Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Android Cellphones Blackberry Handhelds IOS Security IT

Ask Slashdot: Most Secure Mobile OS? 291

Posted by timothy
from the much-more-secure-before-out-of-the-box dept.
Lexta writes "So I'm contemplating my next smartphone purchase, and I've been a little put off by all of the security exploits posted on Slashdot over the last few months, particularly for Android. So, what's the most secure stock standard (not jailbroken) mobile OS?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Most Secure Mobile OS?

Comments Filter:
  • by MasterMan (2603851) on Tuesday March 27, 2012 @12:07PM (#39486331)
    Both Android and iOS have been plagued with exploits. Android has tons of trojans, while iOS has remote exploits (most of those iPhone jail breaking methods are based on remote root exploits). The only current smartphone OS that is safe against exploits and vulnerabilities is Windows Phone 7. Microsoft has really improved their security within the last 5 years - even on the desktop Windows most exploits are against third party apps like Flash or Java, not Windows itself.

    So, if you want to get a smartphone that is safe against exploits and malware, Windows Phone 7 is your only answer. I would suggest some of the Nokia phones - people have been really happy with them.
    • Re: (Score:3, Insightful)

      by mhh91 (1784516)

      You'll be sacrificing the availability of tons of apps if you go with WP7 though.

      • by W2k (540424) <wilhelm@svenselius.gmail@com> on Tuesday March 27, 2012 @12:30PM (#39486817) Homepage Journal
        Not really true anymore. I've had a Lumia 800 since november and the only two things I'm really missing now is a native app for Google+ (though the mobile web version works fine) and something that can talk to the OBD2 Bluetooth dongle I have for my car. Not exactly your Angry Birds of smartphone apps. Also, a lot of the WP7 apps feel more polished than their Android versions. The Facebook app for instance.
        • by AliasMarlowe (1042386) on Tuesday March 27, 2012 @12:44PM (#39487079) Journal

          I've had a Lumia 800 since november and the only two things I'm really missing now is a native app for Google+ (though the mobile web version works fine) and something that can talk to the OBD2 Bluetooth dongle I have for my car.

          If you want a secure phone and want it to be from Nokia, then try the Nokia N9 [nokia.com]. It's a charm, in countries where it's available [wikimedia.org] (yes for Australia, Finland, Italy, Sweden, etc. but not for USA, UK, Canada, Germany, Japan, etc.).

          • by mckillnm (751344)
            I'll second the N9.. A great phone! (had a N900 before). Eco-system is small, but that may not be a problem as there is less sh1t to download!
        • by rwven (663186)

          It's still kinda true... The WP7 versions of apps are mostly inferior to their iOS/Android alternatives. There are also several key apps still missing that have some poor quality third party alternatives... (Pandora, Linkedin, I'm looking at you.)

        • by DrXym (126579)
          There are numerous faults with WP7.5 but the main one is lack of multitasking. One app is active at any time. Other apps get put to sleep with EXTREMELY limited means to do background tasks like checking email. Maybe for the most part this isnt a big deal but it means any app which sits in the background, e.g. instant messaging, twitter etc. is gimped on WP7.5. For example Skype only works when its in the foreground. If you expect to be able to receive calls then tough you can't.

          That's not the only issue

          • by W2k (540424)
            Strange, I seem to have no trouble receiving mail while I'm doing other things on my WP7. Perhaps because the "extremely limited means" are actually quite sufficient. I believe limiting multitasking a bit is a tradeoff for better battery life, and that's certainly fine by me. Apps like navigation and music players (Spotify, Nokia Music) seem to have no trouble whatsoever with me switching to a different app and back. The web browser dutifully remembers which tabs I had open. So no, not a big deal at all. Th
            • by DrXym (126579)
              Apps are allowed to run one background activity every 30 minutes and there are strict limits on how long this activty may run for or how many are entitled to be active. You can't pretend that is even remotely adequate for any kind of IM, email or Twitter type application. And you say tradeoff on battery life but I've yet to see a Windows Phone make good on battery. It's certainly not true for my Lumia 800 which sucks power and runs down faster than a 2 year old Android handset I have.

