Gartner Blog Network

Smartphone Security Perspective: In the iPhone vs. Droid Wars, Viva La Closed Platform

by John Pescatore  |  June 25, 2010  |  1 Comment

Mainframes were a closed platform – only the demi-gods in the basement could load applications. For security, life was good – not so much for creativity and user responsiveness, though.

The PC is an open platform – users can create and load applications, and (even worse) send them to each other. Security has been a nightmare – the Internet is perfectly secure, it is the PCs connected to the Internet that are really the majority of the problem. However, the upside is that giving productive users the ability to install and run any application they want to has been a boon to their creativity.

As smartphones have entered the workplace, so far we have had two that are more like mainframes and one that has been a PC – and interestingly the mainframe ones have captured the most share:

  • Blackberry – a very tightly controlled platform, very limited ability for users to create, install and share applications. Great from a security perspective, but in reality the Blackberry gained market share because it was the first portable email+phone device and not really because of the smartphone/application side of things.
  • Windows Mobile – as you would expect, Microsoft took the approach of making a tiny, little handheld PC with a cellphone buried inside. Lots more freedom for users to install and share applications, but not all that successful in the marketplace.
  • iPhone – the iPhone really is a little tiny mainframe. It is a closed platform, Apple decides what applications get on the whitelist (the App Store) but it is a really, really big whitelist – users don’t notice the boundaries. It is like when you put a goldfish in a bathtub – “I’m free!!” shouts the goldfish. Life can be pretty good, security-wise, if you can keep all your users in a bathtub.

The Droid operating system is taking the opposite tack – it is not a closed platform, it is trying to tout that is much more PC like “There is no ‘Don’t’ about the Droid! You can create and share apps – it is all about Do!” Uh, oh – do we really have to say “Do” to  Melissa, Slammer, Blaster, MyDoom, Conficker, Zeus, etc.  malware in smartphones?

Now, I think various Droid platforms will end up offering “business quality app stores” but the smartphone world is a consumer-driven world. But, right now the Droid app area is starting out to be the Wild, Wild West as this NetworkWorld piece points out –  very reminiscent of the early bad old days of PCs.

As much as Apple’s lack of enterprise focus irks me, the best of both worlds from as security perspective in the smartphone world is a mainframe that users don’t complain about.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research


John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Thoughts on Smartphone Security Perspective: In the iPhone vs. Droid Wars, Viva La Closed Platform

  1. […] “Smartphone Security Perspective“ […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.