FTC and FCC Investigating Mobile Security Updates

StraightFright Bug Detector

For people who are thinking about gambling online, whether it’s through casinos, poker, sports, bingo or anything else, security is a major issue. You take on some inherent security risks in anything you do that involves monetary transactions over the Internet, but the nature of gambling adds a whole different dimension to the security and safety needs. A new investigation conducted by a joint operation between the Federal Communications Commission and the Federal Trade Commission could have some serious implications on mobile security updates for programs and operating systems that could affect mobile players in the United States.

Getting Stagefright

In late 2015, the Stagefright bug (which is really a set of bugs) were announced publicly. This bug allows hackers to gain unauthorized access to a wide range of Android-powered devices, all of which run relatively new versions of the mobile operating system, by doing as little as sending an SMS message to a number. All an attacker needs to exploit the bug is the phone number of the target device, and no user interaction is required on the device itself.

It was expected that as many as 1 billion devices were affected by this bug, and that’s a tremendous percentage of all mobile devices in the world. Android is the most popular operating system for mobile devices in the world today. This joint investigation is being seen by many as a response to the lack of a response in getting this bug patched.

Where Responsibility Lies

Google is the company behind the Android operating system, and there are patches available for the vulnerable versions of the Android system, so Google isn’t necessarily to blame here. However, because they do not control the firmware updating processes, which are primarily held by the mobile carriers themselves, they aren’t able to force updates to patch this vulnerability.

This is where the FTC-FCC joint investigation comes in. They are looking at how these security patches are distributed to mobile devices through various carriers, and they’ve sent letters to major mobile carriers in the United States like US Cellular, Sprint, T-Mobile, AT&T, Verizon, TracFone and others to try to gain information to address this issue.

The Effects on Mobile Gambling

For several years in a row now, mobile gambling has been the fastest-growing segment of the online gambling industry as a whole. Along these lines, there are still millions of devices that have not been patched for the Stagefright bug, and that means it could be inherently unsafe to play if you have a device that hasn’t been updated. Fortunately, there is a simple, free app available that will tell you in plain English if your device is vulnerable to this bug. We suggest to our readers that have an Android-powered device that they install the app and check it out to see if their device could be compromised.

There definitely needs to be some kind of improvement to how security patches are distributed to mobile users in the United States at this stage of the game. It doesn’t matter if Google is able to provide a patch for a major security issue within a day or two if it doesn’t get distributed through the carriers to the end users in a timely fashion. Considering that many were made aware of this particular bug between eight and nine months ago, and considering that millions of people still don’t have patches to address this major security issue, it’s clear that we have a long way to go. That’s particularly chilling for mobile casino players as well as poker because of the implications of the lack of security for the games, their personal information and their account balances.