Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
dig, it's a good analogy ... but in fact the ship has been sailng for many - too many, most would agree - years, and has always found ways to replenish its supply of food and fresh water. Moreover, the officers on board seem aligned and motivated, and by all accounts know their stuff, and the captain has been able to attract and retain outstanding new talent.
Dilution ... yes, and many disappointments to its investors back in the Queen's court. But that's the nature of investing in an adventure or concern in the nature of trade that hasn't been charted before, and at the end of the day we vote with our feet whether to stay or abandon ship.
Wave remains a compelling opportunity in spite of repeated disillusions in terms of a market that has remained just over the horizon, while the captain has continued to state not so much his knowledge as his belief that landfall is imminent.
But never mind that, it's each investor's choice to go long or short. From my vantage point, I can see that there are a lot of birds in the air these days, ... birds that live on land, not at sea.
cliff
Jaybeaux, thanks for your enlightening and even-handed posts today.
If Kipling was a member here, he'd call you a man.
cliff
RootOfTrust, if Mfst isn't providing measured boot, they are certainly creating some expectations. I copied this from pg 35 of the Windows 8 Consumer Preview Product Guide available at:
http://windows.microsoft.com/en-US/windows-8/consumer-preview
Better data security
Sensitive data is an asset that needs to be controlled and managed. With strong checks to ensure that operating system components are kept safer, malware and other types of malicious software have much less of a chance to take over a PC than ever before.
Trusted Boot validates the integrity of Windows as it starts. Secure Boot requires UEFI 2.3.1 firmware, and it can be used to help prevent any malware from starting before the operating system is up and running. Antimalware is loaded in advance of all non-critical Windows components. This means that malware, such as rootkits, are less able to hijack the boot process or hide from antimalware software.
Measured boot validates, signs, and stores boot information in the Trusted Platform Module (TPM) chip. This enables a remote service to validate a computer’s integrity. This
process is called attestation.
BitLocker® drive encryption helps protect corporate data on mobile PCs that include a TPM chip. BitLocker now encrypts hard drives more quickly, helping to keep data safe without significantly interrupting worker productivity.
AppLocker® is ideal for businesses that currently use Group Policy to manage their Windows PCs. AppLocker is used to restrict the types of files that a user or a group is allowed to use. This helps protect users from inadvertently deleting or sharing sensitive corporate information.
SmartScreen® Services are a set of sophisticated technologies that help protect users from phishing and socially engineered malware attacks so they can browse the web with confidence. Additionally, when downloading a program from the web, SmartScreen uses reputation data to remove unnecessary warnings for well-known files and shows warnings when the download is at higher risk of being malicious.
Windows 8 provides a great opportunity for businesses to empower their workforce. With both new and improved features that support working remotely, easier management for administrators, and a natural and inviting user interface, Windows 8 can help workers be more productive and help keep data more secure.
cliff
Building Windows 8 - excerpt below.
http://blogs.msdn.com/b/b8/archive/2011/12/14/protecting-your-digital-identity.aspx
Windows 8 has a number of new features that make it much easier for both users and application developers to make use of public/private key methods. Windows already provides fairly extensive support for use of key pairs and certificates; but strong protection of the private key, as I mentioned earlier, typically relied on HSMs or smart cards. Windows 8 includes a new Key Storage Provider (KSP), which provides easy, convenient use of the Trusted Platform Module (TPM) as a way of strongly protecting private keys. A TPM is a trusted execution environment found on many business-class PCs today (and we expect much broader availability of TPMs when Windows 8 ships), which enables a PC to securely store cryptographic keys. Metro-style apps have APIs that make it easy to automatically enroll and manage keys on your behalf. The Windows Dev Center provides a sample banking app that shows developers how to use this API.
The KSP feature is particularly useful for banking and commerce applications, since it provides very strong resilience against the most common types of identity attacks on the Internet today while leveraging hardware inside your PC to prevent malware from stealing your private key.
