Measuring and attesting to the operational integrity and security posture of a mobile device is challenging. For example, smart phones and tablet computers currently lack a number of traditional security features that have emerged for commodity laptops and desktops. In addition to restricted power, mobile devices generally don't have a Trusted Platform Module (TPM) and currently lack ubiquitous virtualization capability, which limits some current approaches to security. Even as these security mechanisms reemerge for mobile devices, no single one is expected to be a “silver bullet.”
Black-listing and, in general, malicious signature detection has proven to be ineffective against polymorphic malware and other attacker techniques. Virus scanning, virtual machine introspection and taint tracing can also deplete a device's battery faster than normal. [Deepak Venugopal, An efficient signature representation and matching method for mobile devices, In Proceedings of the 2nd annual international workshop on Wireless internet, WICON'06, New York, N.Y., USA, 2006, ACM.] Battery drain is a critical aspect of a consumer's experience with mobile devices—a security mechanism that tips the balance of this reality will undoubtedly be met with disdain by consumers and unlikely to be adopted by vendors.