Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings

FCC, FTC Question U.S. Carriers, Manufacturers on Mobile Device Security

By Diana Goovaerts | May 9, 2016

Share

FCC Commissioners

Top U.S. wireless carriers Verizon, AT&T, Sprint and T-Mobile were among a number of companies to be queried by Federal Communications Commission (FCC) and Federal Trade Commission (FTC) Monday as part of an investigation into mobile device security.

The FCC said Monday it reached out to at least six U.S. wireless carriers seeking information about their procedures for reviewing and releasing security updates. Additionally, the FTC has ordered eight mobile device manufacturers to provide information about how they issue security updates to address vulnerabilities across a variety of devices, including smartphones and tablets.

“As consumers and businesses turn to mobile broadband to conduct ever more of their daily activities, the safety of their communications and other personal information is directly related to the security of the devices they use,” the FCC wrote in its press release. “There are, however, significant delays in delivering patches to actual devices—and older devices may never be patched.”

An FCC spokesman said Verizon, AT&T, T-Mobile, Sprint, U.S. Cellular and Tracfone were among the carriers queried by that agency. The FTC said the manufacturers involved in its investigation include Apple, Blackberry, Google, HTC America, LG Electronics USA, Microsoft, Motorola Mobility and Samsung Electronics America.

In its letter to carriers, the FCC asked a total of 20 questions related to policies and practices surrounding device security. Questions included:

  • Do any mobile devices on [Carrier]’s network run an OS that is modified for or is unique to [Carrier] and if so, what percent of the devices on [Carrier]’s network do they represent? With respect to such OS, is [Carrier] responsible for developing and providing security updates? Does [Carrier] face any additional issues or hurdles in releasing security updates for such OS to consumers? If so please explain in detail.
     
  • To what degree does [Carrier] know whether a consumer has installed a security update to address OS or Required Software security vulnerabilities? If [Carrier] does not engage in practices to monitor such information, does [Carrier] have the technical ability to do so?
     
  • To [Carrier]’s knowledge, what entities are involved in the updating process (e.g., original equipment manufacturer (OEM), OS or Required Software vendor, other) and can any of those entities other than [Carrier] individually release security updates for the consumer directly? What legal, security, or other permissions are required from any involved entities and does obtaining those permissions cause delay in release? If [Carrier] provides updates to consumers, are security updates generally released to all consumers at once? If not, please describe the security update release process and how it might affect different consumers, including those who transfer their device to [Carrier]’s network.
     
  • Are there instances where [Carrier] knows of a vulnerability to OS or Required Software but does not release a security update to consumers or otherwise make the security update available? If so, why and how does [Carrier] protect consumer security in such instances

In addition to general information, the FCC is also seeking specific information on the carrier response to the Android “Stagefright” security threat, which it said may affect nearly one billion devices globally.

Similarly, FTC said it has asked the device manufacturers to outline the factors they consider when deciding whether to patch a particular vulnerability and provide detailed data on the specific mobile devices they have offered for sale to consumers since August 2013 – including the vulnerabilities that have impacted those devices and whether and when the company has patched those weaknesses.

Both the FCC and FTC have given the companies 45 days to respond to their queries.

The FCC said responses to the information requests will be shared with the FTC and serve to “inform discussions” about potential solutions.


Filed Under: Industry regulations

 

Related Articles Read More >

ids-industrial-camera-manufacturer.sustainability-3
IDS focuses on sustainability in shipping
Part 5: Motion control + MQTT, OPC-UA, and other protocols for cloud services
Facebook CEO Zuckerberg Calls for More Outside Regulation
Musk’s Boring Company Calls it Quits on LA Tunnel, Instead Focuses on Hyperloop

DESIGN GUIDE LIBRARY

“motion

Enews Sign Up

Motion Control Classroom

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Industrial disc pack couplings
  • Pushing performance: Adding functionality to terminal blocks
  • Get to Know Würth Industrial Division
  • Renishaw next-generation FORTiS™ enclosed linear encoders offer enhanced metrology and reliability for machine tools
  • WAGO’s smartDESIGNER Online Provides Seamless Progression for Projects
  • Epoxy Certified for UL 1203 Standard

Design World Podcasts

July 26, 2022
Tech Tuesdays: Sorbothane marks 40 years of shock and vibration innovation
See More >
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • Advertising
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Engineering White Papers
  • LEAP AWARDS

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • Subscribe!
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings