Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links Writing

Why Mobile Carriers are a Threat to Us All

Paul Thurrott reports that Microsoft is no longer guaranteeing that mobile updates will be delivered to end-users and will no longer give guidance about when/if those updates will come.

I suspect that Microsoft’s actions are the result of carriers not caring one lick about security and actively opposing performance updates to “old” phones. Carriers aren’t themselves affected by security deficiencies that they are largely responsible for prolonging, and if new cool features are automatically provided in a smartphone update then the customer is less likely to rush out and buy a new phone with the same features. Carriers need to be held accountable: if they know there are security updates and refuse to let them go out to customers, then customers’ contracts should be broken with those same carriers. If customers experience actual harms, then the carriers should be legally – and financially – liable.

Microsoft, and the other mobile OS vendors, need to realize that the most important customer base is the people buying phones, not the device manufacturers or carriers. The latter two groups are important, yes, but if Microsoft can’t convince end-customers to pick up their phones and be happy about the choice a few months later then Microsoft is going to turn into an Android-like OS manufacturer. We already have one too many of those.

Categories
Humour

An instance of non-security theatre?

Categories
Links

3 things I really want to see from my windows phone ASAP

xczachx20:

  1. Screen Capture capability
  2. An Call of Duty Elite App
  3. A tumblr App

I’d happy trade #2 for a functional version of Google Maps that:

  • was a native app;
  • worked with the GPS;
  • provided transit directions.

The Bing Maps functionality might be decent if you drive. It’s shit if you take transit.

As a bonus: be great to (easily) disable all the Microsoft Skydrive garbage.

Categories
Links

Side Channel Attack =/ Cracking Encryption

From the article:

BlackBerry messenger is “significantly less encrypted compared to the BlackBerry email that corporations are using,” Leif-Olof Wallin, an analyst at Gartner Inc., based in Sweden, recently told Bloomberg News. “Any kind of cryptographer should be able to crack it without the involvement of (parent company, Waterloo, Ont.-based Research in Motion).”

BBM for consumers is sufficiently encrypted and it isn’t a simple matter for ‘amateur cryptologists’ to easily break it. No: the deficiency with the communications encryption
is that RIM uses, and possesses, a common global key to provide transit security to BBM messages. In the case of users that are linked to a BlackBerry Enterprise Server (BES) the BES administrator is responsible for establishing the encryption/decryption keys. As a result, RIM is incapable of breaking the BES infrastructure. It should be noted that, with consumer BBM traffic, the supposed attacker is a transit middle-man and not the government. RIM protects end-users from this – which doesn’t happen with a SMS message – and makes no bones about being there to protect consumers from legitimate (in the sense of legally justified, rather than normatively acceptable) government interceptions.

Categories
Writing

E-Snooped Upon

Public Safety Minister Vic Toews states that the government’s proposed lawful access legislation is on a par with a phonebook linking phone numbers to a residential address. This is highly misleading (The Poop On E-Snoop – letters, Dec. 3).

Anyone can look up information in the phonebook, but they cannot compel Rogers or Bell to turn over “phone record” data that the government is after. The minister has not noted that his proposal would expand “phone records” from three items (name, address, telephone number) to 11. We are familiar with what those three items mean, but how many can decode the mysterious acronyms of digital and mobile communications: the IP address, the MIN, the SPIN, the ESN, the IMEI, the IMSI, the SIM? The minister isn’t talking about phone records, but about giving authorities access to a range of identifiers that tell a great deal about our personal lives. So, can we please have a debate about the Internet instead of one about “phonebooks”?

Colin Bennett, Christopher Parsons, “E-snooped upon
Categories
Links Writing

Tracking Your Every Move: ‘Enhancing’ Driver’s Licenses at the Cost of Privacy | Dissident Voice

The potential for ubiquitous surveillance that emerges with Enhanced Drivers Licenses (EDLs) could only be imagined by the Stasi in Communist East Germany, but is a genuinely looming specter for contemporary North American democracies. Provincial and state governments in North America are proposing to ‘enhance’ driver’s licenses in coming years by including a Radio Frequency Identification (RFID) chips in them. These ‘enhanced’ licenses emit unique identifiers and will be optional when they are first available to the public, though they will be required to enter the United States using a driver’s license beginning in July 2009. The proposed Enhanced Driver’s Licenses (EDLs) are intended to be associated with border security, but are also accompanied with concerns linked to individuals’ reasonable expectations of privacy.

An early piece I wrote on enhanced drivers licenses.