Apple, Google and Mobile Carriers Asked About Security Fixesby
FCC and FTC ask for information on process for issuing patches
Letters go to carriers AT&T, Verizon and to device makers
Smartphone makers such as Apple Inc. and Google and mobile carriers including AT&T Inc. and Verizon Communications Inc. face an inquiry by U.S. regulators into how they review and release security updates to combat cyberthieves and Internet vandals.
The Federal Communications Commission and Federal Trade Commission both issued statements Monday saying they want to know more about how and when vulnerabilities are being patched as consumers and businesses face hacking threats related to their increased reliance on mobile broadband.
“We are concerned” that “there are significant delays in delivering patches to actual devices -- and that older devices may never be patched,” the FCC said in a sample of letters sent to companies that the agency posted on its website.
The FCC sent letters to the top four U.S. wireless providers -- AT&T, Verizon, T-Mobile Inc. and Sprint Corp. -- as well as to U.S. Cellular Corp. and TracFone Wireless Inc., said Neil Grace, a spokesman for the agency.
The FTC said it had ordered eight companies to explain the process for issuing security updates: Apple, Alphabet Inc.’s Google, BlackBerry Ltd., HTC America Inc., LG Electronics USA Inc., Microsoft Corp., Motorola Mobility LLC and Samsung Electronics America Inc.
The companies are to list the mobile devices they’ve offered for sale in the U.S. since August 2013, the vulnerabilities associated with the gear, and whether they’ve offered patches, the FTC said.
Wireless carriers “deploy and encourage all customers to take advantage of the updates to protect their devices and personal information from cyberthreats,” John Marinho, a vice president at CTIA, a Washington-based carriers’ trade group, said in an e-mailed statement.