Sparse iPhone, iPad Screen Space Aids Phishers | threatpost

Sparse iPhone, iPad Screen Space Aids Phishers | threatpost.

Pinched screen real estate on iPhone devices may make it easier for users to be fooled into using bogus “phishing” Web sites, according to an analysis by researcher Nitesh Dhanjani.

In a post on the SANS Application Security Street Fighter Blog on Monday, Dhanjani called attention to the common practice of hiding the Web address once Web pages and applications have loaded. That practice, coupled with the ability of application programers to renderĀ  screen elements that can mimic real address bars, could throw open the door to the kinds of phishing attacks that modern browsers have long since rendered ineffective.

Dhanjani recommends URLs be displayed within the applications and more importantly that Apple (1) makes this a policy and (2) sets default behaviors to encourage this policy.

You can read Dhanjani’s post in its entirety at Insecure Handling of URL Schemes in Apple’s iOS.

Time for security protection on smartphones?

Critical vulnerabilities appearing in both iPhones and Android phones point to the need for third party security products.

Apparently Juniper and McAfee think so. Juniper recently announced that it was acquiring SMobile Systems for $70 million. McAfee acquired TenCube. Another product in this space is Lookout.

Finally, which operating system do you think is more secure? Do you prefer closed vs. open source? Here is a recent article from Network World discussing this issue.