facebook
twitter
rss
account
search
search
 

Study: Most mobile Web browsers unsafe

Dec. 5, 2012 at 4:35 PM   |   Comments

ATLANTA, Dec. 5 (UPI) -- Smartphone Web browsers are unsafe and even cybersecurity experts can't detect when they've have landed on potentially dangerous websites, a U.S. study found.

In a critical area that informs user decisions -- the incorporation of tiny graphical indicators in a browser's URL address field -- all of the leading mobile browsers fail to meet security guidelines recommended by the World Wide Web Consortium for browser safety, researchers at the Georgia Institute of Technology reported Wednesday.

The graphic icons are called either SSL (secure sockets layer) or TLS (transport layer security) indicators and serve to alert users when their connection to the destination website is secure and the website they see is actually the site they intended to visit.

Without that graphical confirmation of a secure site, even expert users have no way to determine if the websites they visit are real or impostor sites phishing for personal data, the researchers said.

"We found vulnerabilities in all 10 of the mobile browsers we tested, which together account for more than 90 percent of the mobile browsers in use today in the United States," computer science Professor Patrick Traynor said.

"The basic question we asked was, 'Does this browser provide enough information for even an information-security expert to determine security standing?' With all 10 of the leading browsers on the market today, the answer was no."

The Web consortium has recommended how SSL indicators should be built into a browser's user interface and desktop browsers do a good job of following those recommendations, researchers said, but in mobile browsers the guidelines are followed inconsistently at best and often not at all.

"Research has shown that mobile browser users are three times more likely to access phishing sites than users of desktop browsers," Georgia Tech doctoral student Chaitrali Amrutkar said. "Is that all due to the lack of these SSL indicators? Probably not, but giving these tools a consistent and complete presence in mobile browsers would definitely help."

© 2012 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Most Popular
1
NASA locates resting place of late LADEE probe NASA locates resting place of late LADEE probe
2
Why NASA is watching Ebola Why NASA is watching Ebola
3
New frog species found in New York City New frog species found in New York City
4
Psychedelic mushrooms enable a hyperconnected brain Psychedelic mushrooms enable a hyperconnected brain
5
SpaceX may soon start landing rockets on a platform after they've left Earth SpaceX may soon start landing rockets on a platform after they've left Earth
Trending News
Around the Web
x
Feedback