Exploring wireless systems and vulnerabilities

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.


The malware in wireless mobile systems is increasing exponentially because of the experience gained by hackers in PC malware. The means of attack include Bluetooth, the internet (TCP communication, Wi-Fi), SMS etc. At the rate at which the vulnerabilities are exploited, mobile systems virus in a year will attain a level that a computer virus reaches in 10 years. By using insecure cellular services such as MMS, SMS and Bluetooth mobile users run the risk of information loss and device misuse. The standards and infrastructure in the mobile market are analyzed. Three main mobile operating systems are taken into consideration and its wireless vulnerabilities are listed. Then their respective architectures and layers are briefly discussed to get a better impression on why such threats and vulnerabilities are exposed. This paper thus seeks to look at these various vulnerabilities present in the aforementioned mobile services.

Vulnerability, MMS, Battery drain,

Android manifests, Android Apps.

iOS Wireless ,Windows mobile, OS wireless hack

1.0 Security concerning Bluetooth protocol

1.1 Introduction

Bluetooth is a wireless technology created by Ericsson for short range communication. It uses frequency hopping spread spectrum and operates in the ISM (2.4 GHz) frequency band. Upto seven devices in a piconet (adhoc communication network) can communicate with a master Bluetooth device. The device can switch from master to slave mode interchangeably. It is a standard wire replacement proprietary protocol that is becoming universal in mobile devices. [1] With the increasing use of smart phones, PDAs and blackberries etc., security issues can be a deterrent for using such devices.

1.2 Security and profiles[2]

Authentication, confidentiality and authorization are the three basic security services provided in the standard security standard. Security Mode 1 is non-secure. Mode 2 is service level enforced security mode that provides security after the channel is established. Mode 3 is link level security mode that initiates security procedures before the physical channel is established.

The benefits of Bluetooth are not provided without risk. The severity caused by compromising the connection varies depending on the profile used. Dial Up networking (DIM) and SIM access profile (SAP) can give the attacker access to network services on the device. The misuse of Serial Port Profile (SSP) can cause confidential data on the device to be changed by a third party. The Advanced Audio distribution profile that supports walkman features on the other hand will not pose a severe threat in most cases. [2]

Service Discovery Protocol is a client server protocol that allows the user to browse services on any Bluetooth enabled device. Pin identification number is generated when Bluetooth profiles are authenticated which poses a threat in itself. Even though the standard permits the use of up to 16 digits, usually only 4 digits are used. The attacker can crack the code by eavesdropping on the pairing process and changing the address between each attempt. [1] Attacks against secure simple pairing have not been sufficiently documented.

Table 1.Profiles Advertised by devices







Sony Ericsson 610i





Nokia 6280






Imate PDA







LG Ke970



Based on a field study [3], only 9% of people use DUN whereas 33% of mobile devices advertise it. This opens up an unnecessary risk factor for variety of devices.

Most device manufacturers do not provide the functionality for the user to turn off individual profiles. The security of mobile devices could greatly be serviced by this feature. It is recommended that a standard is established to necessitate manufacturers to provide such capability to the device.

1.3 Attacks and Security

The majority of users use Bluetooth to enable a headset but in doing so they also enable a host of other services that they never use. Therefore there is an increase in potential for information or service theft. [4]

The most common information theft is Bluesnarfing. The international mobile equipment identity (IMEI) could be stolen that lets the attacker route all calls from victim's device. Bloover is a software tool to facilitate such attacks on Motorola phones. There are also varieties of attacks that are devised using the tools in Linux. A similar hacking technique is Bluebugging, where the attacker establishes a serial connection without authentication. The hacker can make calls, delete contacts and listen to private conversations. Gnokii is a tool used to conduct such attacks. Such vulnerabilities can be kept in check by frequent software updates that patch inherent security concerns.

Bluejacking named after the tool bluejack that is commonly used to perform such an attack. The attacker can overwrite information in the phone owner's device. Though the risk is not severe the attacker sends unsolicited messages to the host device. This is similar to spam or phishing in email terms. The effect of the attack can be high if the host responds to such a harmful message. [4]

Denial of Service (DoS) attack severely drains the battery of the device by illegitimate requests to the mobile. Such attacks can be thwarted by simply moving away from the bluetooth range as proximity matters in this case. Bluesmack is a tool that

can simultaneously make several devices unusable by killing the battery with enormous requests.

Blueprinting is a kind of attack where the make and model of a device are exposed.

While this is not an attack by itself, it leaves the device vulnerable to other kind of attacks.

Service theft uses the device to gain access over services such as SMS and telephony.

Mosquito virus, which sends SMS from the victims attack without permission, is an example of such an attack.

Car Whisperer software [2] allows the hacker to control audio over the car kit. This software developed by researchers in Europe highlights a key defect in the implementation of hands-free bluetooth car kits in automobiles.

1.4 Inherent security issues in all Bluetooth versions [2]

  • Encryption key length is negotiable and weak Eo stream cipher algorithm. A strong encryption procedure must be incorporated in the specification.
  • There is no user authentication. Application developer should add this feature via overlay.
  • If the Bluetooth device address is compromised, user privacy is violated. Better protection against such attacks should be included as part of standard.
  • No end-to-end security. Additional security controls on top of the existing Bluetooth stack should be provided.
  • Discoverable mode attack. A device should automatically sign out of discovery mode after a certain unit of time.

2.0 Security issues with SMS/MMS in Mobile terminals

2.1 Introduction

Mobile devices incorporate various means of wireless communication and therefore are popular targets for malware authors. They have limited processing power and are not primarily designed with security aspect in mind. The lack of a file encryption system even in smart phones is a proof. The year 2004 saw the first malware for smart phone which was a cracked version of mosquito symbian. The infected trojan sent malicious premium sms from the victims device resulting in a huge bill. Comwar is a worm that spreads by MMS even infects the contacts in the victims phone. People are more likely to accept an MMS from a known number thereby opening a series of vector infections. This is a serious problem because the virus generation attacks people who use their mobile for financial transactions such as mobile banking.

Both private information and financial security are at stake and the ramifications are increasing by the day.

2.2 MMS based battery drain attack [5]

Hackers exploit MMS - an insecure cellular data service to attack a unique resource on the mobile device -its battery power. The internet and cellular data networks share an insecure connection for transferring data. The attacker first compiles a list of cellular devices to target by means of mms notification. Then by periodically sending User Datagram Protocol (UDP) packets to the victim, the attacker drains the battery about 22 times faster than usual. Such an attack is clandestine and not limited to the type of hardware or software on the mobile.

2.2.1 Vulnerabilities

The MMS notification message contains the source and destination IP address, content size and type and user name in an HTTP post header. Also, the messages are sent in plain text format. Therefore such messages are not encrypted or authenticated.

The MMS R/S (MMS relay server and agents) primarily comprise the MMS architecture. To prevent the end cellular users from modifying the relay server details, the cellular network hides such information. A study by Racic et al [5] states that after the relay details are modified in the phone, there are no security measures to alert in case of spoofed MMS R/S. The mobile station does not validate the MMS messages. By exploiting such a security gap, attackers can send unlimited messages

at no cost without alerting the cellular network.

When the mobile device communicates over http (hyper text transfer protocol), it displays its full specification information. Using scripts in linux or readily available tools the attacker can get the make and model of the device without much effort.

The mobile retains the PDP information even after the data session is over. Based on study [5] the context was retained as much as 15 minutes after the session. In such a period the attacker could send multiple spoofed packets to the victims mobile that could drain the battery rapidly.

These kinds of attacks are rather difficult to be traced as they do not target the network but the individual mobile device. Moreover the victim only realizes an attack after battery is completely drained. For people such as network administrators, real estate professionals or investment bankers the loss of battery power will prove to be critical.

2.2.2 Security Measures

The intrusion detections systems currentlyavailable should be updated and enforced at all security levels. Network providers should frequently update firewalls and identify new threats. MMS messages should be authenticated to prevent man-in-the-middle attacks. The critical information pertaining to a mobile device should have restricted access at WAP gateway. Using the existing GPRS mechanisms a non intrusive protection strategy should be devised [5].

Schemes such as cryptographic solutions,finger printing and pattern recognition should become a part of the standard protocol.

2.3 SMS based Denial of service attack

Through mobile communications protocol such as Global System for mobile communication (GSM), it is possible to send mass Short Messaging System (SMS).

There are a variety of request response protocols available for generating sms messages in large volumes. It is possible for to manipulate the protocols available to send multiple silent sms messages over the network. As the name implies, a silent sms does not generate an acoustic signal. There is also an option to discard the contents of the message and only acknowledge delivery of the SMS. An invisible Denial of Service attack can be generated by sending continuous silent SMS messages to a mobile device.

There are short message service centers (SMSCs) that use protocols such as Short Message Peer-To-Peer Protocol (SMPP) to send SMS messages. Using such centers, it is possible for anyone to transmit several messages over the network. If the network is flooded with numerous requests

continuously, it cannot respond to legitimate requests. The signaling layer is used in sending bulk messages and hence the network fails to react to other requests.

If a hacker performs a Denial of Service (DoS) attack on a mobile device then the victim would be left unaware of the same. The only effect the victim can see will be a decline in battery charge. Also, the victim will be unable to use other features of the device such as placing and receiving calls. [6]

All the messages are routed through SMS service center and require a permanent identification number. Even though the victim might get hundreds of messages, there is only a unique number identified with it.

2.3.1 Ways of sending Silent SMS [7]

By changing data coding bits using GSM standard, one can modify SMS criteria to discard the contents of the message. In this case the message waiting indication group identifier is modified. By using any of the multiple SMPP gateways available, an attacker can send hundreds of silent SMS messages.

It is also possible to change the validity period when sending a push SMS. The message will not appear on the victim's device, even though the status of the SMS shows delivered. Unlike spam in mail where the victim is not charged, in the case of silent SMS the end user is charged for illegitimate messages.

Some attacks can overload the Short Messaging Service Center and over a period of time can cause the system to hang.

2.3.2 Economic Implications

Some mobile service providers do not charge for sending of mass messages. Also, the attacker can purchase messages in large volumes for a subsidized cost from the network provider. Hence, the victim is forced to pay a huge bill for sms he does not even know he received.

2.3.3 Security methods

There are avenues like Whitecell [8] that manage SMS Fraud. There is an additional security layer built on top of the existing network provider's structure.

Such a layer will stop spoofed traffic from passing through the network. Considering the vastness of GSM, it is not feasible to implement such security measures at a global level. The network providers are also not eager to take on the additional responsibility because the victim pays for the SMS and they stand to gain.

2.3.4 Boon and Bane

A silent SMS may be useful for police personnel to track criminals. They can easily send silent mass to track people without disclosing message. Also, they can block the criminal from accessing network resources by flooding his network.

There are server administrators who rely on mobile communication to inform them of

any network misuse. In such a case if someone attacks their device, they will be unable to use mobile network and data on the servers becomes vulnerable.

2.4 Measures taken in the field

Even with the advancements made in the cellular world, host- defense mechanisms are an effective way to combat malware. The primary reason being the proximity to target but on the other hand, they consume enormous processing resources. Network and host based defense mechanisms used in conjunction supplement each other. Symantec, Mcafee, F-Secure provide mobile security solutions that auto upgrade and run periodic scans.

3.0 Android Security Vulnerabilities

In this increasingly mobile world with its gamut of devices, there are three major dominating players - Apple with its iOS, Google with its Android OS (hereafter referred to as AOS) and Microsoft with its Windows Mobile 7. A fourth player is RIM with its Blackberry OS; however, that is mainly dominant in the corporate circles and is excluded from the discussion below.

Before talking about Android vulnerabilities, it is worthwhile to look at the AOS security architecture.

3.1 AOS Security Architecture [9] [10]-

Android is a privilege separated operating system. What this means is that each application runs with a distinct system id (similar to Linux user id). This helps the OS isolate applications from each other and form the system. Other security measures include enforcing permissions on apps and per-URI permissions for granting access to specific pieces of data.

One major feature of AOS security architecture is that no application has permission to perform any action that might adversely affect other applications or the system. This includes access to user information. The Android kernel sandboxes every application and hence, applications have to explicitly declare the permissions they need for additional capabilities. This is typically during install time and the user has to grant these permissions.

Another aspect of AOS is application signing. Each and every application needs to have a signed certificate with a private key. This key is held by the developer. This certificate doesn't need to be signed by a certificate authority and can be self-signed. The certificate holds the name of the author of the application and is primarily used by the system to grant permissions based on signature-level permissions. This is also used by the system to determine if two applications can have the same Linux iD.

Finally, one important aspect of AOS security architecture is something called “Android Manifest”. A screenshot is shown on the next page. The manifest is like the “know-it-all” in the AOS ecosystem. The manifest basically describes the application's activities, services and broadcast receivers. It also contains declarations to let AOS know what components are present in an app, permissions needed for an app to access protected information and permissions other apps need to interact with this app's components.

This XML file forms the most important part of the AOS architecture. Permissions are set for apps at the time of install and are never looked at again. Tampering with this file could perhaps be the greatest security vulnerability that threatens AOS.

3.2 Security Vulnerability -

Let's now look at security vulnerabilities. When talking about security vulnerabilities, there are two aspects to be considered -

1) Vulnerabilities that exist within the OS itself that can lead to compromising security. These vulnerabilities could either be in the OS itself or it could be in some application that ships with the OS (e.g Safari with iOS, Wi-Fi vulnerabilities in AOS)

2) Vulnerabilities that can happen due to external applications.

The first point above related to security vulnerabilities present in the OS itself. For example - tampering with the manifest.xml can actually cause more security vulnerabilities than anything else. Another example is the recent AOS Wi-Fi vulnerability that Google patched [12]. The Wi-Fi vulnerability is described below.

Applications that access Google services, such as Calendar and Contacts, use ClientLogin authentication protocol requests and receive an authentication token to gain access to user data. Google designed the token so that the same instance can be reused to access that service for two weeks. Malicious individuals can intercept authentication tokens from Android users running applications over an unsecured Wi-Fi network. However, if the token is requested and sent while the user was on an unencrypted insecure connection, anyone eavesdropping could find and steal the token and use it for the 14-day period to access user contacts, calendar items, email and other personal information.

Another source of AOS component vulnerability is through malware. Research predicts that AOS malware has increased by 400% [13]. About 17 percent were due to SMS Trojans sending text messages to premium rate numbers. 61 percent of reported infections were due to spyware monitoring phone calls and SMS. With the current boom in Android devices and user base, this kind of malware is bound to grow.

Let's tackle the second point above. A big part of the popularity of smartphones (and tablets) is the variety of applications available with the particular OS. These applications, typically downloaded from an “Appstore”, are vetted by the respective companies before reaching the user. However, many of these apps are free and supported by ads. In addition, almost all of them request access to personal information for marketing purposes (usually during install process). This creates the greatest problem for security. The vulnerabilities here are multiple - the app might use the personal data insecurely or user info could be stolen from the phone itself. Such apps are usually found and removed; however they can play havoc with user information by then.

In this regard, Android is more vulnerable than iOS[11]. Google is a bit more lenient than Apple in allowing apps in the Android Marketplace. This is a double-edged sword - this fosters innovation but at the same time reduces security.

4.0 iOS - Mobile OS by Apple:

In order to discuss the wireless features of an iOS4, we might need to explore its features and abilities on an actual gadget.

iPad2 basically houses an A5 chip which is a single core 1Ghz chip combining an ARM Cortex-A8 CPU core and a Power VR SGX 535 GPU. It runs at the same 1-GHz clock speed as its predecessor, but contains two processing cores instead of one. It is claimed that its new video component will deliver graphics that are nine times faster than the original iPads. With all the fantastic hardware, the iOS4 OS runs on it which is apple's own mobile operating system. In order to discuss its wireless vulnerabilities, more research needs done on the mobile operating system and its versions.

4.1 Anatomy of iOS Architecture [14]

When apps are being developed for any gadget, certain closed source operating system does not allow the direct access to any hardware. Any hardware interaction is done through a number of different layers of software that act as intermediates between application code and device hardware. These layers make up the iOS itself

4.1.1 The Cocoa Touch Layer

We concentrate on the layer which affects the wireless capability of the iPad. The Cocoa Touch layer sits at the top of the iOS stack and contains the frameworks that are most commonly used by iPad application developers. Cocoa Touch is primarily written in Objective-C, is based on the standard Mac OS X Cocoa API (as found on Apple desktop and laptop computers) and has been extended and modified to meet the needs of the iPad. Its features are as follows

  • Multitasking
  • Wireless Printing
  • Data protection via encryption
  • File sharing (the ability to make application files stored on the device available via iTunes)
  • Blue tooth based peer to peer connectivity between devices[14]

4.2 Wireless Features in iOS4[15][16][17][18]

It is known that iOS4 is an update to the mobile operating system used for iPods and iPhones which were released earlier and hence it had cleared lot of issues which was accompanied by a Smartphone. But according to sources, the first version served as a glorified smart phone which did not serve well with the hardware capabilities of a tablet. The following were its important features [15].

  • Persistent Wi-fi
  • Wake on Wi-fi
  • Auto-join and Auto-login andIPv6on individualWi-FiNetworks setting
  • Set upInternet Tethering
  • Support forAppleBluetoothkeyboards
  • Wireless app distribution
  • SSL VPN support (both Juniper and Cisco)
  • Microsoft Exchange Server 2010 support
  • Improved Bluetooth driver forA2DPdevices

By April 2010 Apple themselves acknowledged the fact that iPad had difficulty connecting to the internet, which made it a bane for its own existence. There were numerous complaints telling that if the device was a little further away from the router, it had difficulty detecting the Wi-Fi signal. This seems to be an issue specific to dual-band Wi-Fi routers, which are those that are compatible with both 2.4GHz and 5GHz spectrum bands. Dual-band routers transmit both the 2.4GHz and 5GHz bands as one network with the same name and password. It was then recommended to split the bands into two separate networks, naming them differently and making sure that both networks use the same type of security (WEP, WPA, or WPA2).
This made lot of disgruntled Apple followers flood the internet discussion forums with their woes of their new and expensive gadget [16].

Ultimately Apple came up with an update by March 2011 with an updated version of the OS which iOS 4.3 which included a number of critical security patches. Some of these were designed to prevent vulnerabilities being exploited which could lead to malicious code being run on iPhone or iPad.

Though some of the salient features were faster performance on their web browser, better video streaming and sharing their patented iTunes library over Wi-FI around the home, the most important reason to install those updates was to increase the gadget's security.

Details of the security fixes are included in anApple knowledgebase article, and include protecting against maliciously-crafted TIFF image files that could be used to run unknown threat code on the device, and multiple memory corruption issues exist in WebKit, which could mean that visiting a booby trapped website could lead to unauthorized code being executed.[17] These are, of course, the kind of vulnerabilities that have been exploited by malicious hackers and virus writers in the past and would present a way to deliver code to a non-jail broken iPhone that did not involve entering via the official iPhone App Store.

There is no indication that these vulnerabilities have been exploited in the wild, but it would nevertheless be responsible to defend against them by installing the operating system patch to the iOS devices. Especially now that details of the security holes are known to the computer underground.

The best improvement with respect to wireless portability on any Wi-FI based gadget is to add around 500GB of portable capacity. Nowadays wireless portable hard drives are available for iPads and its counterparts and though this great news for the tablet community, new violations with respect to the wireless data exchange between them are bound to arise. [18]

5.0 Windows CE - Mobile OS by Microsoft:[19]

Having ruled the laptop and PC world with their versatile closed source Windows Operating system, Microsoft comes up with their mobile version which is now housed in many tablets and smartphones. HTC smartphone and HP Slate 500, Samsung Slding PC 7 and Archos 9 PC Tablet are some of the famous examples.

5.1 OTA(Over the Air) Firmware Update Architecture for Windows Mobile Version[19][20][21][22]

The following illustration shows the architecture of the OTA Firmware Update process:

Since the number of end users for a windows based mobile phone or tablet is way less than Android or iOS based tablets, the number of security violations or threats received are in par with the normal vulnerabilities of a windows operating system as seen on PC's. So Microsoft rolled out firmware updates which took care of 3 types of threats

5.1.1 Security Considerations on the Device describing the code and features resident on a Windows Mobile powered device

According to their firmware update, windows based mobile devices offer built in support of security services such as authentication, message encryption and VPN and SSL. They came up with the basic levels of defense using security-through-identity and coordinated with the policies provided by the Mobile Operator. Some main features which were covered in that update were the following [20]

  • Permissions - Any application depends on a two tiered permission model which are “Privileged” and
    “Normal”. Any other application which does not cater to the appropriate signed certificate can be blocked by the user itself.
  • Security Configuration - The mobile device is ascertained to handle permissions and signatures access tiers.
  • One-tier access — If the application has a signed certificate in the device certificate store, then one-tier access devices allows to run such applications; there is no concern with permission restriction. All Windows Mobile powered devices can be configured to support one-tier access.
  • Two-tier access - device with two-tier access restricts application start and run-time permissions. Applications signed with a certificate that the device recognizes execute with no further checks. Unsigned applications demand further policy checks to determine if they can run; if allowed to run, they run with normal permissions. Windows Mobile Version 5.0 powered Smartphones and Windows Mobile 6 Standard can be configured with two-tier access.[20]
  • Security Roles - These restrict access to device resources. The three roles defined in this update
  • Manager role allows complete access to the device and its resources.
  • Enterprise Role allows admin rights to certain device settings such as setting password requirements.
  • The User role allows the device owner to inquire device information, manage files and directories, and change settings such as the home screen and sounds. In Windows Mobile 6, the owner can also manage user certificates and designated certificate stores.
  • Certificates and Authentication - Digital certificates have a vital role in device security and network authentication. Certificates are nothing but electronic credentials that entwine the identity of the certificate owner or the device with a public and private pair of electronic keys used to encrypt and digitally signed information. Signed digital certificates ascertain that the keys actually belong to the specified application, device, or person and that they can be trusted. For example, in order for an application to be installed and run on the device, the application must present a digital certificate that proves it was accepted and signed by a trusted source, such as the Mobile2Market program. In an authentication example, before an SSL connection can be established with the network server, the mobile device must present a certificate from its root store that is distinguishable from other certificates and consented by the server.
  • Security Services - Windows mobile has the following security services in their core OS.
  • Cryptographic Services
  • VPN Support
  • Wi-Fi Encryption
  • Storage Card Encryption
  • SSL Support

5.1.2 Security Considerations on the Exchange Server providing details about the ActiveSync protocol and the security policies that can be managed from Exchange Server [21]

Here we deal with the issues when the device is encountered with a safe Exchange server and to address certain unknown complication which are deemed to be unlikely in occurrence

  • Device Wipe - This basically does a hard reset on the device by wiping all data, settings and private key material on the device. This is very dangerous considering the difficulty to recover all the wiped data.
  • Lock a Device - Here the OS deals with the actual locking of the device with better PIN strength and forces a sequence in which either the passwords or the pins to be set in.
  • Authentication with LAS and LAP -
  • Local Authentication Subsystem (LASS) allows compromising integration of Local Authentication Plug-ins (LAPs).
  • LASS use certain third party hardware and software like SmartCard use or a user signature to provide proper base for security. It can also assign event based policies to ascertain the correct user entry. For example, device lock can be triggered remotely via software, not just when a device is turned on.
  • A LAP is an authentication mechanism that plugs into LASS. Any Windows Mobile contains a built-in password LAP. OEMs and ISVs can thus use the built in password mechanism to develop custom made authentication software.

5.1.3 Security Considerations on Network outlining the features of a security-enhanced mobile messaging network, including ISA Server, Internet Information Services server, and protocols for data encryption and device authentication [22]

  • Network Configuration - The default network configuration places all Exchange servers within the corporate network. So the Internet Security and acceleration Server (ISA) acts as a firewall from the Internet. All incoming traffic is fin tuned through ISA web listener. Hence while installation it is recommended to enable SSL encryption through the correct port.
  • ISA Server - helps protect against most unattested denial-of-service attacks, protecting Outlook Web Access and Exchange ActiveSync servers from attack and encroachment. It can also act as an endpoint to decrypt and listen to inward traffic passing only legitimate traffic to the destination endpoint. This capability, known as SSL bridging, adds valuable extra protection to OWA and Exchange ActiveSync deployments. ISA Server 2006 adds a new feature that ceases the SSL connection from the mobile device at the ISA server and allows the mobile device to certify a client connection, using Kerberos-constrained commission to the Exchange server. This feature helps provide extra protection because traffic is inspected at ISA Server and then passed to the Exchange server for processing.
  • Data Encryption with SSL - In the Windows Mobile security architecture, SSL plays an important role in helping to shield device communications. The default method for establishing Exchange ActiveSync connections requires the use of SSL to encrypt the connection between the mobile device and the Exchange server. Because Exchange ActiveSync uses HTTP as its base communications method, this helps provide efficient support. This is demonstrated by the wide use of HTTPS to protect a high amount of high-value transactions across the Internet .Bit it might only requiring only one port to be opened on the enterprise firewall. Windows Mobile fully supports ordinary HTTPS connections, both through its application programming interfaces and in the mobile version of Internet Explorer. This support is designed to allow business applications and user browsing to be protected using the same robust security mechanism as Exchange ActiveSync traffic.

In Conclusion, it is claimed that all the above robust methods of security against all Internet threats are rolled out in their newest firmware. But even with all its tiered layer of interaction and control, it has been seen that they are susceptible to quite a number of security violations which freezes the gadget in which the OS runs.

