Tag: Blackberry

Categories
Links Writing

RIM Demoing the Value of NFC-Enabled Devices

I admit it: I’m really curious to see how NFC technologies are adopted by various vendors and developers. To date, however, the integration has been poor and what adoption there has been tends to focus on payment solutions. Payment solutions scare the crap out of me because they increase the reasons attackers have to compromise my phone: it’s bad enough they want my personal information; I don’t want them after my digital wallet as well!

RIM has a neat bit of technology they’ve recently released, which leverages the NFC functionality in their new phones with Bluetooth pairing systems. Specifically, it enables rapid syncing between phones and audio-output devices (i.e., speakers). While the product is pretty “meh” as released today, it could be pretty exciting were vehicle manufacturers and speaker manufacturers to generally integrate NFC-pairing capabilities with their respective products. It’s presently a pain to listen to music stored on a mobile through vehicle speakers (using Bluetooth) or a friend’s speakers in their home. RIM has offered a partial solution to the Bluetooth pairing problem; now it’s up to the larger ecosystems to actually integrate RIM’s idea in a omnipresent and highly functional way.

Categories
Links Writing

The Problems With Smartphone Password Managers

In today’s era of hyperbolic security warnings one of the easiest things that people can do to ‘protect’ themselves online is select super hard passwords to crack, stuff them in a centralized password manager, and then only have to remember a single password to access the rest in the manager. I’ve used a password manager for some time and there are real security benefits: specifically, if a single service that I’ve registered with is hacked then my entire online life isn’t compromised, just that one service.

Password manager companies recognize the first concern that most people have surrounding their services: how do the managers protect the sensitive information they’re entrusted with? The standard response from vendors tends to reference ‘strong security models and usage of cryptography. Perhaps unsurprisingly, it is now quite apparent that the standard responses really can’t be trusted.

In a recent paper (.pdf), researchers interrogated the security status of password managers. What they found is, quite frankly, shocking and shameful. They also demonstrate the incredible need for third-party vetting of stated security capabilities.

The abstract for the paper is below but you should really just go read the whole paper (.pdf). It’s worth your time and if you’re not a math person you can largely skim over the hard math: the authors have provided a convenient series of tables and special notes that indicate the core deficiencies in various managers’ security stance. Don’t use a password manager that is clearly incompetently designed and, perhaps in the future, you will be more skeptical of the claims companies make around security.

Abstract:

In this paper we will analyze applications designed to facilitate storing and management of passwords on mobile platforms, such as Apple iOS and BlackBerry. We will specifically focus our attention on the security of data at rest. We will show that many password keeper apps fail to provide claimed level of protection

Access the paper (.pdf)

The Problems With Smartphone Password Managers

Categories
Links Writing

Research In Motion to Further Improve Antennas

From The Telecom Blog we learn that RIM has acquired Paratek Microwave Inc. Paratek is:

a company whose adaptive radio-frequency technology improves mobile-handset call quality and battery life. It’s believed that RIM may leverage this acquisition to improve the overall performance of its next generation BlackBerry smartphones.

General Partner of Polaris Venture Partners Alan Spoon believes RIM would benefit immensely by integrating Paratek’s game changer technology into mobile phones. He says the technology allows mobile devices to upload and download large amounts of data faster, making for longer battery life, which coupled with Paratek’s innovative design, leads to a small form factor. More importantly, the Tunable RF reduces dropped calls and allowing reliable data flow across multiple frequency bands, thereby providing an overall enhanced mobile user experience.

One of the reasons that I left behind my Window Phone 7 was its incredibly poor reception. It’s the only smartphone that I’ve owned that regularly dropped calls and made hearing calls a challenge. The iPhone that I used previously was acceptable, but not great: when I had to make, or receive, an important call I found a landline.

I don’t have to find landlines with my 9900. The call quality is terrific. While call quality isn’t something I really would have cared about a few year back – I rarely called people or received calls, and when I did they were usually personal in nature – I do care today because of the various professional calls I make on a daily basis. While the Blackberry isn’t as fun to play on it’s a far more reliable professional tool.

Not having to hunt down a landline saves me a ton of time, and I’m incredibly pleased to see that RIM cares enough about further improving call and signal quality that they are snapping up companies who can bring advantages to their smartphone environment.

Categories
Videos

RIM Proof of Concept

This is an interesting proof of concept being demoed by RIM. It’s certainly not practical at the moment – requiring an overhead camera means it only really works in mobile/fixed testbeds – but it is cool. The next step, beyond building buzz of course, is to figure out how to make this kind of technology useful to the consumer. Still, it’s good to see RIM demoing the ‘cool stuff’ they’ve been privately researching. Hopefully we see more of these kinds of demos in the future to build a rebuild the beleaguered company’s public image.

Categories
Links

Let’s Say It Together: Apple Is Not A Security Company!

I sympathize with people’s concern and anger when they learn more about Apple’s atrocious APIs that let developers run off with consumer data. In the most recent revelation

Accepting an iOS prompt that asks permission to access location data can also allow copying of private photo and video libraries, the Times said yesterday. Because these devices often save coordinate information along with photos, it might also be possible to put together a user’s location history, as well as recording current location.

Apparently in an attempt to make photo apps more efficient, access to private photos has been available since the fourth version was released in 2010.

All of this, however disturbing it might be, make a lot of sense. Apple is a consumer company that aims to engineer products so that users can best enjoy them. This means they don’t want to throw a whole lot of security warnings in front of you, for two reasons: First, you’ll just ignore them anyways; second, they’ll annoy you and thus could reduce your iDevice usage.

