Device security
The superior mobility and connectivity of handheld devices also constitutes their greatest threat, allowing intruders to try different attack methods against the device if, for example, it is lost or stolen. The figure below illustrates the most common methods of attack against mobile devices.
Symbian OS is designed for handheld devices carried by end users. Due to the nature of this kind of device, including the problems with potential vulnerabilities mentioned above, the following must be considered when designing applications for Symbian OS:
If a mobile device is lost or stolen, confidential information (for example, calendar and contacts) can be read even by those with little expertise.
Users can access confidential information and files at any time, including reverse-engineering of software and algorithms.
Data can be transferred from/to the mobile device via different methods, and even accidentally.
Users may detach removable media or the battery at any time, which can cause data loss or corruption.
In general, there is no completely safe place to save information in a mobile device, which must be taken into consideration when handling confidential information in mobile applications. (It should also be anticipated that as the level of software security increases and software attacks become less practical, interest in hardware attacks will rise.)
In the continuously evolving digital world, every application should have a certain level of robustness against a changing and hostile environment. Applications should be prepared for data corruption and alteration, network and storage blackouts, plug-ins and components that misbehave, malicious attackers, and, perhaps most importantly, user errors.
Symbian has taken the special characteristics of smartphones into account and developed platform security to protect these devices and their contents.
See the Device security methods for more details.