              And yes lack of C/C++

            • by Rasperin (1034758)
              The C# libraries for windows mobile development (particularly XNA 4.0) are absolutely wonderful. But C# = Java6 anyone whose developed in both (they both have there differing points, yes, but are essentially the same language) can recognize that.
        • something that can talk to the OBD2 Bluetooth dongle I have for my car. Not exactly your Angry Birds of smartphone apps.

          You mean something like Torque on Android, with over 10^6 installs? Or Garmin Mechanic, with around 2*10^5 installs? There are hundreds of these apps on Android, and it is fair to say they are very popular. If WP7 lacks such apps, then either WP7 has few developers, or it is a pain in the **s developing a WP7 app that makes the phone interface with something else. Or knowing MS, it could be both of the above.

      • by rtfa-troll (1340807) on Tuesday March 27, 2012 @05:46PM (#39490847)

        Although the number of iPhone apps is amazing, the limited number of apps is the least of Windows phone's problems. With both my Androids and N900 I got most of what I needed and I've always been able to show off to iPhone people if needed. It's worth reading between the lines of Andrew Orlowski's Lumia 700 review [reghardware.com]. Remember that he's a total Microsoft Fanboi but even so, he often makes pretty perceptive comments such as the ones about fonts. The key thing is to realise that Windows Phone is designed to look good in the shop, but hasn't actually been designed to work. The terrible battery life and design make a phone you can't actually use properly. Think of tiles for example; about 8-10 fit on a screen where normally you would have 20-25 icons. This is great for display and selling where almost no apps have been installed and you are just learning which are which. Five months down the line, when you have 150-200 apps, it suddenly doesn't seem like a good trade off.

        This general trade off of actual functionality for things which sell Microsoft products goes on through the design and brings us straight back to the topic; security. For example: your contacts in a Windows Phone are entirely stored on your online service, almost certainly Facebook unless you change it yourself. By design, there's no private place to store contacts you don't want shared. The first question with security is not "is this implementation done right". The real question is "who is this working for". This same user hostile attitude continues through the DRM implemenaton

        When Microsoft sets up something equivalent to the Data Liberation Front [dataliberation.org], then we will be able to talk about Windows Phone as a secure operating system. Not a day before.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      This is true for the same reasons that a decade ago Mac OSX was considered more secure than Windows. Its a function of install base. As soon as Windows Phone has 100's of million of users exploits will be published.

      • by MasterMan (2603851) on Tuesday March 27, 2012 @12:14PM (#39486475)

        This is true for the same reasons that a decade ago Mac OSX was considered more secure than Windows. Its a function of install base. As soon as Windows Phone has 100's of million of users exploits will be published.

        You mean Linux itself isn't better security wise either, it's just that the (desktop) market share is so low?

        • by lennier1 (264730)

          Most stuff is somewhat safer due to its origins and decisions shaped by those origins, but it's certainly not 100% safe either.

        • Re: (Score:2, Offtopic)

          by errandum (2014454)

          No, what he means is that it hasn't been put to the test yet. The argument "there are no exploits yet so it is more secure" is a flawed one because it doesn't look at the big picture. Macs also claimed they were more secure than PC's - they weren't. Windows architecture is actually more secure than the macs.

        • Re: (Score:2, Insightful)

          by oakgrove (845019)

          You mean Linux itself isn't better security wise either, it's just that the (desktop) market share is so low?

          Linux has a total install base in the hundreds of millions on various types of computers from embedded to smartphones to desktops to servers to supercomputers. Saying it has a "small" market share is extremely disingenuous.

        • by Bert64 (520050)

          Linux desktop market share is tiny, but Linux market share as a whole (embedded, supercomputers, servers, phones etc) is pretty high.

          Servers and supercomputers especially are high value targets, very attractive for hackers so there is considerable effort made to find vulnerabilities in linux. A 24/7 server on a high speed (full duplex) connection is far more useful for a hacker than a desktop connected to a typical end user connection with limited upstream bandwidth.

