Current location - Quotes Website - Signature design - What are the problems of information security in intelligent mobile terminals and what measures are needed?
What are the problems of information security in intelligent mobile terminals and what measures are needed?

1. Security threats of mobile terminals

(1) Applications

Applications in mobile terminals often become the first choice of malicious attackers because of their low attack level requirements.

(1) mobile spyware application.

"Spyware" will hide itself in the user's visual range, load it on the user's device, steal the user's short messages, website browsing records, call records, location information, etc., and keep monitoring and monitoring the user. Send the stolen data to the remote server in a way that users are unaware of. Spyware can even monitor the equipment environment and avoid detection through self-destruction. Some "spyware", such as the FinFisher spyware recently detected by security experts, can steal users' personal data from designated applications (WeChat, Facebook and some mainstream foreign social software).

(2) bank malicious applications.

some bank malware will sneak into the device terminal in the form of trojans, and wait for opportunities to steal sensitive banking information of users in a similar way as phishing. Nowadays, the change of mobile payment has brought greater potential risks to users. Powerful mobile terminals enable users to carry out financial activities anytime and anywhere, which further attracts new malicious applications dedicated to stealing transaction information and electronic money to some extent.

(3) obsolete applications.

Software updates generally fix the security vulnerabilities of the current version. Compared with the latest application version, the security vulnerabilities of the old application will be discovered by malicious attackers because it has been released for a long time. Malicious attackers will use the security vulnerabilities in the old version to attack users who still use the old version, which will greatly threaten the privacy of users and the data security of the application.

(II) Operating system platform

Applications in mobile terminals do not have the ability to call the hardware level, and all applications need to use the API interface provided by the operating system that uses the physical resources of the terminal. Application developers use the open API interface to develop applications, and use the application store to publish the developed applications, which users can download and use through the application store. If some sensitive APIs (such as camera, location, etc.) are maliciously used by developers, it will bring security problems such as privacy theft and remote control. Based on its open source code, Android operating system can actively discover some potential security vulnerabilities in time, but its open application distribution mode allows users to install applications from application sources outside the official application market.

Android developers only need the developer's signature to develop an application. Compared with the application developed on the iOS platform, iOS needs not only the developer's signature, but also the signature of Apple's server. To get the official signature of Apple, there must be a two-month review period, and the AppStore will also limit the number of new applications every week. Therefore, the applications provided by iOS to users are strictly reviewed. Compared with the mechanism of Android, iOS will be more orderly and secure.

ii. countermeasures against security threats of mobile terminals

(1) always use trusted data networks

for mobile terminals, trusted networks include data networks of wireless service providers and Wi-Fi connections provided by companies, homes and trusted locations. This can ensure that the network used for data transmission has no security threat and cannot be used by attackers to obtain the transmitted sensitive data. It is much easier to set up and manage fake Wi-Fi connection points than fake cellular data connections. Therefore, using cellular data connection provided by wireless service providers can effectively reduce the risk of attack.

(2) Obtaining applications in a reliable way

For the mobile terminal we use, the operating system of the terminal will have its own application store, such as the Apple operating system platform will have the AppStore;; The Android operating system platform will generally be equipped with GooglePlay or an application store developed by some device providers. For example, Huawei will have a Huawei application market. Downloading an application using the application store provided by the equipment supplier will greatly enhance the source security of the application.

(3) Give the application the least access rights

When downloading and installing the application from the application market, make sure that only the minimum rights required for the application to run are given. If the permissions of an application are excessive, users can choose not to install the application or mark the application as suspicious, and do not easily confirm the access rights mentioned in the application.

Related articles
  • Never offend an artist.
  • WeChat avatar of a woman bringing wealth, WeChat avatar cartoon of a woman bringing wealth
  • Why do five hospitals refer to TFBOYS and Joker Xue?
  • 2020 Guilin University of Electronic Science and Technology Freshmen Admission Instructions and Registration Time
  • A very cultural and elegant nickname, a selected WeChat name with meaningful connotations
  • How many years have it been since the Warriors drafted the No. 1 pick?
  • Translate Jay Chou Youlem advertisement into English! Come on if you know English!
  • How to register a company, urgent! ! !
  • Avril Ramona Lavigne information
  • China Merchants Bank’s five major documents loss protection

    • copyright 2024 Quotes Website All rights reserved