For organizations and businesses that already use smart cards, we’ve implemented a new feature that overlays the TPM KSP feature and enables the TPM to function as a “virtual smart card.” This solution is more convenient and economical because you don’t need a physical smart card reader, but deployment is also easier because the virtual smart card functionality works with existing smart card applications and management solutions. The virtual smart card feature can be used in place of existing smart cards with any application or solution that is smart card compatible – no server- or application-side changes are required. Also, Windows 8 continues to support cards compliant with the Personal Identity Verification (PIV) standard or the Generic Identity Device Specification (GIDS) standard. By using these standards, deployment of smart cards is made much easier in Windows 8. All of these options are available for signing in to Windows (on domain-joined PCs), apps, websites – anything that was previously accessible using a physical smart card. This short video shows this in action after it is set up via policy or logon script by your adminsitrator.
cliff
CrowdStrike CEO to reveal 'major mobile vulnerability' at RSA
http://www.csoonline.com/article/700862/crowdstrike-ceo-to-reveal-major-mobile-vulnerability-at-rsa
George Kurtz, former McAfee CTO, now CrowdStrike CEO, says a significant vulnerability exists in Webkit browser that could result in total control of mobile devices.
By Wayne Rash
February 27, 2012
SAN FRANCISCO -- A significant vulnerability affecting all versions of the Webkit mobile browser could give malware complete control of your phone. The malware could listen in on your conversations, view through your camera and record everything in your email and messages. It can also track your locations at the time. George Kurtz, CEO of the new security company CrowdStrike, has told CSO he'll demonstrate how the vulnerability works at a presentation at RSA Wednesday.
According to Kurtz, the new vulnerability affects all Android, iOS and newer BlackBerry devices. It does not affect devices running Microsoft Windows Phone 7. Kurtz said this means virtually every smartphone and tablet in use globally shares this vulnerability. Worse, security software currently available for mobile devices won't detect such malware and won't protect against it.
Kurtz is perhaps best known for his revelations regarding the Chinese Shady Rat operation that compromised US government and defense contractors in 2011. Kurtz discovered the Chinese cyber attacks on the US while he was CTO at McAfee. He left that company after the Intel acquisition.
In his interview with CSO, Kurtz said that he compares the use of malware to the use of a gun. If someone is shooting at you, it makes more sense to take out the shooter rather than to stop the bullets, especially since the shooter can change the type of bullets he's using at any time. He said that users of malware can do the same thing and change the method of attack at any time.
Kurtz added that mobile devices are the next battlefield. "One of the things we talk about is the nation-state activity," Kurtz said. "We believe that this scenario is happening today. It's happening on mobile devices."
Kurtz said his company has been able to repurpose Chinese malware so it can take advantage of the Webkit vulnerability and take control of any mobile device. He said he's been able to control the camera and microphone on a mobile device, read email and text messages, and use the device to record what's happening around it. "It's the ultimate spy tool," he said.
Kurtz said the malware can be distributed by simply getting a user to click on a link that takes them to an infected website. Simply visiting the site would infect the device, and allow the remote operator of the malware to send data to a site anywhere in the world. "SMS messages could be a potential point of infection," Kurtz said.
For now, until the vulnerability is fixed, there's little anyone can do to prevent infection by the malware he describes, except to know not to click on links. In addition, he said it's important to make sure that software on mobile devices is kept updated, something that's not always possible on Android devices because of the fragmented update situation in the Android world.
Until security managers know that the mobile devices in their organizations have been updated, he said the best they can do is train users not to open links, and to be aware of what's installed on the devices. He also suggested disabling Android's ability to load applications from anywhere.
Kurtz will be present his findings Wednesday, at 10:40 a.m.
cliff
Mobile hacking sets off security gold rush
http://www.theglobeandmail.com/news/technology/mobile-technology/mobile-hacking-sets-off-security-gold-rush/article2026330/
Leila Abboud and Marie Mawad
PARIS— Reuters
Wednesday, May. 18, 2011 9:20AM
Hackers are increasingly aiming attacks at smart phones, touching off a race among software giants, start-ups and telecom operators seeking to cash in on ways to help consumers protect themselves.
As the previously fragmented smart phone market coalesces around big operating systems like Apple’s iPhone and Google’s Android, it has become a more attractive target for hackers seeking to maximize damage with one hit.
