Joke Collection Website - Public benefit messages - What problems exist in the information security of intelligent mobile terminals and what measures need to be taken?
What problems exist in the information security of intelligent mobile terminals and what measures need to be taken?
(1) Application procedures
Applications in mobile terminals often become the first target of malicious attackers because of their low attack level requirements.
(1) mobile phone spy application.
Spyware will hide itself in the user's visual range, load it on the user's device, and steal the user's short messages, website browsing records, call records, location information, etc. , and keep monitoring and monitoring of users. Sending the stolen data to a remote server in a way that users don't know. Spyware can even monitor the equipment environment and avoid detection by self-destruction. Some "spyware", such as FinFisher spyware recently detected by security experts, can steal users' personal data from designated applications (WeChat, Facebook and some mainstream foreign social software).
(2) bank malicious applications.
Some bank malware will sneak into the device terminal in the form of Trojans, waiting for an opportunity to steal users' bank sensitive information in a way similar to phishing. Nowadays, the change of mobile payment brings greater potential risks to users. Powerful mobile terminals enable users to conduct financial activities anytime and anywhere, which further attracts new malicious applications dedicated to stealing transaction information and electronic money to some extent.
(3) Eliminate applications.
Software updates generally fix security vulnerabilities in the current version. Compared with the latest application version, the security vulnerabilities of the old application will be discovered by malicious attackers because of its long release time. Malicious attackers will use the security vulnerabilities in the old version to attack users who are still using the old version, which will greatly threaten the privacy of users and the data security of applications.
(2) Operating system platform
The application in the mobile terminal does not have the ability to call the hardware layer, and all applications need to use the API interface provided by the operating system that uses the physical resources of the terminal. Application developers use the open API interface to develop applications, and use the app store to publish the developed applications, which users can download and use through the app store. If some sensitive APIs (such as camera, location, etc. Malicious exploitation by developers will bring security problems such as privacy theft and remote control. Based on its open source code, Android operating system can actively discover some potential security vulnerabilities in time, but its open application distribution mode allows users to install applications from application sources outside the official application market.
Android developers only need the developer's signature to develop an application. Compared with the application developed on the iOS platform, iOS needs not only the signature of the developer, but also the signature of the Apple server. To get Apple's official signature, there must be a two-month review period, and the AppStore will also limit the number of new applications per week. Therefore, the applications provided by iOS to users are strictly reviewed. Compared with the mechanism of Android, iOS will be more orderly and secure.
Second, measures to deal with the security threats of mobile terminals.
(a) Always use a reliable data network
For mobile terminals, trusted networks include data networks of wireless service providers and Wi-Fi connections provided by companies, homes and trusted locations. This can ensure that the network used for data transmission has no security threat and will not be used by attackers to obtain the transmitted sensitive data. It is much easier to set up and manage fake Wi-Fi connection points than fake cellular data connections. Therefore, the use of cellular data connections provided by wireless service providers can effectively reduce the risk of attacks.
(B) the use of reliable ways to obtain applications
For the mobile terminal we use, the operating system of the terminal will have its own application store, for example, the Apple operating system platform will have an AppStore;; The Android operating system platform is generally equipped with GooglePlay or an application store developed by some device providers. For example, Huawei will have a Huawei application market. Using the application store provided by the equipment supplier to download the application will greatly enhance the source code security of the application.
(3) Give the application the least access rights.
When downloading and installing an application from the application market, please ensure that only the minimum permissions required to run the application are provided. If the permissions of an application are too large, users can choose not to install the application or mark the application as suspicious, and do not easily confirm the access permissions mentioned in the application.
- Previous article:I accidentally found that my girlfriend received a message from someone calling her "wife, baby" on her mobile phone. It's hard for me to accept. What should I do?
- Next article:Master sent a congratulatory letter last year about caring for customers. I am doing Taobao. Thank you. Thank you very much.
- Related articles
- The transportation credit card has been approved but I don’t know my zip code. How can I check the zip code? Help.
- Bai Mo and this renewal fee can be settled?
- How do you know that retirement is approved?
- The fluorite cloud camera is bound by others, how to force it to be unbound?
- SF Express updates logistics information every few hours.
- Why can't I send a text message when I receive it?
- What brand of car is dorcen?
- Electronic coupons in Starbucks Star Card
- Send SMS application
- How to evaluate Zhou? .