “Apple didn’t focus very much on security when they first released the iPhone, they have since made significant improvements and can be considered the current market leader.”
Yves Younan, Senior Research Engineer at Sourcefire's Vulnerability Research Team, clarified the data further: “Vulnerabilities don’t mean successful attacks…operating systems do a lot to mitigate these issues and reduce damage”
In fact, a vulnerability can be patched and addressed without doing damage, assuming the vendor, or company, agrees a fix is needed. He did say that some vulnerabilities do not get patched, but those are limited. Just as the iPhone has the largest share of vulnerabilities, it doesn’t necessarily mean that there was a security impact.
So, do the data suggest that the iPhone is less safe?
“Vulnerabilities only give one picture…but don’t give whole picture of security of a platform," Younan said. "For example, Google’s Android has to deal with a lot more malware. That’s because of the way they deal with their app stores. Google is much more open than Apple’s iTunes”
As far as what ordinary citizens should do in reaction to the data, Younan offers the following tips:
- Make sure you have the latest operating system (say, Window 8 versus Window XP) because it is better supported by the vendor.
- Update your computer with any software upgrades the vendor puts out.
- Consumer level security software is also key, as it can make it harder to exploit the vulnerabilities