That’s creating a big business opportunity for everyone from traditional antivirus players like Intel’s McAfee to mobile operators like France Telecom and handset makers like Nokia.
Market research firm Infonetics forecasts sales of mobile security software will grow 50 per cent a year through 2014 to hit $2-billion. “The mobile security market will one day be bigger than that of computers,” Neil Rimer, co-founder of Geneva-based fund Index Ventures, said at the Reuters Global Technology Summit. “It’s a no-brainer that people will pay to protect their devices, and the market will not be owned by one big player.”
Rimer’s fund has invested in three-year-old start-up Lookout Mobile Security, which has racked up more than 2 million users by selling its software on Google’s Android Market and via partnerships with operators like Verizon.
Hackers attack mobiles in a myriad of ways. They can force phones to send hundreds of texts to paying services, steal account information when a person uses their bank website, or make fake phone calls to long distance numbers.
The ‘app’ craze in which people download small bits of software to do everything from play games to search movie times has also opened up new opportunities for cyber-criminals to infect phones.
Unlike Apple, which reviews and approves all the offerings on its App Store, Google’s Android Market allows developers to post their apps directly. That more open approach could leave Android more vulnerable to attack, according to security experts.
The first significant security breach hit the Android Market in March when hackers added malicious code, known as a Trojan, to 58 popular apps and quickly infected 250,000 phones. According to a blog post from Google’s Android security head, the company was forced to use its ‘kill switch’ to remotely erase the apps from users’ phones and issued an update to its Android Market to patch the hole the hackers exploited.
A recent study by telecom gear maker Juniper Networks found a fourfold increase in malware targeted at Android’s operating system from June last year through January, while overall mobile attacks more than doubled.
“We’ve seen issues on all platforms, Nokia’s Symbian, Apple’s iOS and Android,” said John Hering, Lookout’s founder.
Some industry executives believe that the creators of operating systems bear much of the responsibility to safeguard smart phones.
“The platform itself needs to provide a sufficient level of security then we can help with software,” said Florian Seiche, who heads the European region for Taiwanese smart phone maker HTC .
Meanwhile telecom operators are also trying to take a piece of the mobile security pie. Some 40 telecom operators including Vodafone and TeliaSonera have signed deals with mobile security specialist F-Secure to offer anti-virus software and anti-theft protections to smart phone customers.
“Operators are very interested in offering security as a service to their customers as a way to generate revenue and promote customer retention,” explained Sean Obrey, F-Secure’s head of operator business development.
These packages can cost anywhere from 5 to 10 euros a month, said Obrey.
Eric Edelstein, head of Internet and mobile security at France Telecom said the group was tailoring its mobile security products and services to its different markets.
The group, which markets its services under the brand name Orange, pre-packages security software on some smart phones in Britain, sends text messages to users with infected phones in Poland, and offers security services to its French customers for 3 to 9 euros a month.
But some think it will take a major virus or worm on mobiles before consumers will be willing to pay extra for security protection on their phones as they do on their personal computers.
“When you start asking them what’s your willingness to pay for a solution, if they’re not a little frightened, their willingness to pay is nothing,” said John Stankey, the head of AT&T’s enterprise business.
AT&T plans to start marketing a security offering to consumers next year, Stankey said at the Reuters summit.
“It’ll take a little time for this to go mass market.”
cliff
awk, while Weby remarked on the reference to the roadmap in the Windows 8 PR, I wondered about the relevance of the last sentence.
"As part of the roadmap, Wave will develop attestation capabilities using the TPM that increase the trust level for online transactions and confirm the reliability of computer health metrics. Wave software enhances deployment scenarios for TPM-based features while extending the capabilities to previous Windows operating systems. "
No doubt this is a significant milestone, and it's not a bad thing that Mrs Cliff was able to maximize her TFSA purchase thanks to continued market oversight.
cliff
Security Predictions for 2012: excerpt pasted below.