Very few mobile companies ‘do’ security. The much-maligned Research In Motion is actually about the only mobile company that sells its products on security grounds, though the need to have secured code reduces the rate that they can bring new, highly innovative, product to market. Consumers, businesses, governments, and the market point to their slower rates of innovation as indicative of RIM’s forthcoming doom, but in so doing miss that the ‘cost’ of RIM’s death would be a near-absolute dearth of secured mobile platforms.

If you’re interested in reading about the economics of ignorance and mobile security, check out a piece that was written last year on this very subject.

Categories
Writing

Stupid Problem with BlackBerry Data

I use my mobile phones a lot and most batteries just barely last me through a day on a single charge. With my iPhone and Windows Phone, when the batteries are almost exhausted, various functions (including radios) are disabled to make the last bit of juice last as long as possible. My BlackBerry does the same thing.

I’m fine with this.

What’s I’m not fine with is the following: once I charge the BlackBerry and the radios are re-activated, I have to pull the battery and fully reboot the device to get access to the various services that course through the BIS. If I don’t pull the battery, I get a warning that my plan doesn’t cover data services and thus I cannot access the phone’s various Internet-related functions. On the face of things, it seems that after charging the device, RIM’s software fails to indicate to their network infrastructure that I have a data plan and thus can access the BIS.

Needless to say, this is absurd.

I cannot believe that I’m the only person running into this and regardless of whether the problem is with my particular carrier, or the device, it isn’t something that I should ever experience. These are the kinds of problems that should be sorted out well before a device is put in the consumer’s hands.

Categories
Aside

Useful Warnings

circa476: Poor Apple….

THIS is the kind of actionable, helpful, warning information that should be presented to end-users. It gives them the relevant information they need to choose ‘Cancel’ or ‘Add Anyway’ without scaring them one way or the other. If the jailbreak community can do this, then why the hell can’t the big players like Apple, RIM, Google, Microsoft and the rest?

Categories
Writing

A Comment on GPS and Smartphones

There are a great number of concerns around GPS chips being integrated into smartphones; surveillance, third-party tracking, and profiling (to say nothing of bad results!) are all issues that technologists ‘in the know’ warn of. I don’t want to talk about any of these issues.

No, I want to say this: of the smartphones that I’ve used in the past 6 months (iPhone 3GS, Samsung Focus, BlackBerry Bold 9900, BlackBerry Torch 9800) the BlackBerry devices have the most reliable, accurate, and speedy GPS functionality. The Focus was unreliable, at best, and while the 3GS’s UI was the best it was slower and less accurate than what I enjoy with the aforementioned BlackBerry devices.

For many people the GPS is a nicety, icing on the cake. For me, I rely on my GPS and maps integration to get from points A to B. The integration between Google Maps and the iPhone was excellent, if not the fastest. Integration on the Windows Phone was poor, largely because they missed my market: I’m a conscientious traveller and so prefer public transit. Windows Phones are absolutely unable to parse transit information in any of the major or minor cities I’ve visited over the past several months. If they can’t even do a non-US world city then the integration is not ready for prime time.

While the Google Maps/GPS integration on BlackBerry has an archaic UI – it really, really, looks like it was developed several years ago (because it was) – it’s fast and reliable. UI beauty is of critical importance for getting novices to use new technologies, but UI alone is insufficient to sell consumers on the value of a device over the long term. On this basis the Windows Phone OS failed outright and iOS trailed the ‘older’, ‘archaic’ and ‘aging’ BlackBerry OS 7.1 device I’m using right now.

Categories
Links

An Open Letter to Thorsten Heins

I’ll let Mr. Vida explain, in his own words, why you should go and read his open letter:

Why listen to yet another open letter?

I helped build PlayBook. My team designed the PlayBook OS. We spent the better part of a year sequestered in secrecy working on what we believe to be a tablet OS experience at least as good as an iPad and, in many ways, better. We are immensely proud of our work there. We view the PlayBook OS as our baby. We want to see it succeed. We know the potential it has.

Seriously: go read the letter. It’s more personal, and richer in experience, than any of the analyst accounts of Heins, RIM, or the PlayBook. It’s also short, succinct, and well written. Read it.

Categories
Links

Will Android lead to RIM’s Security ‘Death Knell?’

Bloom reports:

…[Graham Thompson, president of Ottawa-based Intrinsec Security Technologies] cautions that RIM’s plans to tap into the Android marketplace could place a serious security burdern on the beleaguered company.  An Android adherent himself, he nevertheless says the potential for breaches with Android apps threatens the core of RIM’s business strategy.

“I don’t understand why an [Android] application, for example, like a flashlight, requires Wi-Fi access or Internet access. It just makes no sense to me. Yet people are willing to say, ‘Yeah, go ahead. I don’t care about the privileges that this application is looking for. I just want my flashlight.’ And what impact does that have on corporate data is one of the main questions.”

I’m not exactly happy with the (impoverished) state of Android or iOS security. I’m happier (though I refrain from the full on “happy”) with RIM’s approach to data sharing with their app market (I’ve documented here some of the highly technical, and unwieldily, means that RIM notifies customers of security concerns). That said, I would wait before pronouncing that RIM’s integration of Android will lead to doom.

Specifically, those who have dealt with the RIM/Android integration have reported that Android apps do not get free reign on the device. This means that key Android ‘hooks’ are not always available, thus limiting the ‘damage’ they can do to a particular security profile.

Moreover, we cannot look at the integration without also considering the role of BlackBerry fusion, a system that intentionally hives off professional and personal ‘sections’ of the device. This segregation (in theory) should mean that even if an Android app breeches the RIM personal security protections, that the app should not have access to the professional side of the device and data contained in this element of the device.

Does this necessarily save the end-consumer, buying the device from Rogers, O2, or other wireless firm? No. Does it save businesses (a key market, and most zealous for, security assurance)? Much more likely.