|
 The agencies have written to Apple Inc, AT&T Inc and Alphabet Inc,
among others, in order "to better understand, and ultimately to
improve, the security of mobile devices," the FCC said.
The FCC sent letters to six mobile phone carriers on security
issues, while the FTC ordered eight mobile device manufacturers
including BlackBerry Ltd, Microsoft Corp, LG Electronics USA Inc and
Samsung Electronics America Inc [SMELA.UL] to disclose "the factors
that they consider in deciding whether to patch a vulnerability on a
particular mobile device."
The FTC also seeks "detailed data on the specific mobile devices
they have offered for sale to consumers since August 2013" and "the
vulnerabilities that have affected those devices; and whether and
when the company patched such vulnerabilities."
The agencies are opening the inquiry about how mobile carriers and
manufacturers handle security updates for mobile devices because
consumers and businesses are conducting a growing amount of daily
activities on mobile devices and new questions have been raised
about how the security of mobile communications.
The "safety of their communications and other personal information
is directly related to the security of the devices they use," the
FCC said. "There have recently been a growing number of
vulnerabilities associated with mobile operating systems that
threaten the security and integrity of a user’s device."
The FCC said it sent letters to mobile carriers including AT&T,
Verizon Communications Inc, Sprint Corp, U.S. Cellular Corp,
Tracfone Wireless, which is owned by America Movil SAB, and T-Mobile
US, which is owned by Deutsche Telekom, "asking questions about
their processes for reviewing and releasing security updates for
mobile devices."
The companies must respond to the FCC and FTC questions within 45
days.
There were more than 355 million U.S. mobile wireless devices in use
in 2014, the FCC said in a December report. The agency said that
number had risen to 382 million by mid-2015, citing company
disclosures.
[to top of second column] |
The FCC noted that a vulnerability called "Stagefright" in the
Android operating system could affect almost 1 billion Android
devices globally. Reuters reported in August that Google and Samsung
planned to release monthly security fixes for Android phones.
The change came after security researcher Joshua Drake found a
vulnerability that could allow attackers to send a special
multimedia message to an Android phone and access sensitive content
even if the message is unopened.
Google did not immediately comment on Monday. Apple declined to
comment.
Consumers may be left unprotected, potentially indefinitely, by any
delays in patching vulnerabilities, the FCC said.
John Marinho, vice president for cybersecurity at CTIA, a wireless
trade group, said in a statement that "customers’ security remains a
top priority for wireless companies, and there is a very strong
partnership among carriers."
(Editing by Bernadette Baum and Matthew Lewis)
[© 2016 Thomson Reuters. All rights
reserved.] Copyright 2016 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
