Protection against mobile malware

Posted on By Mark Wilson
This content is 20 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

As mobile phones offer more and more computing functionality, anti-virus technologies for smartphones have become an inevitable reality.

Back in June 2004, the Symb/Cabir-A worm was released (as reported by the BBC and others). The target is the Symbian operating system – just as for Windows on a PC, virus-writers and hackers will attack the largest user base first.

Let’s face it – no hacker will get any credit for exploiting a security hole in something obscure – that’s why Microsoft gets so much bad security press and Linux and Macintosh users say “my system is secure” – in reality they are probably no more secure than a well-configured Windows system, just not such a target.

According to an article at the PC World website, Nokia are addressing the issue by teaming up with F-Secure to offer subscription-based anti-virus protection for their Series 60 smartphones, starting with the forthcoming Nokia 6670. Quoting from Nokia:

“F-Secure Mobile Anti-Virus is available for the Nokia 6670 imaging smartphone, providing automatic, transparent real-time protection against harmful content locally on the mobile phone. Updating the phone’s virus database can be done either over an HTTPS connection or, in critical cases, by SMS message.”

Cabir uses bluejacking as a mechanism to spread and as most people are oblivious (no nice IT department managing the security of consumer mobile phones!), the best advice I can give is to set your phone to undiscoverable or hidden. There is also some advice on “mobile malware” at the Nokia website.

You can learn more about Bluejacking at the BluejackQ website. To make matters worse, a colleague of mine found this document, which suggests some people are thinking of using it as a marketing channel.

Changes to functionality in Microsoft ActiveSync

Posted on By Mark Wilson
This content is 20 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

As part of the current drive to increase the security of its products, Microsoft plans to remove some of the current remote synchronisation functionality in ActiveSync 4.0.

The following text is taken from an e-mail yesterday from Microsoft’s Mobility Partner Advisory Council to Windows Mobile Partners:

“We are hard at work refining the next version of Windows Mobile in terms of features and security. One of the items that we are targeting for removal in ActiveSync 4.0 is remote sync with a PC. In future versions, we are planning to discontinue remote (network) incoming support to desktop ActiveSync. This means that if you are currently developing a mobile redirector solution that depends on remote (incoming) connection to desktop ActiveSync, this may impact you. We want ensure that partners who use this feature have plenty of time to formulate alternate approaches and also consider feedback if you feel strongly that this functionality should be preserved. We also want to hear from any partners that feel the removal of this feature would directly break their code or impact their product roadmap.”

Finally entering the world of mobility…

Posted on By Mark Wilson
This content is 20 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Today, I got my first smartphone – a Nokia 6600 connected to Orange. For a few years now, I’ve used a succession of Compaq iPAQs (as nothing more than expensive diaries and address books really) and whilst I have connected to services using my PDA with a mobile phone on occasion, I figured it was about time I made a move towards the true mobility. So far I’ve only made phone calls and sent a test e-mail (at which point I wished I’d gone for a phone with a full keyboard). I know the new Orange SPV C500 is reported to be a great smartphone, but I really like Nokia handsets and when I saw the 6600 last week I knew I “had” to have one.

I switched to Vodafone from Orange about 5 years ago (I had been with them since 1994 – pretty much as soon as they started up). To be honest I’d still be with Vodafone if they didn’t charge for itemised billing and if I could get the handset and tariff deal I wanted (the “customer loyalty” team at my previous service provider, Carphone Warehouse, failed to call me back and then told me they couldn’t do me an upgrade to the Nokia 6600 for less than £59 when I chased them), but my original reason for leaving Orange was poor customer service and it seems that not a lot has changed. My phone came with instructions to activate it using one of two numbers – the first one was only available from an Orange phone, and so was barred until I could activate the account (chicken… egg…) and the second led to an Orange salesperson who just gave me the full 11 digit version of the original number, which I rang from my old phone. Only after about 20 minutes on hold did I finally get to speak to someone who could activate my phone. A great start for a returning customer hey! Let’s just see if they can successfully port my number…

I can recommend the reseller I used (mobilesuk.net) – they were really helpful when I called them and did me a good deal: free handset (the Orange shop wanted £30); free shipping (by Royal Mail Special Delivery); 3 months free insurance; £30 cashback after 6 months; free accessory pack (leather case, car charger and personal hands free kit); plus the current Orange offer of double minutes and double SMS.

Anyway, let’s see if I actually use any of the smartphone capabilities now…