Conversation with Thomas Cannon on Android Security, Part 3
by VPNHaus | 12/28/2010 |Expert Q&A
VPN Haus continues its conversation with Thomas Cannon, a security researcher who made news last month when he discovered a vulnerability on the Android OS that could make devices susceptible to data theft. After finding the threat, Cannon alerted Google, receiving a response from their security team in 20 minutes. In his blog, Cannon points out, “responsible disclosure would normally prevent me from publishing the advisory while there is a chance the users will get a fix in a reasonable timeframe. However, despite the speed at which Google has worked to develop a patch I don’t believe this can happen. The reason is that Android OS updates usually rely on OEMs and carriers to provide an update for their devices.”
VPN Haus: Do you think security concerns will keep the enterprise from embracing Android? Is there anything the enterprise can do to bolster the security of Android devices?
Thomas Cannon: I don’t believe openness will stop organizations from embracing Android, I see it as an advantage. I do think there is a real opportunity for a company to offer support and management of Android devices for organizations, and perhaps that w
VPN Haus: Are there any other key security concerns surrounding the open platform model for mobile devices? (as Windows is taking a similar approach)?
Cannon: Currently, I’m not finding other key security issues concerning an increased choice in hardware. I very much see these devices as consumer grade equipment and they should be risk assessed as such. That risk may be an acceptable trade-off for incre
VPN Haus: Very interesting. Thank you, Thomas.
For the first two parts of Cannon’s Q&A, click here.