Re: Mobile phone OS security changing?

["Kenneth R. van Wyk" <Ken () KRvW com>]

On Wednesday 06 April 2005 09:26, Michael Silk wrote:
> The last thing I want is my mobile phone updating itself. I imagine
> that sort of operation would take up battery power, and possibly cause
> other interruptions ... (can you be on a call and have it update
> itself?)

I vividly remember a lot of similar arguments a few years ago when desktop PCs 
started doing automatic updates of OS and app software.  Now, though, my 
laptop gets its updates when it's connected and when I'm not busy doing other 
things.

My main point, though, is that the status quo is unacceptable in my opinion.  
If a nasty vulnerability is found in most of today's mobile phone software, 
the repair process -- take the phone to the provider/vendor and have them 
burn new firmware -- just won't cut it.  For that matter, a lot of PDAs are 
in the same boat.

Sure, we'd all prefer better software in those devices to begin with, but as 
long as there are bugs and flaws, the users of these devices need a better 
way of getting the problems fixed.

> Personally, I would prefer a phone that doesn't connect to the
> internet at all rather than a so called 'secure' phone.

For the most part, those days are over.

> From reading the article it seems like the application asks to be
> installed, (is that correct?) so it doesn't seem like that big of a
> problem [unless phones start to get into the 'trusted'/'non-trusted'
> application area..]

Fortunately, no one would ever think of removing that query from the worm
or circumventing the mechanism in the OS, so that it copies itself without 
notice in the future.  ;-\

Cheers,

Ken van Wyk
-- 
KRvW Associates, LLC
http://www.KRvW.com