Sign up for our Technology Newsletter 
RIM’s Troubles May Not Be Over
October 27, 2011 by admin
Filed under Smartphones
Comments Off on RIM’s Troubles May Not Be Over
Law firms in the United States and Canada are considering possible consumer lawsuits against Research In Motion Ltd for last week’s BlackBerry outages, which for three days crippled email and messaging for tens of millions of users around the world.
Consumer lawyers say they are investigating whether customers have common claims against the BlackBerry manufacturer and might be able to band together in a single lawsuit.
While the outage did not rise to the level of seriousness comparable to a dangerous medication or tainted food, it inconvenienced and angered customers. Frustrated BlackBerry users, turning to blogs, message boards, Twitter and Facebook, complained about losing important emails and missing meetings last week.
Law firms are considering breach-of-contract or consumer-fraud claims, attorneys said.
A breach-of-contract claim could argue the company failed in its obligations to provide service and could include carriers for BlackBerry service as additional defendants, said attorneys exploring litigation against RIM.
Mobile Security Threats Continue To Grow
October 15, 2011 by admin
Filed under Smartphones
Comments Off on Mobile Security Threats Continue To Grow
According to industry analysts, mobile device shipments will exceed a billion devices in 2015 and will rapidly outrun PC shipments. That’s great news for end user convenience, mobility, and work-anywhere productivity. But it also means that enterprises must prepare for the fact that the criminals will target these devices with attack exploits, spyware,
and rogue applications.
And while IBM’s IT security research team, X-Force, predicts a modest 33 software exploits targeting mobile devices in the year ahead, that’s roughly twice the number of such attack code released in the past year.
The group also sees a number of other troubling mobile security trends. First, when software flaws do surface, many mobile phone makers do not rapidly deploy software patches to devices; malicious apps are often distributed through third-party app markets. Another troubling trend is that some mobile malware can collect end user’s personal information for use in phishing attacks.
An example of vulnerabilities that would make such attacks possible are the two recent Android security flaws that were reported to affect popular handsets including the AT&T Samsung Galaxy SII and various HTC devices.
The security find announced by security researcher Trevor Eckhart, called HTClogger (logging tools introduced by handset maker HTC) that could leak email account information, user location, phone numbers, and messaging logs.
Handset maker HTC said, in a statement, that it is working to quickly issue an update to its customers. “HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly,” the company said.
Tool Created To Hack BlackBerry Passwords
October 7, 2011 by admin
Filed under Smartphones
Comments Off on Tool Created To Hack BlackBerry Passwords
A Russian security firm has upgraded a phone-password cracking software with the ability to figure out the master device password for Research in Motion’s BlackBerry devices.
Elcomsoft said on Thursday that before it developed the product, it was believed that there was no way to uncover a device password on a BlackBerry smartphone or PlayBook tablet. BlackBerry smartphones are configured to wipe all data on the phone if a password is typed incorrectly 10 times in a row, the company said.
Elcomsoft said it figured a way around the problem using a BlackBerry’s removable media card, but only if a user has configured their smartphone in a specific way. In order for Elcomsoft’s software to be successful, a user must have enabled the feature to encrypt data on the media card.
The feature is disabled by default, but Elcomsoft said around 30% of BlackBerry users have it enabled for extra security.
The company’s software can then analyze the encrypted media card and use a brute-force method to figure out a password, which involves trying millions of possible password combinations per second until one works.
Elcomsoft said it can recover a seven-character password in less than an hour if the password is all lower-case or all capital letters. The software does not need access to the actual BlackBerry device but just the encrypted media card.
IMs To Overtake Emails In Workplace
Comments Off on IMs To Overtake Emails In Workplace
Many CIOs predict that real-time communication technologies, such as instant messaging, SharePoint, Chatter and Yammer will outpace traditional email in the workplace in the next five years.
That’s the conclusion of a Robert Half Technology survey of more than 1,400 CIOs at U.S. companies with more than 100 employees. The survey was published last month.
More than half (54%) of the CIOs polled said real-time workplace communication tools will surpass traditional email in popularity within five years. The prediction was a bit lukewarm, however: 13% of the respondents said real-time messages will be “much more popular” than email, while 41% said they’ll be “somewhat more popular.”
Robert Half Technology, an IT staffing firm, said a transition to real-time tools could yield workplace benefits, potentially making it easier to work as a team, solve problems, share ideas and manage documents.
Nokia Puts Free M$ Apps On Symbian Phones
September 15, 2011 by admin
Filed under Smartphones
Comments Off on Nokia Puts Free M$ Apps On Symbian Phones
Several of Microsoft’s business productivity applications will be available free of charge on Nokia’s latest Symbian Belle smartphones later this year, Nokia stated Thursday.
The move comes at the same time Nokia is developing its first smartphone on the Windows “Mango” Phone platform. That phone is rumored to be scheduled for a November debut.
The free apps will run on Symbian Belle smartphones announced in August; they’re designed to keep customers buying Nokia products while Nokia ramps up to Windows Phone smartphones.
The free apps for Symbian Belle phones will include: Microsoft PowerPoint Broadcast for broadcasting presentations from a desktop to a smartphone;Microsoft OneNote for taking notes with images by syncing with Microsoft SkyDrive;And Microsoft Document Connection, which provides a single view of documents stored on a smartphone including email attachments and documents on Microsoft SharePoint 2010 sites.
