FCC, FTC order mobile phone vendors and carriers to reveal security update procedures
The government agencies want to gain a better understanding of how security updates are issued.
Two federal agencies have kicked off an investigation to discover the decision making process cellular carriers and phone manufacturers use when each decides to implement a security update on their network or device.
The Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) wrote letters to six mobile phone carriers and eight phone manufacturers to gain a better understanding of not only how mobile security works, but to determine the process these companies use when reviewing and releasing security updates.
Some of the other information requested included:
- Detailed data on the specific mobile devices they have offered for sale to consumers since August 2013;
- The vulnerabilities that have affected those devices; and
- Whether and when the company patched such vulnerabilities.
The companies have 45 days to comply with the order.