From ACM TechNews:
Mobile Browsers Fail Georgia Tech Safety Test
Georgia Tech News
(12/05/12) Michael Terrazas
Georgia Tech researchers have found that mobile Web browsers are so unsafe that even cybersecurity experts cannot detect when their smartphone browsers have landed on dangerous Web sites. "We found vulnerabilities in all 10 of the mobile browsers we tested, which together account for more than 90 percent of the mobile browsers in use today in the United States," says Georgia Tech professor Patrick Traynor. The main issue is graphic icons known as secure sockets layer (SSL) or transport layer security (TLS) indicators, which alert users when their connection to the destination Web site is secure and that the Web site they see is actually the site they intended to visit. Due to the small screen associated with most mobile browsers, there is not enough room to incorporate SSL indicators as with desktop browsers. Displaying a graphical indicator that a site is secure in a Web browser's URL field is on the security guidelines recommended by the World Wide Web Consortium for browser safety. "Research has shown that mobile browser users are three times more likely to access phishing sites than users of desktop browsers," says Georgia Tech researcher Chaitrali Amrutkar.