Sections » Security »

SMobile Systems and Sybase iAnywhere partnered to “deliver advanced mobile security solutions for Information Anywhere Suite’s Afaria mobile device management and security platform.” The two companies will work to secure a broad range of smartphones from the latest intrusions and threats, leveraging SMobile’s antivirus, firewall and mobile spam protection.

Commenting on the announcement, Sybase iAnywhere’s Joe Owen said: “After a competitive review we selected the SMobile Security Shield as offering the highest degree of security available for handheld devices. In addition, the company’s multi-device strategy aligns well with our commitment to provide broad, multi-platform mobile device support.”

To date, the SMobile Threat Center has identified more than 400 viruses that target mobile devices and networks.

In an age where a shoe-bomb is as real a threat as a screaming baby on a trans-continental flight, customs officials are exploring ever wider freedoms in passenger baggage checks.

New customs policies are being hashed out that would hold passengers liable for any pirated media, including music and videos, stored in their portable electronic devices. And, with the growing popularity of combining your personal media play and mobile phone in to one converged device, it stands to reason that iPhones of the future might be subject to airport security checks.

Australia’s Foreign Minister Stephen Smith has apparently confirmed that they have been part of international negotiations - Anti-Counterfeiting Trade Agreement - regarding media pirating. The negotiations seek to levy criminal sanctions against those infringing copyrights on a commercial scale.

The US is one of the key countries pushing this anti-piracy agreement on an international scale. With the music industry scrambling to keep revenues up in an ever advancing world of techno-piracy, it looks like the international traveler could be the next target.

[Via: HeraldSun]

BlackBerry maker, Research In Motion (RIM), has taken a more pro-active approach to maintaining their BlackBerry servers. Rather than waiting for vulnerabilities to rear their ugly head and take down enterprise users’ entire BlackBerry email-backends, RIM has announced that they’ve identified and patched a vulnerability in their BlackBerry Enterprise Server related to PDF-parsing.

The security hole would have given hackers and malcontents access to the Enterprise Server by tricking BlackBerry email users in to opening a malicious PDF email attachment,  potentially leading to a crash of the entire server.

BlackBerry Enterprise Server versions 4.1.3 through 4.1.5 were the only versions affected by the PDF security hole, according to RIM. Enterprise Server version 4.1.6 for Microsoft Exchange and IBM Lotus Domino was apparently no affected by the flaw. The security patches have been issued to BlackBerry Enterprise server customers.

“There were no customer reports of any actual problems relating to this vulnerability, and RIM has since provided software updates that resolve the issue,” RIM said in a statement.

Well done, RIM. Now, on to ironing out the bugs and launching that BlackBerry Thunder, eh?

[Via: CellularNews]

The latest version of Intego’s Virus Barrier (v10.5.3) will not only scan files on your Mac, but will also include the iPhone in the process. And while we’re not aware some malware is developed for the iPhone or iPod Touch at this stage — which is kinda logical considering how tightly Apple controls the platform — it’s kinda fair to guess Intego will use the newly developed “iPhone compatibility” for marketing purposes.

Scaring people was never my hobby, and I never liked all those anti-malware solutions for Symbian-based smartphones. To be fair, a single virus has been developed in the near future for S60, but that wasn’t actually a big deal. That being said, I’m all against this approach. Presently, iPhone and iPod Touch are perfectly safe devices!

Anyway, Virus Barrier X5 10.5.3 runs completely on your Mac (no PC version is available) and will only scan the iPhone, once it’s connected for syncing purposes.

[Via: Unwired View]

AuthenTec, the “world’s leading provider of fingerprint sensors and solutions” has announced that Fujitsu’s new FOMA F906i ultra-thin world phone has integrated an AuthenTec fingerprint sensor for Power of Touch(R) features including security, convenience, personalization and navigation.

The feature-rich F906i, recently offered to subscribers of Japan’s leading wireless carrier NTT DOCOMO, utilizes AuthenTec’s new small form factor AES1710 low power fingerprint sensor. While millions of NTT DOCOMO’s mobile phones have incorporated an AuthenTec sensor to authorize contactless mobile payments and for protecting access to stored files and the user’s personal information, this is the first time a Fujitsu phone has added the benefits of AuthenTec’s TrueNav technology.

The F906i features 3G/GSM international roaming, GPS map navigation, HSDPA, “One-Segment” mobile TV, DCMX(R) mobile credit card and iD(TM) mobile credit payments, full wide VGA LCD screen. The F906i also features two cameras (3.2 megapixel and 320 kilopixel) and enables access to diverse video content and services, including DOCOMO’s Music & Video Channel which provides more than 100 channels of downloadable broadcasts spanning 14 genres.

AuthenTec’s AES1710 fingerprint sensor is based on the Company’s patented TruePrint technology, which reads below the surface of the skin to the live layer where a person’s true fingerprint resides. This unique subsurface approach enables AuthenTec sensors to read virtually every fingerprint, every time — a critical requirement in any fingerprint-enabled device. Other device features include TrueNav menu navigation, TrueFinger anti-spoofing security, and TrueMatch pattern matching to ensure the industry’s highest level of security, usability and convenience.

Crumbs! Well the technology sounds good, phones sounds nice - from my experience of touchpads with finger recognition, the key thing is ease of use - the sensor needs to get it right first time every time, else it can become an annoyance. Everything above though points to a great system!

Actually this story isn’t very new at all, but I stumbled across it whilst looking at other info on the ever-wonderful Interweb. Cell phones etc wrote up a list of the top 10 places to lose your cellphone - rather than replicate the entire list here (you can read that by clicking the link at the end), I thought I’d pull out a couple of old favourites, along with their respective positions:

8. Roof Of Your Car

We’ve all done it. Especially you wack-o’s who use those gigantic Bluetooth headsets. (Aren’t you worried about growing golf ball sized tumors?)

You’re on the phone, which you’ve left on the roof of your car, and you don’t realize it until the call disconnects when your Treo explodes on the ground after breaking quickly to avoid murdering a squirrel. At least you know for sure you have to buy a new one. Hopefully you had insurance.

Chance of recovery: 0-100% (Depending on where it lands, and if you remember before it falls… and if you have insurance)

6. Airport Security

You’ve stood in line for 30 minutes to check in. You’ve stood in line for 45 minutes to go through security. Then you get the dreaded tap: “Sir, you’ve been randomly selected for a thourough search of your belongings.”
In the process of removing your coat, shoes, belt and explaining why your nipples beap every time the metal detector passes over them, your brand new Amp’d Jet phone disappears. You don’t realize it until you hear your name over the airport loud speaker.

Chance of recovery: 50-100% (Depending on how much time you have before your flight leaves. If you don’t immediately retrieve it from security, it is destroyed)

1. The toilet at a bus station (Or any public place for that matter)

If you go in after it, you will probably catch some horrible disease, turn green and die.
Besides, you can flush a small child down most of those public toilets. Once you flush, it’s gone.

Chance of recovery: 0% (Don’t even think about sticking your hand in there!)

So, IntoMobile readers, do we have any new entries to add to the original list (which you can find here)? If so, I might even go to the trouble of generating a new “IntoMobile Top 10″ - come on, I bet all you guys have lost/smashed/misplaced your Moble somewhere amusing at least once….

[Story via: cell phones etc / Image via: CNET au]

You could have some issues if you accept a JPEG from strangers to your RAZR, according to CNET News….

A vulnerability has been discovered in the phones that could allow a hacker to send a corrupt JPEG image via Multimedia Messaging Service that could be leveraged to run malicious code on the phone. However, you would have to accept the image for download before that could happen. The specific flaw exists in the JPEG thumbprint component of the EXIF parser, according to an advisory released by security firm TippingPoint’s Zero Day Initiative on Tuesday.

Motorola has apparently fixed the vulnerability in new software available on it’s website, and is urging people to download this. I wonder though, what exactly this vulnerability (which isn’t new by the way) allows people to do? “Executing arbitrary code” isn’t exactly clear now, is it?

Anyhow, if you want to get the new software, you can go here.

[Via: CNET News]

In the UK: Tracking technology created by Path Technologies is being used to watch how shoppers mobe around shopping malls, according to The Register.

By installing their receivers in the shopping centre, Path are able to pick up comms between handsets and base stations, enabling location-fix to within a couple of metres. There are apparently two UK shopping centres using the tech, with three more to come soon!

The point of the tech, as aforementioned, is to find out more about the rituals of shoppers - something that has only previously been possible with fairly manual surveying methods. As most of the GSM comms are encrypted, and the network uses a TMSI (Temporary Mobile Subscriber Identity) rather than sending the IMSI, it is said to be anonymous. Path Intelligence is also keen to state all their tracking is anonymised, and that they can’t establish who you really are…

Security concerns aside for a moment, the tech does have a lot of interesting applications - whether it is shopping, traffic, or trade shows.

For the moment Path Intelligence only does 2G GSM, though supporting CDMA wouldn’t be too difficult. 3G GSM is slightly more secure but still uses a TMSI, so those on a 3G network are unlikely to remain untracked for long.

Whether shoppers will (a) know and (b) be happy with being tracked remains to be seen - I guess whether you need to inform them they are being monitored might be a legal grey area - however, as The Register neatly points out, if you match CCTV footage to location info, then you would potentially have a good set of data about people - just like they do on 24!

[Via: The Register]

Hold on a moment, there’s no single virus in existence for the iPhone and considering how tightly Apple intends to control the third party application deployments, it’s kinda doubtful we’ll see any serious security breaches hitting the iPhone any time soon. Yes, there will be some Safari problems but nothing major Apple can’t fix with a quick firmware upgrade.

Apparently, that doesn’t stop McAfee from developing its software — the so called iVirusScan — for the platform. And while we’ve no idea whether the security company actually works on such solution, the screenshots look quite legit. To be fair, though, it doesn’t seem so hard to prepare them in Photoshop for any skilled user.

One thing that bothers me is that even if some iPhone malware starts appearing following the new firmware and third-party applications, I doubt Apple will admit it right from the bat. Rather, they’ll release the new update ASAP and fix all known bugs and security holes. We’ll see where this goes…

[Via: slashphone]

According to a report this week, Russian MNO Vimpelcom said that over 10m have been scammed by Mobile phone scammers, calling them to transfer money. Apparently there are legal loopholes which prevent the police et al from protecting against this.

Most scams are based on people’s trust instinct - either suggesting a relative is in trouble unless a bribe is paid, or sending SMSs to say that in order to collect a prize, money must first be transferred to another account. Another less savoury trick is to post a letter on the internet regarding a very sick child, and then directing all enquiries to a premium-rate number.

Victimes rarely get their money back and MNOs cannot intervene as the vicim opted to transfer voluntarily.

Comment: these sorts of scams are really common - whilst I can’t speak for the rest of Europe/Globally, certainly in the UK this has been going on for ages, and some of it has been legislated against. But in my view it’s not really a “Mobile” thing - whichever enablers (be it the internet, telephony, postal, or face to face) are available will be used by criminals.

[Via: Moscow News Weekly]