Symantec Expands Security Products To Cover Android & iOS

The New Acunetix V12 Engine


Most of the big companies in the modern age of business are moving to the acquisition model rather than developing new technologies, Symantec has made a few purchases in recent years.

Their latest move is to offer security for the hot smartphone platforms Android and iOS, which powers the new iPhone 4 and iPad. The most recent security flaw on Android was due to an exploit in Flash that could be used to compromise the system.

They can move into this area with the expertise from their purchase of VeriSign earlier this year. They already have mobile security support for Symbian, BlackBerry and Windows Mobile.

Symantec is extending its support of smartphone platforms in a bid to make its security and management technology as ubiquitous in the mobile world as it is on the desktop. The security giant announced added support for Android and Apple iOS platforms to its mobile security and management portfolio during the opening of its Symantec Vision conference in Barcelona today. This is in addition to existing support for Windows Mobile, Symbian and BlackBerry smartphones

The technology covers functions such as device security, encryption and authentication. Password policy enforcement, remote wipe and device inventory functions are also included in enterprise versions of the software.

VeriSign Identity Protection (VIP) Access for Mobile, PGP Mobile and Symantec Endpoint Protection Mobile Edition are the three main products in Symantec’s push to sell both enterprises and service providers on its ability to minimise problems such as mobile network misuse, malware proliferation and spam. The enterprise versions of the product are available immediately, with the telecoms carrier versions coming online next quarter. Symantec paid $1.3bn to buy VeriSign in May and intends to make good of this investment with increased sales in mobile technology.

I’d say those users who have security problems on the iOS platform are most commonly those have executed some kind of jailbreak on the device. The most memorable of course being the rickrolling of users, which was shortly followed by a malicious version of the worm.

From what I know though with a correct implementation of BES aren’t BlackBerry users already covered on all these fronts? And as for iOS as long as it hasn’t been jailbroken and it’s using Mail for Exchange I don’t see any danger.

Same goes for Android, as long as it’s not rooted..it should be safe.


The payment by phone concept has been kicking around the IT industry for some years. It’s an appealing idea but many pieces need to fall in place to realise the vision. Handset manufacturers, mobile telcos, payment providers, banks and retailers all need to be on board – quite apart from the security piece, which Symantec is in as good a place as anyone in the security market to supply.

Salem acknowledged the difficulty of the IT industry as a whole to make the e-wallet concept a reality. Symantec’s strategy is to focus on building bilateral relationships, starting with a small number of retailers and payment providers. “There’s not going to be one ID for the internet,” Salem said. “The idea that there will be one authoritative service is far-fetched. It’s not going to happen.”

Symantec also wants to persuade consumers to buy Norton Mobile Security for Android, possibly in extension to existing desktop versions of Symantec’s consumer-focused security software, to tackle the yet-to-emerge threat of malware capable of infecting Android devices. While it’s true that a couple of SMS Trojans infecting Android smartphones have appeared in Russia, the problem is minuscule compared to the hundreds of thousands of strains of Windows-specific worms, Trojan, viruses, rootkits and botnet agents that have been the mainstay of the security threat landscape for many years.

What I really don’t need is another process swallowing up cycles on my 600mhz mobile processor. As the desktop market is pretty saturated I’d expect to see more security companies coming out with solutions for mobile platforms.

The smartphone market is exploding right now so I’m pretty sure bad things will start to happen soon enough.

Source: The Register

Posted in: Countermeasures, Security Software

, , , , , , , , ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


2 Responses to Symantec Expands Security Products To Cover Android & iOS

  1. Firehawke October 7, 2010 at 8:00 pm #

    Absolutely not true. There was a recent PDF exploit on IOS that could allow for a complete takeover of the phone. I don’t know if any exploit code was generated outside of the jailbreak that used it, but it easily could have turned ugly.

    It’s really surprising that there haven’t been MORE attacks on these architectures considering the growth in the userbase over the last few years.

    Just because a device isn’t jailbroken doesn’t mean there’s not a huge security hole lurking somewhere in there for a virus or other malware to infect.

    • Darknet October 8, 2010 at 8:55 am #

      That’s true indeed, forgot about the whole jailbreakme.com thing which did work on phones that hadn’t been jailbroken.

      But yah, I’d expect to see more attacks and more ‘software security solutions’ for mobile platforms popping up.