          Windows phone 7 only exists in one market

          • Servers and supercomputers especially are high value targets, very attractive for hackers so there is considerable effort made to find vulnerabilities in linux. A 24/7 server on a high speed (full duplex) connection is far more useful for a hacker than a desktop connected to a typical end user connection with limited upstream bandwidth.

            Certainly it's true that a high performance server is more useful then a desktop system, but is it more useful then a botnet of thousands of desktop machines? The desktop eco-system contains so much low-lying fruit it seems unlikely faster, but more secure and better maintained servers would ever be worth the effort.

          • by bhcompy (1877290)
            And which do you protect better from outside the server itself? I don't see too many supercomputers with direct access to the public web. Servers are always behind the strictest of network security rules, with front end proxies optimally being the only communication between the real server and the outside network. On the other hand, desktops have considerably less security from an infrastructure perspective on average.
        • by cpu6502 (1960974)

          Good question. Isn't Android a linux OS? Why does it have exploits then? (puzzled).

          Well nobody's hacked my phone because my phone is dumb. It makes calls & accepts texts, and that's about it. It's a Nokia "Shorty OS"

    • by IamTheRealMike (537420) <mike@plan99.net> on Tuesday March 27, 2012 @12:15PM (#39486477) Homepage
      A lot of the Android "trojans" are little more than apps which declare what they'll do up front and then do them. I'm not sure that counts as exploits.
      • by geminidomino (614729) on Tuesday March 27, 2012 @12:46PM (#39487131) Journal

        Most of the malware I've seen on my android phone is in the form of apps that leak my phone ID and phone number (apparently only vaguely alluded to in the 'Phone Calls' permission as 'identity').

        What REALLY pisses me off is that not only does app I paid for do this, but it somehow self-cripples if I fix it with Privacy Blocker, and the devs had the brass to say in the comments that it doesn't do it.

        The app in question is EzPDF, btw. Since my only recourse is to leave them a crap rating and look for a new PDF reader, I'm doing that, but it still pisses me off, especially since I was recommending it for awhile.

      • by SiChemist (575005)

        Came here to say this. You can't prevent dumb people from installing malware voluntarily no matter what the OS. When install tells you exactly what the software can do, it's ridiculous to blame the OS for what the software then does.

      • Re: (Score:2, Informative)

        by DJRumpy (1345787)

        Most trojans don't state "I'm asking for access to your contacts so I can sell your address to Russian spammers". They ask if they can 'access you contacts".

        Claiming the malware affecting Android somehow warns people up front as to exactly what it's going to do is disingeneous. It warns what areas it will access, but not what the intent is, and for a non-technical person, that equates to rather pointless information.

      • by Hatta (162192)

        That reminds me of the definition of a magician. Someone who tells you up front that he's going to lie to you, and then does.

    • by Bert64 (520050)

      Don't MS often complain that windows is only perceived as insecure because its ubiquitous and therefore commonly targeted, and that other systems only appear more secure because noone bothers to target a small marketshare...

      Surely then, the same applies to windows phone, it has a tiny marketshare and therefore very few people are interested in attacking it.

      Also worth noting, windows phone has a tiny market share period... Linux only has a tiny share on the desktop, its big in servers, supercomputers, embedd

      • by toadlife (301863)

        Don't MS often complain that windows is only perceived as insecure because its ubiquitous and therefore commonly targeted, and that other systems only appear more secure because noone bothers to target a small marketshare...

        Yes.

        Surely then, the same applies to windows phone, it has a tiny marketshare and therefore very few people are interested in attacking it.

        Yes.

        The windows phone kernel is based on windows ce, which is inherently a single user os, im fairly sure that once you get down to it, the system is considerably less secure than android or ios, both of which are based on tried and tested multiuser kernels.

        Not sure what single vs multiuser would have to do with overall device security since on the Android side none of the security issues we've seen have anything to do with the kernel. Why would you compare the kernel the Windows Phone platform with the userland of Android?

        A quick search shows that Microsoft is not using the user model [windowsecurity.com] of security in Windows Phone 7 at all.

