RIM’s Deal: Saudi Arabia Can Access BlackBerry User Data
Saudi Arabia’s government announced it reached a deal with Research In Motion (RIMM) that will allow the Canadian maker of BlackBerry smartphones to continue operating its service there. Under the agreement, RIM will put a server in the nation that will allow the government to monitor messages to and from Blackberries. All of RIM’s servers have been in Canada until now so the company could guarantee confidentiality for its customers though the encryption process on those servers.
According to several news sources, similar deals will probably be sought by other countries that have voiced concerns about the Blackberry encryption procedures. First among these is the United Arab Emirates, which threatened to shut down RIM’s services there on Oct. 11. India and Indonesia have also said they’re concerned about the RIM confidentiality system and their inability to track information that they claim may not be in the best interests of their governments.
Your Phone Number Can Be Easily Hacked, and Here’s How
“It’s really interesting to watch a phone number turn into a person’s life,” security researcher Nick DePetrillo told the Los Angeles Times in a report published yesterday. According to Petrillo and fellow expert Don Bailey, the mere digits of your cell phone number can betray your name, your travel itinerary, and your work and home address; it can also allow others to listen in on your voice messages and personal phone calls.
Using “widely available information and existing techniques,” DePetrillo and Bailey reportedly were able to construct detailed files on a cellphone user. Find out how after the break.
As “white hat hackers,” meaning the good guys that hack you to expose security gaps and then figure ways to patch them, DePetrillo and Bailey have learned that by using special software to spoof a call from the target number, tricking the cell phone company into thinking the call is coming from the target’s cell phone: The Caller ID system then identifies the victim’s name for you. As the LA Times points out, a hacker could create their own phonebook of numbers and corresponding identities.
From there, the hacker can then query the cellphone network to discover the location of the phone. Websites such as InstaMapper are openly accessible and free to use. With this, one can hypothetically track and generate a general schedule of your movements.
Moreover, there is always the possibility of malicious applications, which appear to do one thing but in reality can collect private information. For example, security expert Tyler Shields created an application called “TXSBBSPY,” which when installed on a Blackberry, could read text messages, listen to voice mail, and even turn on the phone’s mic at will.
Today, smartphones including the iPhone, Blackberry, and Android devices comprise about 21% of the cell phone market, and often contain sensitive information like other phone numbers, e-mails, and banking information. Nielsen Co. estimates the smartphone to become the new standard by 2011. However, as the smartphone is a recent development, Shields says that we are only living in the “late ’90s” when it comes to mobile security.
The obvious solutions, of course, are to 1) keep your cell phone number private; 2) shield your number with services like Google Voice; 3) use common sense – don’t access suspicious software and links.
Radio Interview about Gold Lock Hacker Challenge
Gold Lock is proud to announce that Douglas Haskins, Channel Manager-North America, is scheduled to be interviewed by Federal News Radio AM1500 in Washington, DC, Monday 12/14/09 at 8:30am (eastern time). Federal News Radio contacted Gold Lock to schedule the radio interview to discuss the Gold Lock Hacker Challenge: a $250,00o prize to anyone who can hack a 10 minute encrypted conversation.
Would be hackers are free to use any tools or technology at their disposal. This contest is open to anyone, anywhere, unless your participation is specifically prohibited by law.
Hackers have until 12:00 AM (GMT/UTC + 02:00 hours) on February 1st 2010 to provide us with the transcript. Read the contest rules for complete details and restrictions. Be sure to complete the entry form on that page before you start trying to grab the gold.
Smartphone security software market shows strong potential for channel
…
Smartphone security business challenge and channel opportunity
Sales and support opportunities for encryption are likely to grow as smartphones use more business applications, such as SAP, and store more corporate data. As discussed earlier, the potential for antimalware sales and support is enormous when smartphones finally become subject to widespread attack.
While encryption vendors offer mobile-specific products on their own, they are also included as part of their overall corporate endpoint encryption suites. Check Point’s Svegby said PC encryption orders for, say 5,000 seats, often come with an additional 150 to 200 licenses for smartphone encryption.
Some vendors, such as Credant Technologies Inc. and Check Point offer only encryption products, others such as F-Secure Corp. and Kaspersky Lab Inc. offer only antimalware, and still others, such as Symantec and McAfee Inc., offer both encryption and antimalware. In terms of operating systems, most vendors support Windows Mobile and Symbian, and some support Palm OS and Blackberry as well. There have been reports that several vendors are working on iPhone antimalware, as well.
…
Six ways to get online from anywhere Can’t find a hotspot? Here’s how to make a Net connection without one.
by Glenn Fleishman, Macworld.com
We’re all so accustomed to having Internet access in so many places—at home, at the office, at airports, at coffee shops—that it can be infuriating to travel and find yourself with low-speed service or none at all.
Fortunately, there are six good ways to make sure you—and anyone traveling with you—can can access the Internet using your laptop’s built-in wireless networking, even when you’re nowhere near a Wi-Fi hotspot.
Note: Two of these options—cell phone tethering and using a 3G adapter—connect a laptop to the Net and then share that connection from the laptop.
To set up that sharing, first establish the Net connection to the laptop. Then open the Sharing preference pane (System Preferences -> Sharing) and select Internet Sharing. (Don’t check its box yet.) From the Share Your Connection From drop-down menu, choose the active Internet connection. In the To Computers Using list, check the AirPort box. If you want to password-protect the connection you’re sharing (an advisable thing to do), click AirPort Options and set it there. Finally, check the box next to Internet Sharing to turn sharing on. You may need to repeat these steps each time you enable the connection.
AirPort Express in a hotel room The AirPort Express () is a portable powerhouse of a base station. In hotel rooms that have only wired Ethernet for Internet access, plugging an Express into that wired connection not only lets you work on your laptop from anywhere in the room; it also lets you share that connection with other devices that have Wi-Fi but no Ethernet (such as an iPhone) and with family members or colleagues. Apple says the AirPort Express can support up to ten simultaneous Wi-Fi connections. You may first need to connect your laptop via Ethernet to register or activate the room’s connection, then plug in the AirPort Express. Make sure to activate WPA2 Personal encryption so your shared connection isn’t accessible to just anyone.
Tethering with your cell phone Tethering services for cell phones let you turn the mobile device into a modem. The phone connects to the Net over a 2.5G or 3G network; you then connect your laptop to the phone via Bluetooth or USB—voila, you’re online. You can then use your laptop as a base station to share that connection via Wi-Fi. Unfortunately, the iPhone doesn’t yet offer tethering in the United States; AT&T promises that it’s coming. If you’re using another phone, check with your cell provider. Some phones may let you tether, but the provider might slap expensive transfer fees on top of whatever data plan you already pay for.
Make your phone a hotspot A small but growing number of mobile phones have both 3G and Wi-Fi. With the right software, you can turn such phones into hotspots. Joiku’s JoikuSpot Light(free) and JoikuSpot Premium (€15) work on the Symbian S60 smartphone platform. The Light version supports the HTTP protocol alone, so the only thing you can do with it is surf the Web; the Premium version supports all Internet protocols. WalkingHotSpot ($25) works with Symbian S60 as well as many Windows Mobile phones. As with tethering, check with your carrier about extra data fees.
3G adapter for your laptop AT&T, Sprint Nextel, T-Mobile, and Verizon Wireless all offer Mac OS X drivers for a variety of 3G modems, which connect your laptop to the net over 3G data networks; many of those modems connect via the USB port, so they’ll work with any Mac portable. Unfortunately, that access comes at a high price: service plans typically cost $60 a month, with a two-year commitment and a usage limit of 5GB per month (combined uploads and downloads). (Cheaper plans, if a carrier offers them, include ludicrously small amounts of monthly use.)
A USB modem may be free with your contract, but it may cost as much as $150 to $250 without one. (If you purchase your modem up front, T-Mobile lets you pay its monthly data rate without a contract.) Fortunately, such modems can be swapped among nearly any Mac or Windows system. You can typically, but not always, share the resulting 3G service via Wi-Fi; some drivers might prevent it.
3G as you go Virgin Mobile (now owned by Sprint Nextel) has a pay-by-the-byte 3G plan. TheBroadband2Go USB modem costs $99; you then buy blocks of usage (in megabytes or gigabytes) as you need them. Pricing starts at $10 for 100 MB (must be used within 10 days) up to $60 for 1 GB (expires in 30 days). For those who travel and need access less frequently, this plan makes great sense. As with other 3G adapters, you can share your Virgin Mobile access via Wi-Fi, too.
3G Wi-Fi router The Novatel MiFi 2200 () isn’t the first hardware to combine 3G data access with a wireless router in one box. But such gateways—the Kyocera KR2, for example—have typically been the size of regular desktop routers. The MiFi, by contrast, can fit in your pocket. It allows up to five simultaneous connections and has an internal rechargable battery, so it can continue to provide that access even you’re away from a power outlet.
The MiFi is sold by Verizon Wireless and Sprint Nextel. Both firms charge $100 for it (after rebates, with a contract). Verizon offers data plans (with a two-year contract) for $40 for 250MB per month or $60 for 5GB per month. Sprint Nextel only offers a $60 plan (for 5GB per month, with a two-year contract). The MiFi can be purchased separately for about $250 and used with Verizon’s network at a $15-per-day rate for on-demand usage.
Glenn Fleishman is editor of Wi-Fi Networking News and author of Take Control of Your 802.11n AirPort Network (TidBITS Publishing Inc., 2009).
http://www.macworld.com/article/144012/makeyourownhotspot.html
Secure Devices for Everyone
Lee Gomes, 02.12.09, 05:00 PM EST
Forbes Magazine dated March 02, 2009
Once a message is properly scrambled, our sun would burn out before you could unscramble it.
Some perquisites of the American presidency–Air Force One, say–are available only to the occupant of 1600 Pennsylvania Avenue. Many others, though, can be had by anyone, including a mobile phone that’s immune to snooping and spying.
President Obama is, like many of us, an e-mail addict, and press coverage of his new BlackBerry has tended to describe it as some sort of top-secret, supersecure device. In fact, owing to advances in both mathematics and computers, presidential-level security is now available on every desktop computer and can easily be added, for a price, to any mobile device as well.
…
<link>