Tuesday, November 04 2008
NIST just released their Guidelines on Cell Phone and PDA Security here are some comments from my side.
Overall I think the document is quite good covering the field well. My main point of
critic is the way they present their references. The document cites many news sites
instead of the original publisher's site/document. Therefore some of the references are more
or less useless since they don't provide the path to more detailed information. I not only
write this because they quote theregister on my MMS vulnerability but
also because of quoting zdnet on various other vulnerabilities rather than the original
advisories. To make it clear I don't think the articles by these news sites are bad or
wrong, I just think people reading NIST publications expect a little more detail.