Mobile Carrier Delays Harm Internet Security via @eft

Original blog :

Love little stories like this as who is paying. Apple side load new updates via iTunes and therefore no OTA (over the air) update, therefore no cost to the operator. All the other create an OTA cost for the operator and why should the operator pay to update software that is not their business problem. However, who do I have the contract with!

Implication. Free sounds good until you actually need to call someone to fix it.

“By delaying or even blocking security updates for mobile devices, mobile carriers put their users, their business, and the country’s critical infrastructure at unnecessary risk. Mobile security problems plague the entire software stack — the baseband, the kernel, the application frameworks, and the applications — and carriers continue to resist shipping regular and frequent updates. Mobile carriers are chiefly to blame for this problem. Although Apple, Google, and Microsoft should develop security fixes faster, they are fundamentally limited by carrier intransigence.

Carriers should stop blocking frequent updates for mobile devices, and should work with subscribers and with platform vendors to ship security updates on an internet timescale.”