Unified-Firewalls-Rohde-Schwarz-Cybersecurity

Security gap in messenger services: Are there implications for iOS and Android?

Does the critical vulnerability discovered on August 31 by Google's Project Zero in one of the most widely used messengers also have a direct impact on the iOS and Android operating systems used?

So far, this potential possibility has not been practically substantiated. Although today's mobile operating systems iOS and Android are becoming more and more secure, which means that attackers often have to exploit a whole chain of different security gaps to realize a successful attack, a successful attack can only rarely be completely excluded.

For a successful attack, it would be necessary to take advantage of the crash, introduce code, increase privileges in order to break out of the app context and then persist the introduced code so that it would also survive a reboot of the operating system. All individual steps can differ on different device types, so that attackers would have to expend considerable time and effort in order to enable large-area and reliable use.

Protected by the use of secure Rohde & Schwarz Cybersecurity products

With R&S®Trusted Mobile, Rohde & Schwarz Cybersecurity provides its own Android-based, comprehensively hardened operating system for mobile devices for companies and organizations. R&S®Trusted Mobile is divided into two areas: "Open" and "Restricted", which are completely isolated from each other by kernel-based hardening mechanisms. The open area (optionally fully controllable by the organization) behaves like a standard Android, i.e. apps from Google PlayStore can be installed and these can communicate via the interfaces available on the device.

The restricted area (which must be completely controlled by the customer) represents an extension of the customer intranet, because all communication from this area is carried out via a VPN that terminates in the customer infrastructure. This prevents confidential data from being exchanged via potentially insecure communication channels.

If customers use popular messengers on R&S®Trusted Mobile and a successful attack is carried out, as outlined above, "only" the open area with its applications would be affected. The restricted area with the confidential company data is not affected. In addition, Rohde & Schwarz Cybersecurity also takes measures to ensure that no data in the restricted area is affected by privilege escalation in the open area.

Rohde & Schwarz Cybersecurity provides R&S®Trusted Mobile with security updates at short, regular intervals, but is also able to react quickly to highly critical bugs.

Do you have any questions about current or general IT security challenges? Please contact us!

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Permiso de marketing

Deseo recibir información de Rohde & Schwarz por

¿Qué significa esto exactamente?

Estoy de acuerdo con que ROHDE & SCHWARZ GmbH & Co. KG y la entidad o subsidiaria ROHDE & SCHWARZ que figure en la Declaración de confidencialidad del sitio web se ponga en contacto conmigo a través del canal elegido (correo electrónico o correo postal) para fines de marketing y publicitarios (p. ej., información sobre ofertas especiales y promociones de descuentos) en relación con, pero sin limitarse a, productos y soluciones para prueba y medición, comunicaciones seguras, monitoreo y pruebas de redes, broadcast y media así como ciberseguridad.

Sus derechos

Esta declaración de consentimiento se puede retirar en cualquier momento enviando un correo electrónico a news@rohde-schwarz.com con el asunto «Cancelar mi suscripción». Además, en cada correo electrónico enviado se incluye un enlace para cancelar por correo electrónico la suscripción a futuros anuncios. En la Declaración de privacidad encontrará información adicional sobre el uso de los datos personales y el procedimiento de retirada.

Se ha enviado su solicitud. Nos pondremos en contacto con usted en breve.
An error is occurred, please try it again later.