Mobile

Via The New York Times

-----

Chuck Bokath would be terrifying if he were not such a nice guy. A jovial senior engineer at the Georgia Tech Research Institute in Atlanta, Mr. Bokath can hack into your cellphone just by dialing the number. He can remotely listen to your calls, read your text messages, snap pictures with your phone’s camera and track your movements around town — not to mention access the password to your online bank account.

And while Mr. Bokath’s job is to expose security flaws in wireless devices, he said it was “trivial” to hack into a cellphone. Indeed, the instructions on how to do it are available online (the link most certainly will not be provided here). “It’s actually quite frightening,” said Mr. Bokath. “Most people have no idea how vulnerable they are when they use their cellphones.”

Technology experts expect breached, infiltrated or otherwise compromised cellphones to be the scourge of 2012. The smartphone security company Lookout Inc. estimates that more than a million phones worldwide have already been affected. But there are ways to reduce the likelihood of getting hacked — whether by a jealous ex or Russian crime syndicate — or at least minimize the damage should you fall prey.

As cellphones have gotten smarter, they have become less like phones and more like computers, and thus susceptible to hacking. But unlike desktop or even most laptop computers, cellphones are almost always on hand, and are often loaded with even more personal information. So an undefended or carelessly operated phone can result in a breathtaking invasion of individual privacy as well as the potential for data corruption and outright theft.

“Individuals can have a significant impact in protecting themselves from the kind of fraud and cybercrimes we’re starting to see in the mobile space,” said Paul N. Smocer, the president of Bits, the technology policy division of the Financial Services Roundtable, an industry association of more than 100 financial institutions.

Cellphones can be hacked in several ways. A so-called man-in-the-middle attack, Mr. Bokath’s specialty, is when someone hacks into a phone’s operating system and reroutes data to make a pit stop at a snooping third party before sending it on to its destination.

That means the hacker can listen to your calls, read your text messages, follow your Internet browsing activity and keystrokes and pinpoint your geographical location. A sophisticated perpetrator of a man-in-the-middle attack can even instruct your phone to transmit audio and video when your phone is turned off so intimate encounters and sensitive business negotiations essentially become broadcast news.

How do you protect yourself? Yanking out your phone’s battery is about the only way to interrupt the flow of information if you suspect you are already under surveillance. As for prevention, a common ruse for making a man-in-the middle attack is to send the target a text message that claims to be from his or her cell service provider asking for permission to “reprovision” or otherwise reconfigure the phone’s settings due to a network outage or other problem. Don’t click “O.K.” Call your carrier to see if the message is bogus.

For added security, Mr. Bokath uses a prepaid subscriber identity module, or SIM, card, which he throws away after using up the line of credit. A SIM card digitally identifies the cellphone’s user, not only to the cellphone provider but also to hackers. It can take several months for the cellphone registry to associate you with a new SIM. So regularly changing the SIM card, even if you have a contract, will make you harder to target. They are not expensive (about $25 for 50 of them on eBay). This tactic works only if your phone is from AT&T or T-Mobile, which support SIM cards. Verizon and Sprint do not. Another way hackers can take over your phone is by embedding malware, or malicious software, in an app. When you download the app, the malware gets to work corrupting your system and stealing your data. Or the app might just be poorly designed, allowing hackers to exploit a security deficiency and insert malware on your phone when you visit a dodgy Web site or perhaps click on nefarious attachments or links in e-mails. Again, treat your cellphone as you would a computer. If it’s unlikely Aunt Beatrice texted or e-mailed you a link to “Great deals on Viagra!”, don’t click on it.

Since apps are a likely vector for malware transmission on smartphones, Roman Schlegel, a computer scientist at City University of Hong Kong who specializes in mobile security threats, advised, “Only buy apps from a well-known vendor like Google or Apple, not some lonely developer.”

It’s also a good idea to read the “permissions” that apps required before downloading them. “Be sure the permissions requested make sense,” Mr. Schlegel said. “Does it make sense for an alarm clock app to want permission to record audio? Probably not.” Be especially wary of apps that want permission to make phone calls, connect to the Internet or reveal your identity and location.

The Google Android Market, Microsoft Windows Phone Marketplace, Research in Motion BlackBerry App World and Appstore for Android on Amazon.com all disclose the permissions of apps they sell. The Apple iTunes App Store does not, because Apple says it vets all the apps in its store.

Also avoid free unofficial versions of popular apps, say, Angry Birds or Fruit Ninja. They often have malware hidden in the code. Do, however, download an antivirus app like Lookout, Norton and AVG. Some are free. Just know that security apps screen only for viruses, worms, Trojans and other malware that are already in circulation. They are always playing catch-up to hackers who are continually developing new kinds of malware. That’s why it’s important to promptly download security updates, not only from app developers but also from your cellphone provider.

Clues that you might have already been infected include delayed receipt of e-mails and texts, sluggish performance while surfing the Internet and shorter battery life. Also look for unexplained charges on your cellphone bill.

As a general rule it is safer to use a 3G network than public Wi-Fi. Using Wi-Fi in a Starbucks or airport, for example, leaves you open to hackers shooting the equivalent of “gossamer threads into your phone, which they use to reel in your data,” said Martin H. Singer, chief executive of Pctel, a company in Bloomingdale, Ill., that provides wireless security services to government and industry.

If that creepy image tips you into the realm of paranoia, there are supersecure smartphones like the Sectéra Edge by General Dynamics, which was commissioned by the Defense Department for use by soldiers and spies. Today, the phone is available for $3,000 only to those working for government-sponsored entities, but it’s rumored that the company is working to provide something similar to the public in the near future. General Dynamics did not wish to comment.

Georgia Tech Research Institute is taking a different tack by developing software add-on solutions to make commercially available phones as locked-down as those used by government agents.

Michael Pearce, a mobile security consultant with Neohapsis in Chicago, said you probably did not need to go as far as buying a spy phone, but you should take precautions. “It’s like any arms race,” he said. “No one wins, but you have to go ahead and fight anyway.”

Via #AltDevBlogADay

-----

Indie developer Nimblebit dropped a PR bomb on Zynga yesterday with it’s letter addressing the similarities between their hit iPhone game Tiny Tower and Zynga’s upcoming release, Dream Heights. This galvanized the gaming community, with thousands of people, from prominent bloggers to gamers on Reddit criticizing the company.

However, just after the new year, Atari ordered the removal of Black Powder Media’s Vector Tanks, a game strongly inspired by Atari’s Battlezone. This galvanized the community in a similar way, except this time, gamers were furious that Atari shut down an indie game company that made an extremely similar game.

Unfortunately, the line between inspiration and copying is incredibly blurry at best. The one thing that’s certain is that copying is here to stay. Copying has been present in some form since the dawn of capitalism (if you need proof, just go to the toothpaste isle of your local supermarket). The game industry is no stranger to this trend: game companies have been copying each other for years. Given it’s repeated success, there’s little reason to think that this practice will stop. Indie flash game studio XGEN Studios posted a response to Nimblebit, showing that their hit games were also copied:

Some would even argue that the incredibly successful iOS game Angry Birds was a copy of the popular Armor Games flash game, Crush the Castle, but then Crush the Castle was inspired by others that game before it. Social games even borrow many of their game mechanics from slot machines to increase retention. So what is copying, or more importantly, which parts of it are moral and immoral? Everyone seems to have a different answer, but it’s safe to say that people always copy the most successful ideas. The one thing that those in the Zynga-Nimblebit conversation seems to have overlooked is that everyone copies others in some way.

Of course, while imitation may be the sincerest form of flattery, it doesn’t feel good to be imitated when a competitor comes after your users. In this case, people may question Zynga’s authenticity and make a distinction between inspiration and outright duplication. But at the same time, Zynga’s continued success with the “watch, then replicate” model shows that marketing, analytics, and operations can improve on an existing game concept. Or just give them the firepower to beat out the original game, depending on how you look at it.

Via ZDNet

-----

Another day, another set of Android fragmentation stories. And while there’s no doubt that there is wide fragmentation within the platform, and there’s not real solution in sight, I’m starting to wonder if Google ever had a plan to prevent the platform for becoming a fragmented mess.

How bad’s the problem? Jon Evans over on TechCrunch tells it like it is:

OS fragmentation, though, is an utter disaster. Ice Cream Sandwich is by all accounts very nice; but what good does that do app developers, when according to Google’s own stats, 30% of all Android devices are still running an OS that is 20 months old?

…

More than two-thirds of iOS users had upgraded to iOS 5 a mere three months after its release. Anyone out there think that Ice Cream Sandwich will crack the 20% mark on Google’s platform pie chart by March?

