Menu
US FCC, FTC launch inquiry into smartphone security updates

US FCC, FTC launch inquiry into smartphone security updates

The government is trying to see if security updates can land in consumer's phones faster

The U.S. Federal Communications Commission and Federal Trade Commission have opened parallel inquiries into the way smartphone security updates are issued and handled by major mobile carriers and device makers.

The two agencies say they are responding to the growing amount of personal information held in smartphones and a recent rise in the attacks on the security of that information.

The FCC has sent letters to AT&T, Verizon, T-Mobile, Sprint, and U.S. Cellular asking for information on their processes for reviewing and releasing security updates for mobile devices. The FTC has asked for similar information from Apple, Blackberry, Google, HTC, LG, Microsoft, Motorola, and Samsung.

The companies, which control the vast majority of mobile contracts and smartphone handsets sold in the U.S., have 45 days to respond, at which time the two agencies will analyze the responses and share data with each other.

The inquiries haven't risen to the level of a formal investigation or rulemaking, but they could depending on what is discovered.

"We're attempting to get an assessment on the state of what carriers do to push out patches for device vulnerabilities, how quickly they do it, and what are some of the barriers and challenges they have," said Neil Grace, a spokesman for the FCC.

As part of its inquiry, the FTC is asking for information about when device makers learn of vulnerabilities from software and chip vendors and when or if they issue security updates.

Because cellular carriers customize the software on their devices, it's often not possible for operating system vendors like Google to push updates directly to consumers. The updates have to be submitted to carriers and then work through the carrier's own control process before being released.

Part of the motivation for the inquiry was the Stagefright vulnerability that hit hundreds of millions of Android phones last year. Stagefright left phones vulnerable if a user clicked on a specially formatted MMS message.

Google provided a fix but had to wait until cellular carriers pushed the update to customers. On older phones, some consumers might not have received the update at all.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Google

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments