Tag: Mobiles

Categories
Links Writing

Research In Motion to Further Improve Antennas

From The Telecom Blog we learn that RIM has acquired Paratek Microwave Inc. Paratek is:

a company whose adaptive radio-frequency technology improves mobile-handset call quality and battery life. It’s believed that RIM may leverage this acquisition to improve the overall performance of its next generation BlackBerry smartphones.

General Partner of Polaris Venture Partners Alan Spoon believes RIM would benefit immensely by integrating Paratek’s game changer technology into mobile phones. He says the technology allows mobile devices to upload and download large amounts of data faster, making for longer battery life, which coupled with Paratek’s innovative design, leads to a small form factor. More importantly, the Tunable RF reduces dropped calls and allowing reliable data flow across multiple frequency bands, thereby providing an overall enhanced mobile user experience.

One of the reasons that I left behind my Window Phone 7 was its incredibly poor reception. It’s the only smartphone that I’ve owned that regularly dropped calls and made hearing calls a challenge. The iPhone that I used previously was acceptable, but not great: when I had to make, or receive, an important call I found a landline.

I don’t have to find landlines with my 9900. The call quality is terrific. While call quality isn’t something I really would have cared about a few year back – I rarely called people or received calls, and when I did they were usually personal in nature – I do care today because of the various professional calls I make on a daily basis. While the Blackberry isn’t as fun to play on it’s a far more reliable professional tool.

Not having to hunt down a landline saves me a ton of time, and I’m incredibly pleased to see that RIM cares enough about further improving call and signal quality that they are snapping up companies who can bring advantages to their smartphone environment.

Categories
Links

Phishing on Mobile Devices

A good paper on (you guessed it!) phishing on mobile devices. Paper is here (.pdf) and abstract is below.

We assess the risk of phishing on mobile platforms. Mobile operating systems and browsers lack secure application identity indicators, so the user cannot always identify whether a link has taken her to the expected application. We conduct a systematic analysis of ways in which mobile applications and web sites link to each other. To evaluate the risk, we study 85 web sites and 100 mobile applications and discover that web sites and applications regularly ask users to type their passwords into contexts that are vulnerable to spoofing. Our implementation of sample phishing attacks on the Android and iOS platforms demonstrates that attackers can spoof legitimate applications with high accuracy, suggesting that the risk of phishing attacks on mobile platforms is greater than has previously been appreciated.

 

Categories
Aside

How long American telcos hold onto customer data

Categories
Links

American Link To Greek Surveillance Debacle?

In 2004 it was discovered that parties unknown had been secretly monitoring a hundred of Greece’s top politicians and bureaucrats. An article from 2011 reveals that,

According to what sources told Kathimerini, the experts found that a mobile phone connection that had been purchased in the name of the US Embassy in Athens was used on one of these phones. Sources said that Dasoulas is now investigating whether any suspects who are not protected by diplomatic immunity could face charges.

Ericsson, which supplied the telephone exchange that was hacked into, and Vodafone, which was the service provider, were both fined by ADAE in 2007 for failing to protect the privacy of those who had their phones hacked, which included the head of the National Intelligence Service (EYP), several ministers and members of the armed forces, but the Council of State later cancelled these penalties.

The followup, of whether the Americans were actually involved, is ongoing as far as I can tell. Regardless of the culprits it’s instructive that even the head of the intelligence service was successfully targeted. We need to be mindful of how surveillance technologies are deployed in our communications networks, not just because we worry about how our own government might use the technologies, but also because of how other third-parties might use the technologies against the citizenry.

Categories
Links

Let’s Say It Together: Apple Is Not A Security Company!

I sympathize with people’s concern and anger when they learn more about Apple’s atrocious APIs that let developers run off with consumer data. In the most recent revelation

Accepting an iOS prompt that asks permission to access location data can also allow copying of private photo and video libraries, the Times said yesterday. Because these devices often save coordinate information along with photos, it might also be possible to put together a user’s location history, as well as recording current location.

Apparently in an attempt to make photo apps more efficient, access to private photos has been available since the fourth version was released in 2010.

All of this, however disturbing it might be, make a lot of sense. Apple is a consumer company that aims to engineer products so that users can best enjoy them. This means they don’t want to throw a whole lot of security warnings in front of you, for two reasons: First, you’ll just ignore them anyways; second, they’ll annoy you and thus could reduce your iDevice usage.

Very few mobile companies ‘do’ security. The much-maligned Research In Motion is actually about the only mobile company that sells its products on security grounds, though the need to have secured code reduces the rate that they can bring new, highly innovative, product to market. Consumers, businesses, governments, and the market point to their slower rates of innovation as indicative of RIM’s forthcoming doom, but in so doing miss that the ‘cost’ of RIM’s death would be a near-absolute dearth of secured mobile platforms.

If you’re interested in reading about the economics of ignorance and mobile security, check out a piece that was written last year on this very subject.