Early next year, Nokia said it will provide OneNote synchronization with SharePoint and will add Word, Excel and PowerPoint as native applications for the first time outside the Windows platform.
Some critics of Nokia’s partnership with Microsoft wonder how successful Windows Phone Mango (version 7.5) will be and said the addition of Microsoft apps to Nokia’s older Symbian line is a way for Nokia to hedge its bets if the Microsoft partnership doesn’t pay off quickly.
The free productivity apps could also be a way to introduce a large number of Symbian users to Microsoft software. There are many more Symbian users outside the U.S. than inside and Symbian until this year had been the world’s largest smartphone platform.
Making the free apps available on the Symbian Belle phones doesn’t cost either company much and the Belle phone users “get something to sweeten the deal to stay with symbian,” Gold said.
Spam Is At A Two-Year High
Spam – particularly the kind with malicious attachments – is enjoying a growth spurt, reaching a two-year high overall, which includes the spike last fall just before the SpamIt operation folded its doors, a security firm says.
In fact spam traffic is about double what it was then, according to M86 Security Labs, which analyzes spam levels across selected domains.
“After multiple recent botnet takedowns, cybercriminal groups remain resilient clearly looking to build their botnets and distribute more fake AV in the process,” the company says in its blog. “It seems spammers have returned from a holiday break and are enthusiastically back to work.”
This report coincides with a report yesterday from Internet security company Commtouch, which says a spike in email-attached malware has just ended, but that further waves are expected.
M86 says in its blog that most of the spam is generated by the Cutwail botnet, and malicious spam accounted for 13% of the mix over the past week, which is unusually high, but even that spiked to 24% yesterday.
Get Ready For Email-Malware Spree
A sizeable uptick in malicious email attachments is just subsiding, but if history is any indicator,several smaller spikes are about to follow that use even more deceptive tactics than their predecessors.
The recent surge, fueled in large part by a flood of fake messages from UPS, is similar to one observed at the end of March in that the messages urge recipients to open an attachment that releases the malware on victims’ machines, according to Internet security firm Commtouch.
The earlier wave used a wide range of package-delivery services as senders, including FedEx and DHL, but the latest outbreak employs a wider variety of messages such as, “Dear client, recipient’s address is wrong”, “Dear User, Delivery Confirmation: FAILED”, and “Dear Client, We are not able to delivery [sic] the postal package”, according to the Commtouch blog.
All the messages then instruct the recipient to open the attachment that contains the malware, claiming it is an invoice or a form that needs to be filled out. “This time we see differences in the style of the emails – there is far more variation in the automatically-generated subjects, body and attachment names. Last time all the attachments were “UPS.exe” – this time there are many variations,” says Avi Turiel, director of product marketing at Commtouch in an email.
The attackers will evaluate the success of the attack by finding out how many recipients activated the malware, “Based on the infections vs. malware sent out they will probably try and figure out what they could improve in the next attack,” he says.
Acer Is The Latest Victim Of Computer Hacking
Comments Off on Acer Is The Latest Victim Of Computer Hacking
Taiwanese PC manufacturer Acer is investigating a cyber hacker attack that stole customer data from its Packard Bell division in Europe, the company said.
Acer said the security breach was limited to customers’ names, addresses, phone numbers, emails, and system serial numbers. No credit card data was stolen, it said. Acer provided no other details about the breach, and said the investigation was ongoing.
News of the breach was reported several days ago, after a hacker group called Pakistan Cyber Army claimed to have stolen the personal data of about 40,000 people from an Acer server in Europe. Acer did not comment on the attack at the time.
The Hacker News had published screen shots of the personal data and some of the source code that was stolen in the security breach. It also said that the Pakistan Cyber Army would issue a press release detailing more about their motives. But so far, no new information has surfaced from the hacking group.
Google SEARCH Goes SSL
Google is finally taking privacy seriously to a degree by offering its users a secure form of searching while using Google Search. Moving forward users will have the opportunity to enable SSL (Secure Socket Layer) for added security. Be advised, the service will only cover the Google search and clicks made through Google to other non-secured sites will be visible.
FTC Singles Out Google’s Chrome
Federal Trade Commission Chairman Jon Liebowitz this week singled out Google for not adopting “Do Not Track,” the privacy feature that allows consumers the ability to opt out of online tracking by Web sites and marketing entities.
In an interview Monday with Politico, Liebowitz called out Google for not supporting Do Not Track in its Chrome browser.
Noting that Do Not Track had gathered momentum, Liebowitz said, “Apple just announced they’re going to put it in their Safari browser. So that gives you Apple, Microsoft and Mozilla. Really the only holdout — the only company that hasn’t evolved as much as we would like on this — is Google.”
Do Not Track has been promoted by the FTC and by privacy advocates including the Electronic Frontier Foundation (EFF), as the best way to help consumers protect their privacy.
The technology requires sites and advertisers to recognize incoming requests from browsers as an opt-out demand by the user. The information is transmitted as part of the HTTP header.
As Liebowitz said, Microsoft and Mozilla have added Do Not Track header support to their Internet Explorer 9 (IE9) and Firefox 4 browsers. While Apple hasn’t confirmed that the next version of Safari will include Do Not Track, developers have reported finding the feature in early editions bundled with Mac OS X 10.7, aka “Lion,” the upgrade slated to ship this summer.