Android Security Roundup: How to Hack Google Now (and Siri); Is BYOD Dying?


Android Secured

Recently there have been some mixed messages on the future of BYOD programs in enterprises. Some numbers and reports suggest a broad slowdown in BYOD use and adoption. Others, like one we reported in Android Secured last week, What BYOD Slowdown?, point to continued adoption for the foreseeable future.

Among those pointing to a slowdown is security vendor Bitglass. In a recent survey, Bitglass found that 57% of end users and 38% of IT professionals do not currently participate in their company’s BYOD program due to concerns about their employers’ IT group snooping on them. Another study, this one by CompTIA earlier this year, showed that 53% of enterprises currently do not allow BYOD at least partly because of security concerns. That figure is up significantly from the 34% who reported the same thing in 2013.

Others have numbers pointing in the opposite direction. A new report from Strategy Analytics shows that nearly two-thirds of all tablets and smartphones shipped for business use in 2015 were personal-liable or BYOD. And Gartner has predicted that by 2017, half of all employers will actually require employees to use personal devices for work.

Searching the mobile, smart phoneWhether BYOD adoption continues to grow or decline over the next few years, the one thing that appears certain is that it is not going away completely any time soon. Personally owned devices can enable better productivity and help reduce costs for enterprises. But to get there, employers will need to get smarter about how to manage personal device use in the enterprise. And employees will just have to get used to the idea of at least some limitations on their ability to use personal phones and tablets at work.

Check out some of the other stories in Android Secured this week, including the following:

Researchers Demo How to Take Remote Control of iPhones, Android Devices via Siri, Google Now

You probably never thought of Siri or Google Now as tools that can be used to take control of your iPhone or Android smartphone. But as a couple of ingenious researchers at ANSSI, France’s information security research organization, showed last week, the digital assistants can be co-opted into issuing malicious commands to your smartphone from up to 16 feet away. All they needed was some pretty low-cost radio transmitting equipment and your headphone as an antenna.

Researchers Find “Android Security Like the Market for Lemons”

The timeliness of security patches for Android devices has become a hot topic following the disclosure of the Stagefright vulnerabilities earlier this year. Expect the topic to receive close scrutiny in the months ahead, as people realize just how poor some vendors are in issuing patches for Android vulnerabilities in a timely fashion. Researchers at the University of Cambridge recently released a study showing that 87.7% of Android devices are vulnerable to malicious attacks at any time because of unpatched security flaws. Check out the report to see how the major Android device makers fared in the study.

Exploits Used by Android Root Providers Can Be Abused for Malicious Purposes

Unless you hired someone to root your mobile phone recently, you probably don’t even know that a whole cadre of people exist out there who provide commercial rooting services for Android devices. Apparently, the myriad clever exploits that such providers use to root your device can easily fall into the wrong hands.

About Jaikumar Vijayan

Vijayan is a freelance journalist and technology content writing specialist with 20+ years of award-winning experience in IT trade journalism. He is a former Senior Editor at Computerworld Inc.and is a frequent contributor to Christian Science Monitor Passcode, Computerworld, Dark Reading, eWEEK and other publications. Vijayan is the author of BlackBerry's "The Definitive Guide to Mobile Security: Strategies and Tactics for Business & IT Decisionmakers" e-book on mobile security and an author of security white papers for the SANS Institute.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus