Unified-Firewalls-Rohde-Schwarz-Cybersecurity

Security gap in messenger services: Are there implications for iOS and Android?

Does the critical vulnerability discovered on August 31 by Google's Project Zero in one of the most widely used messengers also have a direct impact on the iOS and Android operating systems used?

So far, this potential possibility has not been practically substantiated. Although today's mobile operating systems iOS and Android are becoming more and more secure, which means that attackers often have to exploit a whole chain of different security gaps to realize a successful attack, a successful attack can only rarely be completely excluded.

For a successful attack, it would be necessary to take advantage of the crash, introduce code, increase privileges in order to break out of the app context and then persist the introduced code so that it would also survive a reboot of the operating system. All individual steps can differ on different device types, so that attackers would have to expend considerable time and effort in order to enable large-area and reliable use.

Protected by the use of secure Rohde & Schwarz Cybersecurity products

With R&S®Trusted Mobile, Rohde & Schwarz Cybersecurity provides its own Android-based, comprehensively hardened operating system for mobile devices for companies and organizations. R&S®Trusted Mobile is divided into two areas: "Open" and "Restricted", which are completely isolated from each other by kernel-based hardening mechanisms. The open area (optionally fully controllable by the organization) behaves like a standard Android, i.e. apps from Google PlayStore can be installed and these can communicate via the interfaces available on the device.

The restricted area (which must be completely controlled by the customer) represents an extension of the customer intranet, because all communication from this area is carried out via a VPN that terminates in the customer infrastructure. This prevents confidential data from being exchanged via potentially insecure communication channels.

If customers use popular messengers on R&S®Trusted Mobile and a successful attack is carried out, as outlined above, "only" the open area with its applications would be affected. The restricted area with the confidential company data is not affected. In addition, Rohde & Schwarz Cybersecurity also takes measures to ensure that no data in the restricted area is affected by privilege escalation in the open area.

Rohde & Schwarz Cybersecurity provides R&S®Trusted Mobile with security updates at short, regular intervals, but is also able to react quickly to highly critical bugs.

Do you have any questions about current or general IT security challenges? Please contact us!

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Autorizzazione al marketing

Desidero ricevere informazioni da Rohde & Schwarz tramite

Cosa significa nello specifico?

Accetto che ROHDE & SCHWARZ GmbH & Co. KG e l’entità ROHDE & SCHWARZ o l’azienda controllata riportata nelle note legali di questo sito web, potrà contattarmi tramite il canale prescelto (e-mail o posta) per scopi di marketing e pubblicità (ad es., informazioni su offerte speciali e sconti) in relazione a, in via non limitativa, prodotti e soluzioni del settore di collaudo e misurazione, comunicazioni sicure, monitoraggio e collaudo di rete, trasmissione, media e sicurezza informatica.

I tuoi diritti

La presente dichiarazione di consenso può essere revocata in qualsiasi momento inviando una e-mail con oggetto “Annulla iscrizione" all’indirizzo news@rohde-schwarz.com. In più, in ciascuna e-mail pubblicitaria inviata sarà allegato un link per annullare l’iscrizione. Nella ”Dichiarazione di riservatezza” vengono definiti ulteriori dettagli sull’utilizzo dei dati personali e sulla procedura di ritiro.

La tua richiesta è stata ricevuta. Ti ricontatteremo a breve.
An error is occurred, please try it again later.