As a security software developer, we strive to make our technology available on the popular platforms where it is most required. There was a time when security software developers could focus only on supporting the different versions of the Windows operating system – XP, Vista, Win 7, and Win 8. Mac OS was added to the list that needed to be supported as it gained sufficient volume of users to attract attention from the bad guys. The move to mobile devices, as they also become the target of attacks, has now enlarged the operating systems that need to be supported considerably.
An interesting article comparing the rate of growth mobile devices, particularly iPhone, iPad and Android, to that of PCs and Macs, graphically illustrates the take-up of mobile technology. Note the logarithmic scale of these graphs which shrinks absolute differences so that trends can be highlighted.
Within each of the mobile operating systems there are different versions, each with implications for software developers, and every time a new mobile operating system is released security software developers need to make the require checks and changes. Tablets require display changes to software due to their screen size.
An added level of complexity is that security threats are different for the various mobile operating systems. iPhone and iPad are relatively secure due to their lockdown nature, where only one application is able to execute at a time, and only after passing thorough scrutiny for malicious activity from the official Apple app store. Some malicious activity can get through the process however, and phishing remains a serious threat on the platform. Android in comparison, is subject to just about every threat going. Windows mobile too has it’s vulnerabilities.
This week, with the announcement from RIM, the operating systems requiring security solutions just got wider still, as Blackberry 10 is added to the mix.
This expanding variety of operating systems is providing huge opportunities for criminals as well as serious challenges for the security industry. The interconnectedness of our digital activities means that the system is only as strong as it’s weakest link.