FCC FTC Look at Mobile Updates


 FCC FTC Look at Mobile Updates

FCC FTC Look at Mobile Updates

The Federal Communications Commission (FCC) and Federal Trade Commission (FTC) are looking for details on how companies release their mobile security updates. Per CNET, the FCC sent letters to the four major U.S. carriers. They are AT&T, Sprint, T-Mobile and Verizon. The FTC are looking into the mobile device and software makers, most notably Samsung, Apple and Google.

The FCC targeted one bug in specific called Stagefright, according to The Verge. Stagefright continues to be exploited in unique ways after several patches to fix the holes.

As reported by PC Magazine, the companies were asked to respond to the questions within 45 days. The FTC are asking questions such as, What are the factors considered in deciding whether or not to patch a vulnerability on a particular mobile device? They are also requesting detailed data on devices sold since August 2013.

 

Our Analysis

This is a very interesting topic because most phones stop receiving timely patches after the first year of release. Unless you root your phone and flash updated ROMs to get the latest Operating System or features, then your operational device gets left behind. Before carriers started offering leasing programs, they offered a 2-year contract. By the end of the contract most devices hadn’t received updates for six to eight months.

It hasn’t been reported on whether or not these companies will be fined or forced to an update schedule, but it could lead to setting up a precedent for future devices. A monthly release of patches would tremendously help device longevity, but could cut into the bottom line of these companies who make new versions of flagship phones yearly.

With mobile devices being used more frequently for shopping, banking and other personal matters, they need to be as secure as possible to prevent identity theft. It is however the user’s responsibility to be aware of vulnerabilities and bugs going around to help prevent becoming a victim. If you own one of these devices through a carrier, then this is a topic worth following to ensure you are getting the most out of the device you currently use.


Announcements and Resources

If you believe you may have had your credentials stolen, please check out haveibeenpwned.com and enter your email address

Advanced Persistent Security has partnered with the EC-Council to provide a discounted EC-Council Training Event to our readers and listeners. The codes are only good for the Hacker Halted event in Atlanta, GA September 11-14 and 15-16, 2016. Below are the codes, if you have any questions, Contact Us:

SEPTEMBER 11TH-14TH, 2016

$1,999 Courses if you register using discount code: HHAPSTRN

Choose one of the following courses and exams:

  1. Certified Ethical Hacker (C|EH)*
  2. Computer Hacking Forensic Investigator (C|HFI)*
  3. Certified Security Analyst (E|CSA/L|PT)*
  4. Certified Chief Information Security Officer (C|CISO)*

All courses include:

  • Official Courseware
  • 1 Complimentary Exam Voucher
  • Certificate of attendance
  • Lunch and coffee breaks throughout the duration of the training
  • Complimentary Pass to Hacker Halted – Atlanta conference (September 15 & 16)

September 15-16, 2016

*Individual conference passes can be purchased for $35 (down from $199) Use code: HHAPSCON

Instructions for registration:

1) Click here

2) Fill in all the necessary info

3) Enter Qty (1) for conference pass – public

4) Enter promotional code HHAPSCON (for $35 Conference Passes) HHAPSTRN (for $1,999 Courses)

Recent APS Posts

Change Your Email Password Now!
Qatar Bank Breached After Bangladesh
Bangladesh Bank Loses 80 Million USD
Ransomware Infects Android 4.x
Spotify Allegedly Hacked…Again
MedStar Health Cybersecurity Fails to Prevent Attack
Ransomware Locks MBR
Iranian hackers hit with Federal charges
Spear Phishermen Target Corporate W-2 Data
4 Things to Know About Ransomware
Ransomware Hits Mac Computers

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

References

CNET
Bloomberg
The Verge
PC Magazine

 

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Scott Entsminger

Scott Entsminger was born and raised in Virginia. He graduated from Radford University with a Bachelor’s of Science in Criminal Justice. Scott has worked for the Department of Defense since graduating college. He is an expert in Windows Administration; with specific experience in Group Policy and vulnerability remediation. He also has specific experience in Information Assurance (IA) and Cyber Security.

Scott holds the CompTIA Security+ certification. He is always looking to diversify his skillset. Scott is an avid sports fan, particularly baseball. He also is an avid gamer and enjoys learning different skills involving his PC.