Science
11:35 am
Tue December 11, 2012

Mobile Web Browsers Full of Security Risks, Tech Professor Finds

More of us are using mobile devices to access the Internet. 

But a Georgia Tech researcher says it’s often impossible --even for him--to tell whether those connections are safe.

Of the 10 mobile browsers used by 90% of smartphone owners, Tech computer science professor Patrick Traynor found every one had some kind of vulnerability. 

Patrick Traynor, assistant professor in the School of Computer Science, and Ph.D. student Chaitrali Amrutkar discovered that mobile browsers are inconsistent in implementing the standards for security indicators recommended by the World Wide Web Consortium. [Ga Tech]
Patrick Traynor, assistant professor in the School of Computer Science, and Ph.D. student Chaitrali Amrutkar discovered that mobile browsers are inconsistent in implementing the standards for security indicators recommended by the World Wide Web Consortium. [Ga Tech]
Credit Courtesy: Georgia Tech College of Computing

So he asked a question:

“What kinds of attacks would even an expert, someone like myself, miss if their browser is exposed to an attack?”

For example, Traynor found experts often couldn’t tell if a mobile browser took them to a phishing website.  That’s a fake site that mimics a real one, allowing crooks to intercept users’ personal information.

Tryanor says mobile devices are often just too small to display necessary security information.

“We really need to rethink this platform and understand space is at a premium.”

Until then, he recommends using a company’s “app.”

But because apps often call up the mobile device’s browser to connect, even that isn’t a perfect solution.