Categories
Links Writing

Canadian Carriers: No, You Can’t Compare Our Plans

I’ve talked about trying to pull together a measurable comparison of Internet service in Canada for a while, but as of yet haven’t had the resources to build a tool which meets my criteria. Industry Canada had a similar idea for basic cell phone services. Specifically, the government department created a calculator to help Canadians easily compare text/voice plans across Canada’s various mobile provides. We’ll never see the calculator, however, because:

Internal departmental records released to Postmediareveal that Clement’s decision came after direct lobbying from the likes of Rogers Communications, Telus and the Canadian Wireless Telecommunications Association. Clement defended the decision to shut down the calculator by stating that it was “unfair” in that it didn’t include bundled services mainly offered by, yes, the big telecommunications providers.

It’s incredibly unfortunate that this tool wasn’t provided – it would have been of real assistance to the large number of Canadians that aren’t using bundled services. What’s worse is that, rather than providing the tool in a ‘basic’ state and then scaling it depending on demand (the approach planned by Industry Canada) the whole project was scrapped. Not even the source code has been made available. Consequently, Canadians paid a fortune to develop a tool which met its basic design specs, and have nothing to show for it save for a large government bill and the continued hassle of trying to decipher the cacophony of mobile phone plans. Carriers: 1 Canadians: 0.

Categories
Quotations

You might think they’d grow faster with all-you-can eat, but I think it’s a testament to the fact that service providers are educating users more on their impact and IP footprint … People understand they have a 2GB or 3GB cap or whatever, so they are consuming as much as they can to get their money’s worth. Those with unlimited aren’t concerned, but aren’t using as much.

Cisco’s Thomas Barnett, explaining why tiered mobile plans saw a 169% increase versus an 83% increase for unlimited mobile data plans
Categories
Links Writing

Want to Claim Congestion? Then Expect Real Audits

Free is a really interesting new mobile carrier in France, which offers a cheap entry rate of service. It seems as though the incumbent they’re partnered with wasn’t expecting Free’s success and so they want to raise rates on the basis of congestion. Specifically,

France Telecom said its network was being stressed by a rapid growth in traffic brought on by its hosting of new mobile entrant Iliad and vowed to protect its clients from service interruptions, its CEO told magazine Le Point…Iliad’s Free Mobile service upended the French telecom market in January when it launched its main offer at 19.99 euros per month for unlimited calls to France and most of Europe and the United States, unlimited texts, and 3 gigabytes of mobile data.

It’s entirely possible that the network is stressed … but it’s equally possible that other issues are leading to stresses that are real or imagined. If incumbents get to call congestion whenever the market turns against them, then they should be subjected to real, honest to god, tests for congestion by engineers who are (at best) neutral. Ideally the engineers should be downright hostile in order to force the incumbent to demonstrate beyond a shadow of a doubt that the network is indeed strained, and that such strains aren’t the result of poor management, investment, or technical configuration.

If it turns out that the incumbent is responsible then they should pay for the audit and be required to meet contractual service demands that were offered to partners and be prohibited from engaging in predatory pricing in the future. Congestion is now a particularly tired big-bad-wolf, and it’s time that ISPs that call wolf are actually forced to demonstrate, in peer-reviewable empirical terms, that the wolf is actually at the doorsteps or ravaging the sheep.

Categories
Links

Tracking by GSM

From Ars Technica:

The attack works by exploiting features in GSM, or Global System for Mobile Communications, cellular networks that transmit data sent between base stations and phones in clear text. By simply calling the target’s mobile number and monitoring the network’s radio signals as it locates the phone, the attacker can quickly confirm if the person is located in what’s known as the LAC, or Location Area Code. Attackers can use the same technique to determine if the target is within close proximity to a given base station within the LAC.

This is helpful for figuring out where, in a specific geographic area, a person is or (in case you’re interested) where they aren’t. This latter use – clarifying that a person isn’t in a specific LAC – is particularly useful if you are launching some action that is made easier by a person’s non-presence. (Hint: Think burglary).

This new GSM attack builds on other research around monitoring a person’s location by exploiting mobile phones. For a good overview of the information used in similar kinds of surveillance, see Claudio A. Ardagna et als. chapter in Digital Privacy: Theory, Technologies, and Practices.

Categories
Aside Links

Self-Mutating Trojans Come to Android

Symantec is warning that the next generation of smartphone viruses has come:

Researchers from security vendor Symantec Corp. have identified a new premium-rate SMS Android Trojan horse that modifies its code every time it gets downloaded in order to bypass antivirus detection.

This technique is known as server-side polymorphism and has already existed in the world of desktop malware for many years, but mobile malware creators have only now begun to adopt it.

A special mechanism that runs on the distribution server modifies certain parts of the Trojan in order to ensure that every malicious app that gets downloaded is unique. This is different from local polymorphism where the malware modifies its own code every time it gets executed.

This is a clever means to avoid the rudimentary analysis systems that the major vendors use to ID malware. It’s also (another) indication of how important antivirus is going to become for the mobile marketplaces. I suspect that, by the end of the year, a lot of users (on iOS, Android, and the rest) are going to wish that the post-Steve Jobs smartphones on the market today met Jobs’ initial thoughts regarding smartphones when Apple released the iPhone. Specifically, he held that:

He didn’t want outsiders to create applications for the iPhone that could mess it up, infect it with viruses, or pollute its integrity

While our pocket computers are better now that apps are available, I can’t help but think that Jobs’ earliest worries are now looming at today’s potential nightmares.