Mobile devices like smartphones and tablets, while increasingly becoming ubiquitous, are nevertheless a comparatively new breed of devices to which rules and regulations are still adapting. Case in point: the Federal Trade Commission is just now requiring leading companies in mobile communications, Microsoft included, to hand over information regarding the when and how of their security updates for mobile devices, reports Network World.
"..the report [..] encourages all companies to provide strong protections for the data they collect.”
As smartphones and tablets become ever more popular and more technologically advanced, the potential for security breaches also increase dramatically. The speed at which new models are introduced ensures that not every device from a manufacturer will receive equal attention to security updates. Moreover, when, how and for how long a mobile device will receive security updates are still arbitrary among manufacturers and service providers, another potential reason for the FTC's long-time criticism of these companies' security practices.
Eight leading vendors will now have to provide the following information, among others.
- The factors that they consider in deciding whether to patch a vulnerability on a particular mobile device
- Detailed data on the specific mobile devices they have offered for sale to consumers since August 2013
- The vulnerabilities that have affected those devices
- Whether and when the company patched such vulnerabilities.
Apart from Microsoft, the other vendors under the FTC's scrutiny include Apple, Google, Samsung, Blackberry, HTC, LG and Motorola. The full request letter, spanning ten pages, can be found at FTC's main website. On another side of the problem, the Federal Communications Commission (FCC) has also sent out letters to leading U.S. carriers including AT&T, Sprint, Verizon and T-Mobile requiring similar information regarding security patches.