Smartphone platforms and the app stores that serve them should conform to an agreed, industry-wide set of security principles in order to safeguard their users, a new report from EU cybersecurity agency ENISA has argued.
Most of the ENISA’s (European Network and Information Security Agency) ‘five lines of defence’ in its paper Appstore Security will sound uncontroversial, starting the importance of a security architecture that sandboxes applications on the device, and that apps install with a ‘kill switch’, a means for platform providers to de-install those later deemed insecure.
The Agency is also keen on thorough app review, a vetting process that apps should undergo before being posted on download stores, backed up by a comprehensive reputation mechanism and certificate system for developers creating apps.
The fifth recommendation - that platforms restrict from which sites users can download apps in walled gardens – is more contentious because it runs counter to the model pursued by Google, which allows third-party sites in addition to its own Market.
The report stops short of analysing each of the major smartphone app stores against its security criteria, or even suggesting that any of them might be deficient, but the current relative weakness of Android against these criteria is clear.
“Different smartphone platforms and different app stores currently address malware and insecure apps differently, which for consumers can be confusing,” the authors note. “Without overlooking the differences between the various smartphones models and appstores, we recommend an industry-wide approach to addressing malware and insecure apps.”
Many of Google’s publicised security problems have originated with third-party download sites and to some extent poor app vetting, which stem from its more open model. In July, an analysis by the CEO of security company Trusteer, Mickey Boodaei, criticised Google for its confused system for reporting rogue apps and poor response times when reports are made by security companies.
The Agency suggests that the industry come up with a cross-platform reputation system that works across app stores but this seems unlikely to come to pass. Apple’s heavily vetted App Store is seen by that company as a major competitive advantage; making life more secure for its rivals is hardly going to be a big priority.
The Agency’s argument for a combined system is that, in the long run, individual reputation systems, even walled gardens such as Apple’s could be vulnerable to attacks that seek to circumvent their security procedures.
The report’s biggest conclusion is that app stores vary considerably from vendor to vendor in terms of security, subtly differences that might not be obvious to end users in the absence of widespread attacks.
As the report points out, major attacks against smartphones are still the exception and “pales in comparison with PCs,” but that draws attention to the potential for the mobile age to plug the security mistakes of the past.
With the PCs, the primary point of attack was on the device itself whereas in the mobile world what happens on the device is controlled to a large extent by the platform provider and the architecture of the app store. The app store is in the front line of any security battle in a way no vendor website could have been.