Beruflich Dokumente
Kultur Dokumente
Rowena Pagarigan
October 9, 2018
IS326: E-Commerce
CUNY SPS: Fall 2018
1 of 8
The case study, “Insight on Technology: Think Your Smartphone is
Secure?” (Laudon & Traver, 2016, p. 282-283) discusses the vulnerabilities that exists in
mobile phones and how Apple and Google handle these concerns in respect to their
misinformation regarding the level of security their mobile device has. The following
paper elaborates on that case study’s contents while expanding upon such issues as
the perceived security of IOS devices and the ethical and privacy issues tied into law
approach, meaning they tend to be highly selective about which apps can be distributed
in their app store for quality assurance purposes. They have a strict set of guidelines
that must be adhered to by developers which then will undergo a vetting process for
design, legal, IP, gaming / gambling / lotteries, VPN apps, and developer code of
Google’s Android App Store has more of an open concept and as a result, more
exponential power of the crowd to advance its state. According to BigCommerce (n.d.),
“The fundamental functions of the Internet are built on open source technologies.” In
terms of security the Google method is better at being able to spot malicious apps and
2 of 8
Google before they can distribute apps through Google Play” (Laudon & Traver, 2017,
p. 283).
While Apple’s App Store approval process can take 3-6 days, Google’s Play
Store process takes at most 3 days, but on average, 24 hours (Girdhar, 2017). The
level of ease that comes with Google’s process can unfortunately invite bad actors to
app rules make some user information available to all apps by default” (Laudon &
Traver, 2017, p. 282). Apple quietly changed these App store rules in June of 2018.
updated App Store Review Guidelines that now bar developers from making databases
of address book information they gather from iPhone users” (Frier & Gurman, 2018)
during their annual developer conference. The same article further elaborates on what
has been a standard practice by both Apple and Google’s mobile platform: “Developers
ask users for access to their phone contacts, then use it for marketing and sometimes
share or sell the information -- without permission from the other people listed on those
on Apple devices, allowing a user to download apps from other sources besides the
official Apple App Store. “Jailbreaking can also be used to bypass Digital Rights
Management” (Rouse, n.d.) in order to download and distribute copyrighted content via
torrents and media servers. In this context, jailbreaking is the term used for Apple
devices, but it can also be done to Amazon devices which has a similar closed
3 of 8
ecosystem. For Android users, the term rooting is widely used and synonymous to
jailbreaking. They all essentially have the same meaning behind it: privilege escalation.
are security vulnerabilities, instability, shortened battery life, unreliable voice and data,
Apple mobile device to allow root access to system files means your device is not
contained in that conceptual walled garden anymore. This increases the exposure to
malware and hacking efforts since the built-in security layer has been removed. There
are jailbreak tweaks that are actually designed to create a backdoor into the system
device and all of its contents. Once a device has been jailbroken, all manufacturer and
service warranties are null and void, meaning you simply cannot walk into an Apple
To a certain extent the walled garden concept does promote a more secure
arsenal is a mixed bag: iMac Desktop, Android phone (LG), and a Windows Convertible
Laptop (ASUS). I have Norton Security installed in all of them. It does feel like my
Apple desktop is more secure because of the stringent management of its proprietary
software and app store. I can only base my judgement on my own experience with the
technologies I have owned previously. In recent years, I have owned Windows laptops;
two out of three succumbed to damages resulting from malware, despite having a
security system and routine maintenance in place. I have only owned two Apple
4 of 8
devices: a laptop and my current desktop, neither one have experienced any security
issues.
As for mobile devices, I prefer Android phones due to their flexibility and file
storage. The reason why I dislike IOS is not based on security but more on lack of
customization. I am restricted to the apps they offer (via App store with a poor search
feature), the user interface they designed (versus Android custom launchers), and the
storage allotted (no input for external storage). If I had to isolate a security issue, it
would be the single point of failure caused by Trustjacking; an IOS flaw in establishing
trust to a computer in order to pair devices that enables hackers to hijack the device via
who need to be able to perform digital forensics to seized devices in order to collect,
investigate possible leads and aid in the prevention of criminal activities. A closed
architecture such as Apple’s iPhone have security that can only be unlocked by its
Should law enforcement agencies have the power to bypass encryption and
phone security? My answer is no. Giving anyone unquestioned and unlimited backdoor
access to technology will enable other exploits to get through the system. Do they need
access to critical data in a device used by someone who committed a crime? Yes. In
order to do their job to investigate unlawful acitivity, access to digital evidence is crucial.
5 of 8
However, the method of obtaining that evidence needs to be agreed upon by both law
enforcement agencies and the technological providers and should not encroach upon
basic human rights. Having an all access skeleton key that bypasses security defeats
the purpose of having security not to mention opens up the floodgates for invasion of
privacy. Perhaps the tech companies can assist by unlocking the device in their
controlled environment and letting forensics extract what they need before locking it
back up.
Summary
primary concern to individuals. In a digital world full of identity thefts, credit card frauds,
and mass surveillance, your personal information is currency. Security is only as strong
as the weakest link and this usually means the end user. The best way to combat
security issues is through persistent education since digital threats evolve just as quickly
as the technology that makes it possible. Lastly, while the highest standard of mobile
security should be sought out and implemented, it should not impede or take away an
I will close with an Edward Snowden quote: “Arguing that you don't care about
the right to privacy because you have nothing to hide is no different than saying you
don't care about free speech because you have nothing to say.”
6 of 8
References:
vulnerabilities, instability, shortened battery life, and other issues. Retrieved from
https://support.apple.com/en-us/HT201954
Apple.com. (2018, June 4). App store review guidelines - Apple developer. Retrieved
from https://developer.apple.com/app-store/review/guidelines/
Benjamin, J. (2015, August 25). Report: 220,000 iCloud accounts breached due to
2015/08/25/report-220000-icloud-accounts-breached-due-to-jailbreak-tweak-
backdoor/
BigCommerce. (n.d.). What is open source, and why is it important? Retrieved from
https://www.bigcommerce.com/ecommerce-answers/what-open-source-and-why-it-
important/
Cimpanu, C. (2018, April 18). iOS trustjacking attack exposes iPhones to remote
trustjacking-attack-exposes-iphones-to-remote-hacking/
Fox-Brewster, T. (2018, February 28). The feds can now (probably) unlock every iPhone
thomasbrewster/2018/02/26/government-can-access-any-apple-iphone-cellebrite/
#f97103e667a0
7 of 8
Frier, S., & Gurman, M. (2018, June 13). Apple tries to stop developers from sharing
2018-06-12/apple-cracks-down-on-apps-sharing-information-on-users-friends
Girdhar, A. (2017, June 2). 7 ways Apple App Store can become better than Google
app-store-can-become-better-google-play-store/
Laudon, K. C., & Traver, C. G. (2017). E-commerce security and payment systems. In
definition/jailbreaking
8 of 8