Why Network Level Protection is Better than Device Patches for Vulnerabilities like the Charlie Miller iPhone SMS Vulnerability

Share with your network!
The recently announced SMS vulnerability discovered by Charlie Miller that affects Apple iPhone, Palm Pre, Windows Mobile and Google Android devices highlights the importance of network level protections for the mobile network. The vulnerability, which can enable an attacker to gain full access of a device by sending specially coded SMS messages to the device, was first released to mobile device manufacturers and mobile operating system providers in early July. However, several device manufacturers and OS providers have not yet made a patch available to users that addresses the vulnerability. Once a patch is available, the process of getting millions of subscribers on the network to update their devices to the latest patch level, across multiple smartphone operating systems is ominous. Some of these devices, including the Apple iPhone do not support over the air provisioning for a patch - meaning that users would have to manually upgrade their devices themselves. Waiting for users to do this on their own may take months--all the while leaving users vulnerable to this serious attack. Conversely, solutions that provide SMS protection in the network infrastructure could prevent this attack from infecting devices immediately. Network level solutions are able to block malicious SMS messages before they are sent to the device, preventing the messages from ever arriving at the device in the first place. This has several benefits. The network level solution would: 1. Be able to protect multiple device types 2. Provide protection without user involvement or awareness 3. Provide protection without device manufacturer or operating system vendor involvement 4. Immediately protect all subscribers upon deployment This type of protection requires a relatively advanced solution to be in place in the mobile network infrastructure. Today, not all network infrastructures support this type of capability. However, Cloudmark believes that we will see this become more and more common as a means to protect against attacks of this nature in the coming months and years.