... scrambls anyone?
http://www.websense.com/assets/reports/2012-Predictions-WS-Security-Labs.pdf?cmpid=prblog
1. Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social media credentials in online forums. Spammers have been buying parcels of email credentials for a couple years now. We’ve seen carder sites where criminals can buy and sell your credit card information for pennies on the dollar. Want a South African issued card with a $25,000 limit with the user’s PIN? How about one from the U.S. issued by a bank in the Northeast along with the user’s social security number? Old news.
Today, your social identity may have greater value to the bad guys. Facebook has more than 800 million active users, and over half of them log on daily and they have an average of 130 friends. Trust is the basis of social networking, so if a bad guy compromises your social media logins, there is a good chance they can manipulate your friends. Which leads us to prediction #2.
2. The primary blended attack method used in the most advanced attacks will be to go through your social media “friends,” mobile
devices and through the cloud. Blended attacks used to be predominately about the use of email and web together. Many of the recent so-called advanced persistent threats (APTs)were simply email phishing scams. In 2012,advanced attacks are going to increasingly use at least two, and sometimes all, of the
already seen one APT attack that used the chat functionality of a compromised social network account to get to the right user. Expect this to be the primary vector in the most persistent and advanced attacks of 2012.
cliff
Interesting CMS-Wave business relationship: "This drive is co-branded with Wave, providing a certified solution for external drives for their secure environment."
This is one of two OPAL-compliant external drive from CMS:
http://www.cmsproducts.com/products/333-ce-secure-diskvaultwave-edition.aspx
http://www.cmsproducts.com/products/322-ce-secure-self-encrypting-drives.aspx
cliff
Agree with your message dig, but rather than calling it moot, I think the BYOC movement actually becomes a driver for TCG solutions.
cliff
wavxmaster, Sung Lee has strong qualifications in Mobile. This document is dated 8/20/2006.
A Mobile Trusted Platform Module (mTPM) Architecture
http://www.flacp.fujitsulabs.com/~zsong/work/mtpm.pdf
cliff
rwk, here's a link to the paper itself:
http://b-dig.iie.org.mx/BibDig/P10-0381/DATA/S2-6-2.PDF
Samsung already has a big STB business ( http://www.samsung.com/us/business/settopbox/ ). Product is distributed through content service providers who rebadge them; I suppose that makes the CSPs OEM customers.
Moreover, it appears that the use of virtualization would make it possible to integrate a universal STB into the TV itself ... just add a SED for PVR.
From page 3:
... we propose an STB architecture that does not employ smart cards. Instead, the architecture presented in this paper is based on a TPM usage. In other words, we advocate the use of TPMs instead of smart cards or custom built hardware for CAS/DRM for DVB security.
Although, smart card based protections currently meet the security demands of DVB systems, they also constitute several drawbacks and inconveniences. The standards developed by DVB organization ([30]) define common interfaces for CAS both at the transmission and receiver sides and allow the systems themselves to be proprietary, c.f. [10], [11], [12], [8]. Due to the existence of several different proprietary CA systems, a user requires different cards for different conditional access modules.
Moreover, TPM based solutions presumably provide higher security levels compared to conventinal smart cards. Interestingly, it is stated in page 5 of [2] that “a major impact on the satellite TV industry has been fraudsters selling modified “all-access” smart cards based on modifications to valid smart cards and receivers.”
From pages 3 & 4:
Our architecture is designed to achieve the following desired capabilities:
• The architecture should support subscriptions to multiple SPs without requiring additional h/w (e.g. smartcards) for different SPs.
• The architecture should have strong isolation between different SP systems.
• The applications (e.g./ Web browser, email client, etc.) should not create a security threat for SP systems and the application execution should be confined.
• The architecture should have strong mechanisms to ensure the system integrity.
• The architecture should provide verifiable security assurance for SP systems.
• The architecture should enable SPs to utilize the platform with minimal or no changes to the SP systems.
From page 4:
In this paper, we design our architecture to leverage a virtualization approach for domain isolation.
and
In our architecture, each SP system runs in its own compartment (i.e., virtual machine) isolated from other SP systems. The user installed 3rd party applications such as the web browser are also contained in other VMs (i.e., sandboxed) and therefore their execution cannot endanger the SP systems or domains.
cliff
rwk, here's another possibility for "consumer device" that has been under radar for awhile, this latest incarnation co-authored with enthusiasm by 3 members of Samsung Information Systems America, Samsung Electronics R&D Center, San Jose, CA ...