    • by Reapman (740286)

      To be honest, the reason I feel that you see less exploits for Win7 Phones over iOS or Android is it's newer and has a MUCH smaller user base. Security through Obscurity. Assuming Win7 EVER breaks through, I expect to see more and more exploits / security issues for it as well.

      Want a secure Mobile OS? Start with the user. Don't install a ton of apps, verify the permissions (if viewable) it is requesting is in line with what the app actually does (sending text is fine if it's a texting app, not so fine i

      • by icebike (68054) *

        To be honest, the reason I feel that you see less exploits for Win7 Phones over iOS or Android is it's newer and has a MUCH smaller user base. Security through Obscurity.

        Ah, I see you've been drinking the Microsoft Koolaid.

        There is no such thing as security through Obscurity.

        Other OSs achieve better security by DESIGN, not by being obscure. Microsoft hides its source code, and always has. Yet for decades it was the least secure OS in the world. Virtually all flavors of 'Nix publish their source code openly, and yet they are the most secure.

        Please just stop with this "Its hacked because its popular" nonsense.

        • by Reapman (740286)

          Microsoft Koolaid? Maybe you misunderstood me. I'm saying that the parent is wrong to say Windows 7 is more secure, it just hasn't been proven yet. Yes.. I'm attacking Microsoft by defending Microsoft. That's a new one.

          Security through Obscurity DOES in fact exist. It's a crappy method, and unadvisable, but it exists. Are there vulnerabilities? Sure, there's just less people looking for them.

    • by errandum (2014454) on Tuesday March 27, 2012 @12:17PM (#39486537)

      Your argument is flawed for the same reason that people say macs are more secure than pc's.

      Just because something is not popular enough to attract attention (and btw, it was rooted not long after it was released, which in turn prompted microsoft to offer a legit way to do it), doesn't mean it is more secure.

      Android and iOS are victims to their popularity. On the other hand, BB handsets are, by design, extremely secure. Weird that you did not mention that.

    • by oakgrove (845019)

      So, if you want to get a smartphone that is safe against exploits and malware, Windows Phone 7 is your only answer.

      On the contrary, wp7 lack of exploits probably has more to do with its lack of market penetration than anything else. I would go with Blackberry if security was my main criteria as it has sizable share and has been on the market long enough and in enough users hands to prove itself.

    • by Sir_Sri (199544)

      If you're talking purely from a security perspective then you can't count RIM out of the picture either. The blackberry ecosystem is pretty robust at the consumer and business level as well.

      AFAIK though, the only NSA certed phones for 'top secret' communications are stuff by general dynamics, ratheon and lockheed and you're looking 3k for that kinda phone, assuming you can even get one as a civi. I know there's a sepctra phone that runs an old windows phone software version, but I don't know if they have

    • by binarylarry (1338699) on Tuesday March 27, 2012 @12:23PM (#39486665)

      It's hard to exploit phones that are in shrink wrapped boxes on the store shelves.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      "Both Android and iOS have been plagued with exploits."

      no, just the first mobile os you mention IS PLAGUED by exploits, while the second one NEVER WAS. the few exploits that have been found in ios (very, very small number) has been used to jailbreak ios only. there is currently not a single piece of malware that affects the non-jailbroken ios. and yes, everyone knows why this is the case, everyone knows the "freedom vs walled garden" arguments, but it doesn't change the reality of the situation.

    • by icebike (68054) * on Tuesday March 27, 2012 @12:30PM (#39486801)

      Android has tons of trojans, while iOS has remote exploits (most of those iPhone jail breaking methods are based on remote root exploits).

      Wrong on both counts.

      IOS jailbreaks are based on LOCAL root exploits. You have to have it in hand to jailbreak it. There is no drive-by jailbreak available.

      Android Trojans might be found in dodgy third party app sites, but are quickly squashed in the Android Market (now called Google Play after one of the dumbest re-names in memory). Each Android app specifically tells you what permissions (data access, phone functions) it wants to use before it installs.

      (There are rumors that development is already underway to block apps from using certain permissions even if they do declare them, offering users a finer grained control.).

