Google chair Eric Schmidt is apparently diversifying into comedy:
Delivered with a spice of arrogance, Google’s executive chairman Eric Schmidt on Monday declared the Android platform more secure than Apple’s iPhone… The comparison, made during a question-and-answer session at the Gartner Symposium/ITxpo, drew laughter from a packed-house audience.
Points for brazenness. Still, it’s not only a valid question, a question that needs to be asked, but a question that must be asked now. The shift from desktops (or even laptops) to mobile “devices” is not merely happening, it’s a landslide. Anyone denying this is only fooling themselves. The problem of security on these devices is not simply carried over, it’s multiplied.
The term “device” is misleading, since interface-wise it implies a single-function gadget. This is appropriate mechanically, as a smartphone or tablet has an extremely simple user interface. But mechanically only. Software-wise, smartphones (and some tablets and laptops) have always-on connectivity, and have (on at least one layer) total exposure to hackers.
Physically, the device itself is insecure: I know multiple people who have had their “device” snatched right out of their hands. This vulnerability simply didn’t exist before; previously, theft of laptops required a good deal of fault on the user end. Once a hacker has physical access to the machine, it’s only a matter of time. Smartphones and other always-on machines are now vulnerable from both sides.
Back to the network layer: hacking of information by geeks, by competitor organizations, by China, etc. is far worse than the person on the street realizes. The shift (and proliferation) to laptops, tablets, AND smartphones (not one or the other per user) creates a target-rich environment. Once you stop and think, it’s no laughing matter at all. The question of security has not been answered for devices; it was never answered for desktops in the first place.
Hug your admin today. Then do all the security precautions they demand.