6.0 Comparison - Android, iOS and Windows mobile operating systems

The three major operating systems now seem to run on more than 90% of the mobile device, smart phones and tablets. With its wireless features and vulnerabilities summarized, each has encountered a pitfall on its own and also is striving to make improvements as an when vulnerability is found.

6.1 Wireless Features Comparison

6.1.1 Android[23]

This OS has come forth with fantastic technical aspects and advanced functions and it being open source, causes the manufacture of affordable and robust devices. Statistics show that by the year 2013 one in six tablets or smart phones will house Android OS in it.

The Android based gadgets offer Bluetooth, GPS, Wi-Fi and in addition wireless security and hence increasing their popularity in the gadget world. There are some future enhancements which were brought forward by Broadcom. These enhancements prove to be groundbreaking in the wireless world and hence making Android as an industry leading mobile OS.

  • Support for Wi-Fi Direct -- the forthcoming standard that allows smart phones and other Wi-Fi devices to connect to one another for transferring large files or for streaming digital media without the need for a wireless access point.
  • Support for 'Soft Access Point' - which allows the Wi-Fi component in a client device (such as a notebook computer or smart phone) to function as an access point enabling connectivity sharing with other devices.[23]

Android is more open than iOS in other ways as well. Android OS being open source, which meant that all the manufactures can customize it any way they want. We all know that Verizon includes the Droid X with VZ Navigator, which is voice activated GPS tool to give directions. Another issues with this OS, is that the service providers don't need to include all features built in Android OS. Some has built in tethering via USB as well as a wireless hotspot capability, where as some others don't have tethering capability though the OS has the capability of handling it. [24]

Summarizing about the cutting edge technologies for Android OS like its GPS receivers, thorough navigation solution, full control plane and user plan protocol stacks and a tightly integrated hybrid location services that offer the end-user a complete location solution for handsets and other mobile devices based on Android.

6.1.2 Windows CE [25][26]

As mentioned this is another embedded OS which is in lot of latest tablets and mobile devices with a distinct OS and kernel which is rather a short version of the OS which is found in their PC's.

Windows CE provides the framework for various wireless LAN technologies that enable you to enforce a variety of wireless networking scenarios. The following list shows the networking technologies and standards that are used in wireless local area networks (WLANs) that Windows CE supports:

  • 802.11 authentication
  • 802.1x authentication
  • Automatic Configuration
  • Native 802.11
  • Wi-Fi Protected Access (WPA)
  • Extensible Authentication Protocol (EAP)
  • Wired Equivalent Privacy (WEP)
  • Wireless network adapters
  • Roaming

A Windows CE-based device can function as a wireless client, as a wireless station (STA), and as a wireless access point (AP) in a wireless network. [25]

Although this OS is presented with all the security capabilities and with its constant roll of firmware update to catch all the threats, it still didn't meet its mark with its competitors like Android and iOS. Since Microsoft did not release any embedded stable OS version will 2010, [26] it was succeeded by its cut-throat competitors Apple and Google. Another disadvantage with respect to a tablet device is that it doesn't recognize multi touch screens and does not allow users to view legacy file properties. It also does not allow viewing unknown file types and adheres to only windows known file types. With all these above mentioned disadvantages, it needs to release a good amount of researched update to compete with the smart phone giants.

6.1.3 iOS [24][27][28]

As discussed in the earlier part of the paper, iOS4 is the proprietary operating system developed by Apple for their famous iPods, iPhones and their latest tablet iPads. The main advantage of it being an Apple product is that, it was one of the pioneers in the concept where the user interface is extremely fluid with multi touch gestures and direct manipulation [27]. Since they came out with an all encompassing smart phone concept first, the technical market ate up their sharp acumen for sales and it became and trend to own an apple product. But of course, Apple gives out a set of rules for third party developed to follow for app creation and sometimes unreasonably bans some of the these apps based on its controversial content[24]. In general, even with all these restrictions, the App store is still flooded with near 3 million apps and hence drains out their privacy as disadvantageous.

The latest news is that iOS updates from Apple have announced Enterprise support and multiple Exchange email accounts with SSL and VPN security. For any Apple gadget to compete with blackberry and be Enterprise ready, it needs to have a FIPA 140-2-vertified encryption , a standard which the government agencies insist on having. Apple also needs a social collaboration client in iOS 4 and more background processing modules for security and device management.[28]

All said and done, we have to admit that Apple did come out with a fantastic product and we hope that the future enhancements will keep up with the openness of Android or the level of Microsoft with respect to third party products on Windows mobile.