      If you want to be safe, you install only from Itunes, Android Market, Amazon Market, and a couple of other well trusted app market places. There is never a need for a newbie to run off and install from some web site, or root their phone.

      As for Windows Phone, who knows, because it simply is too small to attract any significant attention at this point. Given Microsoft's history of OS vulnerabilities you have to be a true believer to assume their new found religion of security is believable.

      • Re: (Score:3, Informative)

        by MasterMan (2603851)

        IOS jailbreaks are based on LOCAL root exploits. You have to have it in hand to jailbreak it. There is no drive-by jailbreak available.

        For years all that was needed to jailbreak iOS was just visiting a website. Those websites remotely exploited Safari and iOS to gain root access and jailbreak the phone. The same exploits work for malware too.

      • by dc29A (636871) *

        Wrong on both counts.

        IOS jailbreaks are based on LOCAL root exploits. You have to have it in hand to jailbreak it. There is no drive-by jailbreak available.

        ORLY? [jailbreakme.com] The most popular jailbreak exploits were simply something like downloading a malformed PDF file. That is something that can be easily converted into 'drive by'.

        • Note that it's only available for iOS v4.2.6 through 4.3.3 [jailbrea.kr].

          There are certainly older iPhones out there still running those versions, but new iPhones are all at v5.x which require physical access to the device to jailbreak.

    • by carlhaagen (1021273) on Tuesday March 27, 2012 @12:31PM (#39486849)
      "Both Android and iOS have been plagued with exploits"
      "The only current smartphone OS that is safe against exploits and vulnerabilities is Windows Phone 7"
      "even on the desktop Windows most exploits are against third party apps like Flash or Java, not Windows itself"
      "if you want to get a smartphone that is safe against exploits and malware, Windows Phone 7 is your only answer"

      You have absolutely no idea what you're writing, do you? I'm amazed this got upvoted 5 points and labelled Informative.
      • Re: (Score:3, Informative)

        by Anonymous Coward

        You have absolutely no idea what you're writing, do you? I'm amazed this got upvoted 5 points and labelled Informative.

        You're amazed that a first post paste job praising MS and disparaging their competitors got modded to +5 almost immediately on Slashdot? You haven't been paying attention [waggeneredstrom.com].

    • by Patch86 (1465427)

      Are we not playing "security by obscurity" again? The old argument was that Macs were immune to viruses- when in actuallity it was just that teh Mac marke tshare was too small to attract a healthy ecosystem of malware. As the market share grew, so did the number of exploits.

      With Windows Phone 7 market share still in the low single digits, it's no surprise that malware isn't prevalent. If the market share ever increases, you'd expect malware to increase too.

      Note that I'm not claiming that the security in WP7

  • BB (Score:5, Interesting)

    by errandum (2014454) on Tuesday March 27, 2012 @12:10PM (#39486391)

    RIM's OS, especially due to the way they handle communications, is by far (as far as I know) the most secure OS. And neither iOS nor Android look particularly secure to me, since every other week you see some news of them getting exploited.

    • by gl4ss (559668)

      "due to the way they handle communications"? you mean by a central failpoint and by bb owned servers to which they will gladly give the keys for any government?

      if the dude wants a smartphone with security and choice.. go symbian, bitch to do things even if you want to, very few rom versions with jailbreaks(equivalent). or windows phone. or just some bog standard j2me phone. they'd fit the smartphone standard of couple of years ago. they fit the "smartphone" description just as well as windows phone actually

      • by errandum (2014454)

        Yes. They do secure, as you said, RIM gives the keys to governments. I don't consider that insecurity, but compliance with laws of a certain place. If you steal a BB phone you'll have a hard time getting what's in there if you're not a government. The only reason I wouldn't recommend BB is if you're a terrorist. You might get nailed by your phone then.

        On the other hand, you might argue that having a single point of failure is a bad architecture. But it is not insecure, just dumb.