He then goes on to deliver the killer blow:

OS fragmentation is the single greatest problem Android faces, and it’s only going to get worse. Android’s massive success over the last year mean that there are now tens if not hundreds of millions of users whose handset manufacturers and carriers may or may not allow them to upgrade their OS someday; and the larger that number grows, the more loath app developers will become to turn their back on them. That unwillingness to use new features means Android apps will fall further and further behind their iOS equivalents, unless Google manages – via carrot, stick, or both – to coerce Android carriers and manufacturers to prioritize OS upgrades.

And that’s the core problem with Android. While there’s no doubt that consumers who’ve bought Android devices are being screwed out of updates that they deserve (the take up of Android 4.0 ‘Ice Cream Sandwich’ is pretty poor so far), the biggest risk from fragmentation is that developers will ignore new Android features an instead focus on supporting older but more mainstream feature sets. After all, developers want to hit the masses, not the fringes. Also, the more platforms developers have to support, the more testing work there is.

OK, so Android is fragmented, and it’s a problem that Google doesn’t seem willing to tackle. But the more I look at the Android platform and the associated ecosystem, it makes me wonder if Google ever had any plan (or for that matter intention) to control platform fragmentation.

But could Google have done anything to control fragmentation? Former Microsoftie (and now investor) Charlie Kindel thinks there no hope to curb fragmentation. In fact, he believes that most things will make it worse. I disagree with Kindel on this matter. He also believes that Google’s current strategy amounts to little more that wishing that everyone will upgrade. On this point we are in total agreement.

I disagree with Kindel that that there’s nothing that Google can do to at least try to discourage fragmentation. I believe that one of Google’s strongest cards are Android users themselves. Look at how enthusiastic iPhone and iPad owners are about iOS updates. They’re enthusiastic because Apple tells them why they should be enthusiastic about new updates. Compare this to Google’s approach to Android customers. Google (or anyone else in the chain for that matter) doesn’t seem to be doing much to get people fired up and enthusiastic about Android. In fact, it seems to me the only message being given to Android customers is ‘buy another Android handset.’

I understand that Google isn’t Apple and can’t seem to sway the crowds in the same way, but it might start to help if the search giant seemed to care about the OS. The absence of enthusiasm make the seem Sphinx-like and uncaring. Why should anyone care about new Android updates when Google itself doesn’t really seem all that excited? If Google created a real demand for Android updates from the end users, this would put put pressure on the handset makers and the carriers to get updates in a timely fashion to users.

Make the users care about updates, and the people standing in the way of those updates will sit up and pay attention to things.

Personal comment:

Google with Android OS is now in a similar place than Microsoft with Windows, and blaming Google to have this disparity of OS versions would be the same than blaming Microsoft on the fact that Windows XP, Windows Vista and Windows 7 are still co-existing nowadays. One reason Android got that 'fragged' is that it has to face a rapid evolution of hardware and new kind of devices in a very short time, somehow having a kind of Frankenstein-like experience with its Android creature. Many distinct hardware manufacturers adopt Android, develop their own GUI layer on top of it, making Google having a direct control on the spread of new Android version quite impossible... as each manufacturer may need to perform their own code update prior to propose a new version of Android on their own devices.

The direct comparison with iOS is a kind of unfair as Apple do have a rapid update cycle by controlling every single workings of the overall mechanism: SDK regular updates push developers to adopt new features and forget about old iOS versions and new iDevice's Apps request the end-user to upgrade their iOS version to the last one in order to be able to install new Apps. Meanwhile, Apple is having control on hardware design, production and evolution too, making the propagation of new iOS versions much easier and much faster than it is for Google with Android.

Then, mobile devices (smartphones or tablets) do have a short life timeline and this was already true prior Google and Apple starts acting in this market. So whatever your name is Google or Apple, considering not proposing the very last version of your OS on so-called 'old' or obsolete hardware is a kind of an obvious choice to do. This is not even a 'choice' but more a direct consequence of how fast technology is evolving nowadays.

Now, smartphones and tablets hardware capabilities will reach a 'standard' level to become 'mature' products (all smartphones/tablets do have cameras, video capabilities, editing capabilities etc...) which may make easier for Android to spread over on all devices in a similar version while hardware evolution observes a pause. Already Apple's last innovations are more linked to software than real hardware (r)evolution, so Android may take benefit of this in order to reduce the gap.

