The Importance of Mobile Code Security

Posted by alvina on September 28th, 2017

Sometimes when executing programs or applications from remote or mobile locations, it becomes necessary to distribute code or scripts that will run one after the other. This has become especially true for large applications that do not necessarily need to download all the necessary programming for them to run. However, as soon as important parts of the application become necessary (or sometimes in the case of updates or additional downloadable content) it becomes necessary to transmit this codes from the originating source (usually from the developer or their server, if any) to the device that needs the additional content.

Now previously, only data was transferred in this way from a central location to a more remote or mobile location. Data such as personal information, confidential documents, photos, etc. However, in this age, additional programming code needs to be downloaded to execute a software or application. However, with this method, there is also a danger that you may download code that is not actually safe for your device; whether it be a PC, Mac, or a mobile device such as a smartphone or tablet.

In fact, some of the most famous viruses such as the ILOVEYOU virus was distributed through a mobile code as a VBS or virtual basic script. This script disguised itself as a txt file attachment on an email and started to alter the files in your computer by making copies of itself and appending .vbs at the end of a lot of files. It then sent copies of itself to your address book in Outlook thereby multiplying itself further and distributing it across the globe. This script is believed to be one of the most virulent computer virus at the time.

Due to the dangers of malicious mobile codes, it is important to scan for vulnerabilities protection. When you access a website online, your browser is designed to download that site from the server thereby making a “local” version of the site on your computer. This also means that the browser also downloads any kind of code or script necessary for you to display that website. The trouble with this is that, more often than not, a browser does not ask permission for what code or scripts are downloaded, and they are often automatically run without asking so that you can view the site right away. While this is okay with most safe sites, this can be dangerous on unprotected sites.

While most updated browsers will be able to identify possible threats or malicious code from such sites, some can still fool you and end up downloading and running code or script unbeknownst to anybody. This is why it is very important to scan websites for vulnerabilities protection as well. You never know when an attack may happen and this is why mobile code security is definitely important.

In most cases, if you have an antivirus software, it will be able to detect malicious code, quarantine it, and even delete it as necessary. I believe this is also one of the static code analysis benefits is that code can be analyzed before executing so you will know if it’s worth running or if there are potential threats.