        And depending on model, Andr

      • RIM doesn't give out the keys, they give out the message, so if large governments like the Indian government are unable to crack the messages, then it's unlikely thieves are able to crack them.
      • j2me phones have always fit in the "feature phone" category, not smartphone.
    • by Bert64 (520050)

      Have a read of what was said at last year (or was it the year before) pwn2own contest, A guy there successfully compromised the blackberry handset and concluded that its mostly security through obscurity, where the perceived security of blackberry handsets is based on the fact that very few people have taken the time to investigate and understand the system in depth.

      • by errandum (2014454)

        Never said it was 100% secure, but the only way to break the encryption without loosing all data (from what I gather) was targeted at the backups and not the phone themselves. If you steal a phone, I don't think you can break it without the government codes.

    • by na1led (1030470)
      What good is security without reliability. RIM has so many issues, not the least of which is their failing infrastructure, and poor support.
      • by errandum (2014454)

        The question was security, not how reliable the network was. A single point of failure architecture is a shitty architecture by any reasonable measure, but that was not the question (:

  • Symbian? (Score:4, Insightful)

    by RyuuzakiTetsuya (195424) <{taiki} {at} {cox.net}> on Tuesday March 27, 2012 @12:18PM (#39486553)

    Normally I'd otherwise shit all over symbian, but, why not Symbian? Years on the market, it should've been proven one way or the other by now.

    Also, what level of paranoia are we talking? State or industry secrets? Personal paranoia?

    • Also, what level of paranoia are we talking? State or industry secrets? Personal paranoia?

      Exactly this.

      Are you worried about some random app stealing your contacts? Easy - don't install random apps.
      Are you worried about somebody tracking you with your GPS / wifi trangulation / whatever? Easy - get a dumbphone. Turn it off most time. Or get a radio.
      Are you worried about the NSA picking up on your conversations with your co conspirators in an effort to blow up Wall Street? A bit harder. Get a one time pad. Get rid of that FBI informant in your cell (yes, that one).

      This isn't hard, folks.

  • Mutually exclusive (Score:4, Interesting)

    by rtkluttz (244325) on Tuesday March 27, 2012 @12:19PM (#39486567) Homepage

    If it is not jailbroken it is DEFINITELY not secure. With carrier spyware and apps that are not under your control, the first step to security is making it YOURS and yours alone.

    Once you are to that point, then you can BEGIN evaluating the core OS for security.

  • by nweaver (113078) on Tuesday March 27, 2012 @12:20PM (#39486593) Homepage

    What is your threat model? Do you use it for websurfing? Download lots of kewl apps? For the latter, from which app store?

    I suspect that iOS is a bit more vulnerable on the web browser side, as android has a fair bit better sandboxing which means an exploit of the browser takes more work to fully p0wn the phone, while in iOS-land, 'p0wn the brower == p0wn the phone'

    But OTOH, Apple is a much better curator: with only the official App store, and with bad-actor app-developers and apps a rarity, the Apple App Store is very safe.

    Android? Not so much. Even the official Google store seems to rely too much on the Android sandboxing to keep users safe (when users just say 'ok' to anything needing scary permissions), and other App Stores are a vile abomination.

    Finally, anything that doesn't say "Nexus" on it should be considered end-of-lifed before you buy it. Apple patches things for a long time, so old vulnerabilites shouldn't worry their user base. But Android phones, since they are pretty much EOL'ed right from the start, often never receive critical browser and related security patches, security patches which, due to the open nature, can pretty much be reverse engineered by a competent exploit developer.

    So, my ranking: Nexus Phone > (slightly) iPhone >>> generic "Android" phone

  • If you're really that bothered, maybe go for a phone that does phone calls, texting and some light web browsing with very little scope for crapware to get on board?

  • by jamesl (106902) on Tuesday March 27, 2012 @12:31PM (#39486837)

    There was a time when the most secure (consumer) desktop OS was the Mac -- because there were so few in service that the bad guys spent all their time and effort on Windows. By that measure, the most secure mobile environment is Windows Phone 7.

    • by Anubis IV (1279820) on Tuesday March 27, 2012 @02:18PM (#39488431)

      There's a difference between safety and security, which you appear to have conflated. You can have an unlocked house that's wide open in a low-crime area and likely be safe without being secure. You can have a locked house with bars on the windows in a high-crime area and be secure without necessarily being safe.

