Results 1 to 1 of 1
03-07-2013, 02:16 PM #1
Mozilla’s Mobile Firefox OS Raises Security Questions
Web-based: Alcatel’s One Touch Fire, one of two announced models that will run the Firefox OS, displays a screen of apps.
Mozilla’s new Firefox OS for low-end smartphones—aimed initially at Eastern European and South American markets—will face challenges protecting users from the malicious mobile apps that are a growing problem around the world.
Malicious apps have been known to creep into Apple’s and Google’s app stores even in the face of security screening. More problematic are unofficial Android marketplaces, where knockoffs of popular apps are among the malicious versions that crop up (see “Attacks on Android Devices Intensify”). In response, an industry is growing around mobile security companies like Lookout (see “How to Detect Apps Leaking Your Data”).
In the case of Mozilla, the issue is that it will not just make apps available through its traditional app store, called the Firefox Marketplace. In addition, the company will encourage developers to make apps that can be downloaded from the Web or run from a Website. (While it is possible to download Android apps that are hosted independently, the practice is not very common.) The OS is based on a language called HTML5, which essentially makes Web applications work as well as desktop software. It allows websites viewed on mobile devices to act like apps that have been downloaded. Researchers have long been saying that this raises security concerns (see “New Web Standards Bring New Security Worries”).
It’s not clear how Mozilla will screen apps to eliminate those that could pose threats or privacy problems, says Janne Lindqvist, a mobile security researcher at the Winlab at Rutgers University. “How do you control the user privacy and security if you make it so flexible that with just some keyword search, you have lots of apps available? I can’t understand at this point at all what the security model will be,” he says. “Who controls what appears on your phone with the searches, and who controls what kind of information these suddenly appearing apps have?”