On 12/10/12 10:17 -0500, Rich Kulawiec wrote:
On Sun, Dec 09, 2012 at 12:25:50PM -0600, Dan White wrote:
Mobile offers homogeneous targets, but also targets which can be fixed,
overnight, by vendors with deep pockets.
I don't see how, but maybe I'm not reading this as intended. If malware
has asserted control of a mobile device, can't it prevent the fix from
being downloaded? (Or, alternatively, simply lie to the user about
the status of the download?)
I suppose that's a risk. I would hope that what ever vulnerability, or user
confusion, led to the installation of malware, would not also affect the
ability of the vendor to push a new fix. However, if the malware gets root,
all bets are off.
--
Dan White
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