      Safety is what we all want. For someone using a popular device/OS/whatever, you have to rely on security since other factors (i.e. obscurity) will not protect you. If you're a valuable target, it doesn't matter what device/OS you're using, you'll still need to be secure because you are likely to be targeted. Thus, obscurity is not a viable measure of protection.

  • People throw around the term 'secure' all the time ... what does that mean in this instance?

    Does the OS keep apps away from data they shouldn't have access to? Does its browser have the best track-record on drive-by's etc.? Does it mean it has/hasn't been exploited in the wild or not (e.g. Safari is riddled with security problems, but how often is it pwned in the wild?)? Do you want to be able to click links wildly and not get infected (and unicorns and rainbows)? Good security policies and enforcement o

  • They're all pretty close in terms on security features so it comes down to the one that's updated the quickest.

  • The number of exploits found in each mobile OS seem to be proportionate to that OS's market share. Note that found is the key word here. For the same reason that hackers prefer to find exploits for Windows instead of Mac, more holes are found and exploited in Android and iOS than in WP7 and Bada. It doesn't necessarily mean that WP7 and Bada have less holes, it's just that it's not (yet) worth anybody's effort to find them.

    But if security really is the submitter's #1 factor for picking a smartphone (whic

  • by Caerdwyn (829058) on Tuesday March 27, 2012 @01:19PM (#39487623) Journal

    Yeah, like you're going to get an objective answer here. Slashdot doesn't have experts. It has OS bigots.

    That being said, the most secure mobile OS is the one on the phone operated by someone who doesn't install ad-supported "free" apps, who password-protects the phone, doesn't load pirated software, and who enables remote wipe/locate-my-phone functionality.

  • by Qubit (100461) on Tuesday March 27, 2012 @01:32PM (#39487805) Homepage Journal

    http://www.engadget.com/2012/03/01/nsa-builds-own-model-of-android-phone-wants-you-to-do-the-same/ [engadget.com]

    Okay, so it's only off-the-shelf parts, but if you really want a mobile device that can earn the label "secure," (software ain't a thing w/o hardware) you're probably going to want something vetted by a security organization/company like....well...the NSA.

  • Maemo / Meego Harmattan. Period. Full Stop.

  • WebOS is ok. The only exploit I recall is the SMS exploit that hit everyone else too. They were quick to fix it. It's linux, so you can easily write your own iptables rules, disble services, etc. No jailbreak required for this. It's an open platform by design, and HP/Palm supported its community rather than try to lock them out.

  • Almost all security comes down to social engineering. Any smart phone is open to attacks, and the primary attack path will generally be through the user. Don't install questionable apps. Don't visit unsafe websites; AFAIK, no mobile OSes are currently open to driveby attacks, but they have been in the past. (iOS in particular used to be; that was the basis of a way to jailbreak the iPhone.) Be alert to phishing and other types of trickery. Apply all relevant updates. Odds are, if you ever do get comp

  • by CosaNostra Pizza Inc (1299163) on Tuesday March 27, 2012 @02:59PM (#39488971)
    "put off by all of the security exploits posted on Slashdot over the last few months, particularly for Android" Funny you should single out Android because IOS has also had plenty of exploits and security holes despite (or maybe because of) Apple's walled-garden approach to software development, vetting, etc. I know this for a fact...I wrote a research paper on it.
  • by jdb2 (800046) * on Tuesday March 27, 2012 @06:38PM (#39491293) Journal
    The N900 and N9 are full blown Unix/Linux machines with all the bells and whistles that come with a non-neutered version of the GNU/Linux environment.

    That being said, they support many Unix/Linux security mechanisms, but if you want proof, how about full disk encryption [maemo.org] for starters?

    jdb2
  • by BillX (307153) on Wednesday March 28, 2012 @11:27PM (#39505063) Homepage

    I hear this custom Android build [adtmag.com] is pretty secure, if you can get your hands on it of course.

"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin

Working...