A secure DVB set-top box via trusting computing technologies
http://dl.acm.org/citation.cfm?id=1700788
This paper presents a very natural "killer application" of modern Commercially Off The Shelf (COTS) available Trusted Computing technologies. The application which we propose is a secure and cost optimized DVB Set-top Box. Our respective reference architecture is exclusively build upon such COTS Trusted Computing technologies and completely avoids the use of any proprietary and thus expensive hardware. Particularly, we will use an orchestration of the following TC concepts from the PC field and standardized by the Trusted Computing Group: Secure Boot, Remote Attestation, Trusted Channels, Virtualization for Domain Isolation, and the Trusted Platform Module (TPM). The Trusted Domain Isolation concept (as realized through Trusted Virtualization) allows the simple subscription to different Service Providers (SP) without the need of any SP-specific hardware requirements. The vast computing power of modern CPU architectures allows for the pure software virtualization of any SP-proprietary hardware. In addition to that isolation concept, the novel hardware assisted security ingredients of modern CPUs allow in combination with the TPM for a verifiable evidence of a tamper-free execution environment for the different SP's. I.e., at all times during the execution of a SP's "virtual set-top box", the respective SP is able to remotely request an attestation of the whole execution platform and ensure its fundamental system integrity. This attestation proves either that no "malicous platform tampering" or "unintended platform use" is happening, or in case that it fails, it gives the SP the possibility to deny further services by simply cutting the content delivery channel. Thus, at all times we can guarantee the various SP's strong security assurances. Moreover, the nowadays very well understood and very efficient (even real-time capable!) virtualization concept allows a simple and efficient migration of different SP architectures to such a universal DVB Set-top Box. In some cases a simple binary migration with only little modifications might be possible. Also, our architecture inherently supports the easy integration of an open but strongly isolated user partition, thus allowing the user for a kind of his own PC within his home TV and Set-top Box combination. Moreover, this also allows for an elegant realization of very recent initiatives aiming to merge the home TV experience with the full Web experience (e.g. See'N'Search [27]). In addition to being a very natural killer application of such Trusted Computing technologies the DVB Set-top Box example touches also on the very important and subtle scalability issue of the Trusted Computing paradigm.
cliff
OT - RIM relents to India demands, sets up local surveillance outpost
http://business.financialpost.com/2011/10/28/rim-relents-to-india-demands-sets-up-local-surveillance-outpost-report/
Oct 28, 2011 Research In Motion Ltd. has at least partially relented to the Indian government’s demand for access to the company’s secure BlackBerry network, the Wall Street Journal reported Friday.
Citing people familiar with the matter, the U.S. newspaper said RIM established a facility on the western coastal city of Mumbai earlier this year to help India conduct lawful surveillance of its citizens.
Rumours had been circulating for nearly a year suggesting the Waterloo, Ont.-based smartphone maker had found a way for Indian authorities to access messages sent through its network without compromising its key security architecture.
In an emailed statement to the Financial Post, RIM said it “continues to work very well with the Government of India” and that the company believes India “is now applying its security policy in a consistent manner to all handset makers and service providers in India, which means RIM should not be singled out any more than any other provider.”
The statement did not address the specific claims referenced in the Wall Street Journal report.
India can submit names of BlackBerry users the government wants to monitor, and RIM will decode any messages sent to those users and deliver them to authorities as long as it is satisfied the request has legal authorization, the report said.
While the system is said to work for BlackBerry Messenger (BBM) data and other information sent over consumer devices, the report said India still lacks a way of intercepting data sent via the BlackBerry Enterprise Servers (BES) RIM provides to corporate clients.
RIM has long maintained that the structure of its BES technology prevents even RIM officials from decoding messages sent from corporate BES accounts or providing governments with a so-called “master encryption key.”
India would be capable of intercepting BBM data on its own, the report said, if it invested in better decryption technology. The government has said that would be ideal since then it would no longer have to disclose the names of suspected criminals to RIM.
