Symantec Expands Security Products To Cover Android & iOS

Use Netsparker


Most of the big companies in the modern age of business are moving to the acquisition model rather than developing new technologies, Symantec has made a few purchases in recent years.

Their latest move is to offer security for the hot smartphone platforms Android and iOS, which powers the new iPhone 4 and iPad. The most recent security flaw on Android was due to an exploit in Flash that could be used to compromise the system.

They can move into this area with the expertise from their purchase of VeriSign earlier this year. They already have mobile security support for Symbian, BlackBerry and Windows Mobile.

Symantec is extending its support of smartphone platforms in a bid to make its security and management technology as ubiquitous in the mobile world as it is on the desktop. The security giant announced added support for Android and Apple iOS platforms to its mobile security and management portfolio during the opening of its Symantec Vision conference in Barcelona today. This is in addition to existing support for Windows Mobile, Symbian and BlackBerry smartphones

The technology covers functions such as device security, encryption and authentication. Password policy enforcement, remote wipe and device inventory functions are also included in enterprise versions of the software.

VeriSign Identity Protection (VIP) Access for Mobile, PGP Mobile and Symantec Endpoint Protection Mobile Edition are the three main products in Symantec’s push to sell both enterprises and service providers on its ability to minimise problems such as mobile network misuse, malware proliferation and spam. The enterprise versions of the product are available immediately, with the telecoms carrier versions coming online next quarter. Symantec paid $1.3bn to buy VeriSign in May and intends to make good of this investment with increased sales in mobile technology.

I’d say those users who have security problems on the iOS platform are most commonly those have executed some kind of jailbreak on the device. The most memorable of course being the rickrolling of users, which was shortly followed by a malicious version of the worm.

From what I know though with a correct implementation of BES aren’t BlackBerry users already covered on all these fronts? And as for iOS as long as it hasn’t been jailbroken and it’s using Mail for Exchange I don’t see any danger.

Same goes for Android, as long as it’s not rooted..it should be safe.


The payment by phone concept has been kicking around the IT industry for some years. It’s an appealing idea but many pieces need to fall in place to realise the vision. Handset manufacturers, mobile telcos, payment providers, banks and retailers all need to be on board – quite apart from the security piece, which Symantec is in as good a place as anyone in the security market to supply.

Salem acknowledged the difficulty of the IT industry as a whole to make the e-wallet concept a reality. Symantec’s strategy is to focus on building bilateral relationships, starting with a small number of retailers and payment providers. “There’s not going to be one ID for the internet,” Salem said. “The idea that there will be one authoritative service is far-fetched. It’s not going to happen.”

Symantec also wants to persuade consumers to buy Norton Mobile Security for Android, possibly in extension to existing desktop versions of Symantec’s consumer-focused security software, to tackle the yet-to-emerge threat of malware capable of infecting Android devices. While it’s true that a couple of SMS Trojans infecting Android smartphones have appeared in Russia, the problem is minuscule compared to the hundreds of thousands of strains of Windows-specific worms, Trojan, viruses, rootkits and botnet agents that have been the mainstay of the security threat landscape for many years.

What I really don’t need is another process swallowing up cycles on my 600mhz mobile processor. As the desktop market is pretty saturated I’d expect to see more security companies coming out with solutions for mobile platforms.

The smartphone market is exploding right now so I’m pretty sure bad things will start to happen soon enough.

Source: The Register

Posted in: Countermeasures, Security Software

, , , , , , , , ,


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.


2 Responses to Symantec Expands Security Products To Cover Android & iOS

  1. Firehawke October 7, 2010 at 8:00 pm #

    Absolutely not true. There was a recent PDF exploit on IOS that could allow for a complete takeover of the phone. I don’t know if any exploit code was generated outside of the jailbreak that used it, but it easily could have turned ugly.

    It’s really surprising that there haven’t been MORE attacks on these architectures considering the growth in the userbase over the last few years.

    Just because a device isn’t jailbroken doesn’t mean there’s not a huge security hole lurking somewhere in there for a virus or other malware to infect.

    • Darknet October 8, 2010 at 8:55 am #

      That’s true indeed, forgot about the whole jailbreakme.com thing which did work on phones that hadn’t been jailbroken.

      But yah, I’d expect to see more attacks and more ‘software security solutions’ for mobile platforms popping up.