Playing in the Digital Sandbox: Mobile versus Desktop Security

January 27, 2014 by Jason Soroko     No Comments

Mobile operating systems consume resources from unknown sources on the Internet all the time, and yet they are not infected in the same manner as desktop operating systems. Certainly, sideloaded malicious Android apps are able to access parts of a mobile device that the user has authorized (e.g., pictures, contacts, SMS).  We have also seen flaws in mobile browsers that have led to malicious code accessing the same resources that a mobile browser has access to (e.g., pictures, contacts). But for a malicious app to interfere beyond the boundary of itself, and into the memory space of another mobile app, this is an entirely different matter.

shutterstock_136826528 I have been part of conversations where IT security professionals state that they trust their desktop PC more than a mobile device because of the range of security technologies that they can layer onto their PC compared to smartphones or tablets. Desktop endpoint security has not been as successful as mobile security layers, such as application code-signing and app sandboxing.  

 Sandboxing of mobile device apps is very strong compared to sandboxing of applications on desktop operating systems. Mobile operating systems have barriers between apps that extend much deeper. Apps have no user rights into the memory space of other apps, and this is engineered without compromise due to backward compatibility that often plagues desktop operating systems. Out of the box, mobile operating systems provide a good deal of security. This truth is muddied by the hype surrounding mobile malware.

 Leveraging mobile devices for authentication and other means of protecting digital identities is a great idea. The security that you get out of the box from a mobile operating system already exceeds what you can buy with traditional desktop PC endpoint security. In a world where most of us mix our usage of PCs, smartphones and tablets, it’s a great opportunity to take advantage of the strength of the computers we carry in our pockets.

Filed Under:
Tagged With:
Jason Soroko


Jason Soroko is Head of Malware Research for Entrust. Soroko has spent more than 10 years with Entrust in various developer or architect roles. As malware becomes more advanced, the need for Entrust to understand evolving threats requires considerable investment. Soroko frequents security conferences and tradeshows to educate the industry on identity-based security and ensures Entrust stays at the forefront of understanding this offensive capabilities possessed by today’s malicious actors. Prior to joining Entrust, Jason worked in Geographic Information Systems (GIS) for the oil and gas industry.

Add to the Conversation