Feds to Take a Hard Look at Mobile Device Patch Practices

Feds to Take a Hard Look at Mobile Device Patch Practices

The U.S. Federal Commerce Fee and the Federal Communications Fee on Monday introduced a joint investigation into the difficulty of cell system safety updates.

The FTC issued an order requiring eight cell system producers — Apple, BlackBerry, Google, HTC America, LG Electronics USA, Microsoft, Motorola Mobility and Samsung Electronics America — to present details about how they subject safety updates to handle cell system vulnerabilities.

The data they need to present consists of the next:

  • What elements they contemplate when deciding whether or not to patch a vulnerability;
  • Detailed information on the cell units they’ve supplied on the market since August 2013;
  • The vulnerabilities which have affected these units; and
  • Whether or not and after they patched the vulnerabilities.

FTC members voted unanimously to subject the order below Part 6(b) of the FTC Act.

It is a part of the fee’s ongoing efforts to perceive the safety of shoppers’ cell units, which included a workshop in 2013 and a follow-up public remark interval in 2014.

Service Focus

On Monday, Jon Wilkins, the FCC’s Wi-fi Telecommunications Bureau chief, wrote to wi-fi carriers asking about their processes for releasing safety updates.

His letter is split into 4 sections: basic questions, questions in regards to the growth and launch of safety updates, consumer-specific questions, and questions particular to the Stagefright Android bug.

The letter was despatched to AT&T, Verizon, T-Mobile, U.S. Mobile, Dash and TracFone, FCC spokesperson Neil Grace mentioned.

“The letters had been despatched yesterday, so I can not affirm that we have acquired responses,” he informed TechNewsWorld.

Cause for Concern

America’s shift to cell units has been rushing up. In the meantime, vulnerabilities related to cell working techniques, together with Stagefright — which can have an effect on nearly 1 billion Android units worldwide — are growing, the FCC mentioned.

earlier this yr detailed a

, named “Metaphor,” which impacts 30 % of all Android units.

Delays in patching vulnerabilities might depart shoppers unprotected for lengthy durations, the FCC asserted. OS suppliers, unique tools producers and cell service suppliers have addressed vulnerabilities as they come up, however there are vital delays in delivering patches to units, and older units may by no means get patched.

Options First

Carriers might delay updates as a result of they first need to take a look at them for reliability and compatibility with their very own software program and apps.

“The carriers are saying that sustaining a base of distinctive software program options is extra vital than the patron’s security and safety,” mentioned Rob Enderle, principal analyst at the .

“This should not be an both/or drawback, however since they make it that, security and safety ought to come first,” he informed TechNewsWorld.

Almost 28 million Android units with medical apps are probably to home high-risk malware,

has discovered.

Complicating the difficulty, 26 % of Android units worldwide run Android 4.3, launched in 2013, or earlier, in accordance to


Neither OEMs nor OS suppliers need to replace older units or variations of the OS, partly due to the fee and partly as a result of older units do not have the muscle to run new variations of Android.

Nonetheless, OS suppliers and OEMs need the patches to be utilized rapidly, Enderle identified, and that “could lead on to a large discount in management by the carriers.”

Regulatory Oversight

“Authorities’s first focus is on their residents, and proper now these residents are badly uncovered as a results of [carriers’] ill-conceived practices,” he mentioned.

That mentioned, “for the FCC to assert regulatory oversight on this space so all people has to file plans for rolling updates goes to gradual issues down,” famous Mike Jude, program supervisor, .

“The distributors will in all probability take them to court docket,” he informed TechNewsWorld, “as a result of regulatory oversight will enhance prices, decelerate upkeep of units, pressure distributors to help archaic units, and make the price of updating unmaintainable.”
Feds to Take a Hard Look at Mobile Device Patch Practices

Related posts

Has Intel Been Bitten by the Pay-TV Bug?


What Would an iPhone Look Like?


Android Sneaks Onto the Desktop in Giant HP Tablet