A security firm has released their “Dirty Dozen” smart phones that pose the greatest security risks to their owners: http://bit.ly/vaid1L. Why should you care?

Given what people use our smart phones for these days, a security hole in your smart phone is as risky as a security hole in your computer. We bank, we shop, we email, we even store lists of our passwords, all on the little phone in our pocket or purse. If someone breaks into your phone, they may be able to access any or all of these things – and you could lose money or privacy, even jeopardize your company, your credit, your identity, etc.

Wait, you say, how does that work with just a phone?

When your phone software is out of date it means that there are known security holes sitting wide open on your phone. These vulnerabilities are documented and published on the Internet and accessible to everyone who’s looking, which includes malicious hackers.

The longer that vulnerability is known, the more likely it is that someone will write some bit of wicked code to exploit it. The more phones of a particular type out there that are likely to have that vulnerability go unpatched, the more reason the bad guys have to write something nasty for that type of phone, because there’s a larger audience that may be susceptible to it.

Since, as a general rule, Android phones go a long time without being updated, they make a good target for malicious hackers. These models in particular tend to have outdated software right off the shelf, and the manufacturers are slow to release updates to the latest (and most secure) software.

This is one of the things Apple does a little better – they make it easy for even their least security-savvy users to keep their iPhones up-to-date by default. Now if only they released security updates more often …