ACLU researcher slams carriers for lax Android security

A security researcher with the American Civil Liberties Union pushed carriers to become more responsible for the mobile security of customers using Google's (NASDAQ:GOOG) Android platform or let Google directly push software updates. Speaking at a security conference, Chris Soghoian, principal technologist and senior policy analyst with the ACLU, noted that phones have to contact a server run by carriers in order to get an update. "When Apple decides that it's going to give a security update to consumers or a feature update, every consumer who plugs their phone into their computer gets the update whether or not their respective regional carrier likes it," Soghoian said, speaking at the Kaspersky Security Analyst Summit. But with Android, "you get updates when the carrier wants it and when the hardware manufacturer wants it, and usually that's not very often." He said the main problem is not that Google is not fixing security flaws in Android but that the "fixes for critical security vulnerabilities are simply not getting downstream and reaching consumers." Article


Like this story? Subscribe to FierceWireless!

The Wireless industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceWireless as their must-read source for the latest news, analysis and data on this increasingly competitive marketplace. Sign up today to get wireless news and updates delivered to your inbox and read on the go.

Suggested Articles

AT&T has shifted its Cricket prepaid brand to a 100% authorized retailer model, according to Wave7 Research.

The FCC decided to extend the timeline for responding to Huawei's application for review until December 11.

All operators are trying to understand the intersection between their networks and hyperscale networks. But who gets the lion's share of the revenue?