The robust security features of BlackBerry devices has led RIM afoul of various national governments in the region as well.
Last August, RIM reportedly struck a deal with Saudi Arabia’s telecom regulator to share the unique pin number and code for each BlackBerry registered there. While RIM never confirmed that deal either, it presumably allowed local authorities to access subscriber data on demand and avoided a potential ban of all BlackBerry services in the country.
Three months later, in October of 2010, the United Arab Emirates dropped a similar threat to block BlackBerry services after RIM reportedly came to a similar arrangement to the one it (also reportedly) established in Saudi Arabia.
In April 2011, RIM co-chief executive Mike Lazaridis walked out of a BBC interview after he took offense to the suggestion his company had a “security problem” with various governments in the region.
cliff
Wavedreamer, this is great DD, thanks. Here's a link to the article:
http://arstechnica.com/microsoft/news/2011/07/ask-ars-windows-everywhere-or-windows-nowhere-what-is-microsofts-single-ecosystem.ars/2
BTW, there is an update to the Xbox Live story here:
http://content.usatoday.com/communities/gamehunters/post/2011/10/microsoft-to-bring-tv-programming-to-xbox-live-service/1
It still appears to me that this is an OTT play that is aligned to the carrier business model for IPTV, and that the Xbox is just a set-top box with benefits. Backwards compatibility would be one question I'd like to have answered.
cliff
Re: Big TV Deal For Microsoft
From what I can tell, this is a quasi-over-the-top offering, and competes against the likes of Netflix while offering compensation to the carriers for using their infrastructure:
1. Mediaroom already manages the carrier's own head-end content. The role of Xbox as a set-top box is well-precedented (see previous posts on this, plus http://www.engadget.com/2010/10/07/atandt-u-verse-customers-can-use-xbox-360-as-a-set-top-box-startin , and browse the comments).
2. Going forward, Mediaroom will also manage additional content from Microsoft's head-end. This would require quality-of-service (i.e. to throttle or not to throttle) and revenue-settlement agreements with the carriers whose Mediaroom and network assets are being shared to enable the OTT services, and that apparent breakthrough merits the PR. Note that Netflix is pure OTT, i.e. not managed by Mediaroom, and competes with the carriers' IPTV offering while at the same time consuming network bandwidth without compensation.
Per http://en.wikipedia.org/wiki/Microsoft_Mediaroom :
"Microsoft Mediaroom enabled TV services, making it the most widely deployed commercial IPTV middleware platform. Mediaroom-powered TV services are available on a range of screens including the TV via set-top box, Xbox 360, Windows PCs, Web browsers via Microsoft Silverlight and Windows Phone 7 smartphones."
So until I see something different, there's no technology innovation here and no change required to the authentication model already in place for the Xbox.
cliff
mundo, this is an ongoing evolution:
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=25785350
http://en.wikipedia.org/wiki/Telus_TV
I expect these carriers all use Microsoft Mediaroom for programming fulfillment and DRM. Mediaroom is server-based, the CPE set-top box enables authentication.
Something to watch (pardon the pun).
cliff
Article on M2M that demonstrates how the MTM will become ubiquitous as machine-to-machine services proliferate.
http://www.billingworld.com/blogs/baker/2011/08/is-the-m2m-device-in-your-refrigerator-a-telecom.aspx
Is the M2M Device in Your Refrigerator a Telecom Fraud Threat?
Machine-to-machine (M2M) technology is riding the wave of Smart Grid popularity. M2M’s primary use is in the wireless transmission of telemetry data, capturing remote data, updating software, transmitting pictures, and has thousands of other uses.
The market is in its very early stages, yet plenty of pilots are underway in Smart Metering. For instance, Vodafone in the U.K. is conducting an extensive trial on collecting data from utility meters on consumption, then analyzing rates to help consumers and power industry players optimize electricity use or save money.
Another promising use is in medical care. A person wearing a pacemaker could have an M2M device transmit heart monitoring data back to her doctor. Auto insurers are fascinated with the idea of monitoring car-driving habits remotely and adjusting a client’s auto insurance premiums accordingly.
