On the more absurd side of security debates, new one has emerged: what is more secure – Apple iPhone or Google Android?
Yes, we have yet to see Google’s product, but some guys are happy to talk. They happen to be security product vendors and security consultants. For example:
Gphone is open source, which means it can get a good kicking and shoeing, and can be worked on by just about anyone. It’s starting out in a better way than the iPhone, which has seen vulnerabilities. However, any new consumer won’t be secure when the first product comes out.
This comes form Ben Whitaker, head of security at mobile security development company Masabi. I’m puzzled. We haven’t seen anybody who has been impacted by vulnerabilities in iPhone. Same goes for other mobile platforms that already exist – Symbian, Windows Mobile and BlackBerry. Interestingly: iPhone runs Mac OS X, with Darwin core that is a derivative of FreeBSD, open and free as in fish and chips; Windows Mobile is based on Windows CE – you can get the source and modify it; and Linux is Linux. SDKs, APIs and emulators are widely available for all telephone platforms. And users mostly run in privileged context (as in: root, or can do anything on the systems).
But where are the evil hackers? There is more talk of vulnerabilities than there are vulnerabilities, let alone real exposures. New telephone platforms are the proof that security is changing, and the industry has to change from its current focus.