Via TechnologyReview

-----

Microsoft has developed a new kind of Wi-Fi network that performs at its top speed even in the face of interference. It takes advantage of a new Wi-Fi standard that uses more of the electromagnetic spectrum, but also hops between the narrow bands of unused spectrum within television broadcast frequencies.

In 2008, the U.S. Federal Communications Commission approved limited use of "white spaces"—portions of spectrum adjacent to existing television transmissions. The ruling, in effect, expanded the available spectrum. Microsoft developed the new network partly as a way to push Congress to allow much broader use of white spaces, despite some concerns over interference with some other types of wireless devices, such as wireless microphones.

The fastest Wi-Fi networks, which can transmit data at up to a gigabit per second, use as much spectrum as possible, up to 160 megahertz, to maximize bandwidth. Krishna Chintalapudi and his team at Microsoft Research have pioneered an approach, called WiFi-NC, which makes efficient use of these white spaces at these speeds.

Rather than using a conventional Wi-Fi radio, it uses an array of tiny, low-data rate transmitters and receivers. Each of these broadcast and receive via a different, narrow range of spectrum. Bundled together, they work just like a regular Wi-Fi radio, but can switch between white-space frequencies far more efficiently.

That means the system is compatible with existing equipment. "The entire reception and transmission logic could be reused from existing Wi-Fi implementations," says Chintalapudi.

The team calls these transmitters and receivers "receiver-lets" and "transmitter-lets." Together, they make up what's known as a "compound radio."

The resulting wireless network doesn't increase data rates in specific ranges of spectrum above what's currently achieved with latest-generation technology. It does, however, make more efficient use of the entire range of spectrum, and especially the white spaces freed up by the FCC.

The new radio integrates with a previous Microsoft project that provides a wireless device with access to a database of available white-space spectrum in any part of the United States. That system, called SenseLess, tells a device where it can legally broadcast and receive. WiFi-NC then chooses the bands of spectrum that have the least interference, and broadcasts over them.

By sending its signal over many smaller radios that operate in slivers of the available spectrum, WiFi-NC suffers less interference and experiences faster speeds even when a user is at the intersection of overlapping networks. This is important because the white spaces that may be authorized for commercial use by the FCC are at the lower ends of the electromagnetic spectrum, where signals can travel much further than existing Wi-Fi transmissions.

Whether or not Microsoft's WiFi-NC technology gets commercialized depends on Congress, says Kevin Werbach, a professor at the University of Pennsylvania's Wharton Business School, and an expert on the FCC's effort to make more spectrum available for wireless data transmission.

"The problem is that many of the Congressional proposals to give the FCC [the authority to auction off currently unused bandwidth] also restrict it from making available white spaces for devices around that spectrum," says Werbach.

Microsoft hopes WiFi-NC will persuade Congress to approve wider use of white spaces.

"It is our opinion that WiFi-NC's approach of using multiple narrow channels as opposed to the current model of using wider channels in an all-or-nothing style is the more prudent approach for the future of Wi-Fi and white spaces," says Chintalapudi. The team's ultimate goal, he adds, is to propose WiFi-NC as a new wireless standard for the hardware and software industries.

Via SlashGear

-----

OLPC had already announced it was bringing along its XO-3 tablet to CES this coming week; now we know what the new education-focused slate will look like. Less slimline than the older concepts and nowhere near as space-age as the earlier dual-screen XO-2 renders, the new silicone-clad XO-3 does at least have the bonus of actually fitting inside the Marvell ARMADA PXA618 processor and half gig of RAM we’re expecting.

Up front is an 8-inch screen – a 1024 x 768 Pixel Qi panel, no less, for indoor and outdoor visibility – with a peel-off silicone cover so as to protect it from scratches and bumps while in a schoolbag. There’ll also be solar panels on the inside, one of a trio of recharging options to keep the OLPC XO-3 running: as well as plugging it into the mains, should you have the luxury of being near an AC supply, there’ll be a hand-crank to manually top up the battery.

Sixty seconds of cranking is good for ten minutes of use, or so OLPC tells us, and the OS is either Android or the specialist education-focused Sugar platform. Ports – which are also covered up by that clever cover – include full-sized USB, audio and a memory card slot.

Best of all, though, is the price: OLPC expects the XO-3 to kick off at $100, though that will be for regular LCD rather than Pixel Qi versions. Unfortunately, you won’t be able to drop by Best Buy and pick one up, as OLPC will be selling direct to educational organizations and charities.