But excitement aside, there are substantial security and control issues around M2M, and that greatly concerns Simon Collins, vice president at Praesidium, the risk and controls consulting arm of WeDo Technologies. In fact, Simon has authored an insightful industry paper on this issue entitled, “Embedded Mobile (M2M) - Telecoms Fraud & Security Management." Here are edited excerpts from my interview with Simon.
Dan Baker: Simon, before we get into the control aspects of M2M, I’m curious, what’s driving the M2M market? And if you plug a home device into a fixed network, does that qualify as M2M?
Praesidium's Simon CollinsSimon Collins: Dan, I think a wireline connection would certainly qualify as M2M. However, the real push behind M2M is coming from within the GSMA. As mobile phone penetration is exceeding 100 percent in many markets, the GSMA members are looking for new growth opportunities, and M2M is one of them. The other driver is that several industries are hoping that M2M will drive greater services revenue and enable a firm to differentiate its products in terms of better customer service.
DB: From a telecom’s viewpoint, I’m not sure an M2M service can command much of a premium. It’s not a personal device like a handset. In some ways, it’s like the portable GPS we have in our cars. You pay an upfront fee to buy the GPS receiver and the satellite connection is bundled in as a free service after that.
SC: True, a one-time fee will certainly be one way to pay for M2M. Where the amount of M2M data traffic matters, it will also be billed by data consumption. I would agree that it’s hard to see many uses for premium pricing, such as a high QoS service. Though medical-device monitoring and remote photos transmitted for physical security are a couple of examples where reliable connectivity should demand higher fees.
DB: So where do we stand in terms of M2M controls? What revenue assurance and fraud issues do telecoms need to be concerned about today?
SC: Dan, the revenue assurance issues are the first ones that can and should be addressed. Do you actually know which machines are included in a particular tariff or group plan? That’s also a provisioning-assurance matter – you need to determine which devices belong to which billing group.
The other and far more troublesome problem is technical security. While GSM and 3G services are fundamentally secure in their own right, the SIM/USIM device which M2M relies on is not secure in most cases. There’s a famous, almost humorous, case in South Africa where people stole the SIM cards from traffic lights and plugged them in elsewhere to use the bandwidth for other purposes.
So the question is: How do you verify that the device is where it’s supposed to be?
SIM cloning has been relatively common in GSM. And WeDo and others have fraud systems in place to detect that. However, detecting GSM fraud is usually a matter of analyzing the behaviors of people — the phone numbers people called and the time of day. When people talk to other people, you can collect biometric data, plus lots of other data can be used for analysis. Do they send text messages? Do they call home or work on a regular basis? If they don't, it might be suspicious.
But much of that intelligence is not available in a machine-to-machine environment where the device is sending a standard message every 30 minutes or hour.
DB: So, what’s needed to detect M2M fraud?
SC: We need some form of certificate from the actual device that is unique. Ideally this would be something hardcoded so that it cannot be copied or produced anywhere else. This is not the case in GSM today because many of the algorithms in the phone can be broken though the fundamental security aspects of SIM/USIM are still good.
This sort of solution will emerge over time. When that day arrives, we no longer will need to wonder whether we’re talking to the SIM card in the expected traffic light location in downtown London or the same SIM card fraudulently deployed in Malaysia where it’s pumping out free voice minutes.
By the way, femtocells, the devices you put in your home to increase your coverage back to a broadband link, are already shown to be vulnerable. The Vodafone network in the U.K. has been cracked, for instance.
The other troublesome point is that as M2M evolves, you’ll have all sorts of low cost devices deployed – on washing machines or refrigerators smart meters. It’s useful because it will alert the customer or the manufacturer that the appliance needs a part replacement, but nobody is quite sure of the risks around having millions of unsecure devices hanging off the network.
DB: In other words, how the SIM/USIM device is deployed today is of secondary importance to where it could be deployed later. The SIM card on your washing machine could be the channel for perpetrating fraud.
SC: Absolutely. This is the worrying point: You don’t know the original identity of the device it was attached to. The data goes through network elements, but we haven't really designed the network to be looking for M2M devices. We need to verify where the device lives, what sort of data it’s transmitting, and how it is being used.
It’s taken the industry some time to provide good security for the IMEI number, the mobile identity number in a wireless phone. Today, the IMEI will usually be secure for the first six months to a year after it is manufactured. But sooner or later, a hacker can break that device. Smartphones can be cracked relatively easily. So it begins to look like the malware game in personal computers. The fraudsters penetrate the defenses and you wait for Apple to write a patch that protects you on their next release.
DB: Simon, in conclusion, how to do you see the telecom industry dealing with M2M related fraud and RA problems in the next few years?
SC: Dan, in the near term, carriers will turn to companies like WeDo to help manage M2M revenue-assurance problems. Are we billing correctly for the consumption and the provision of that service? Those solutions can also detect the fraud issues around the administration of a telecom’s M2M program.
Yet regardless of how big and popular M2M ultimately becomes, the technical security issue looms large and is unsolved. Considerable work and investment is required to solve that issue, yet our industry first needs to acknowledge that it’s a major vulnerability. Once we recognize that fact, we can begin to make M2M as secure from fraud threats as possible.
Simon Collins is WeDo Technologies' vice president for Business Consulting division, Præsidium. Simon is responsible for all of Præsidium’s technical risk consultancy services supplied to more than 100 operator clients worldwide.
cliff
awk, interesting! I'll look forward to developments on this ... as you know, the RIM security is very robust, but from the story it sounds like what was hacked was possibly a non-RIM IT environment.
Nice to see applets back in the narrative after so many years!
cliff
ExPatriate57, I expect it to be monetized in essentially the same way TPMs will be monetized. Think ERAS for mobile, and now let's set some context for the integration that could be required.
Mobile device activation is already a challenging process for mobile carriers, with the expectation that a handset will be activated in near-real time at the point-of-sale. Activation for Sprint 4G requires < 0.3 seconds latency and a recent RFP for another North American carrier required 3.6m transactions per hour.
If you believe in the advent of MTM-based device security for mobile, having to enrol an MTM as part of the device activation will make this process even more challenging. Maybe in the corporate world this can be delegated to a subsequent activity managed by IT. Not sure how it will be handled for consumer, but 1st generation will undoubtedly be a kluge ... maybe there's a services opportunity there for someone along the same lines that we've speculated on for consumer PCs.
The MTM discussion has been aimed at the mobile handset market. Expect the same requirement to quickly emerge for machine-to-machine, which will ultimately see an even larger volume of managed device endpoints.
Not an easy undertaking, and not something that can happen overnight, but I don't doubt it's going to become part of the process, and that it will be monetized.
cliff
barge, very nice!
cliff
New Intel tablets could slow iPad enterprise appeal
http://cio-asia.com/tech/mobile-and-wireless/new-intel-tablets-could-slow-ipad-enterprise-appeal/
Agam Shah, May 13, 2011
Tablets with Intel's Oak Trail chips could find a niche in companies using the Wintel platform.
Tablets based on Intel's first dedicated tablet processor may not be a monster hit among consumers like Apple's iPad, but they could find adoption in enterprises, analysts said this week.
Apple's iPad is the poster child, but Intel's Oak Trail processor could bring a new wave of tablets that are more closely aligned to security, software and hardware needs in enterprises, analysts said. By supporting the Windows 7 OS, Oak Trail tablets will blend more smoothly than the iPad into IT environments relying on Windows.
Tablets with Intel's 1.5GHz Atom Z670 processor from Fujitsu and Motion Computing went on sale this month and start shipping in June. Fujitsu is taking orders for the Stylistic Q550 Slate PC tablet, which is priced starting at US$729. Motion Computing is taking orders for the CL900 Tablet PC, which is priced starting at $899. The business tablets come with Microsoft's Windows 7 OS and include solid-state drive storage. Intel has said 35 devices based on the Oak Trail chip will become available starting in May.
Apple may be spurring consumer tablet innovation, but computing needs are very different in the corporate world, said Stephen Baker, vice president of industry analysis at NPD. Outside the Apple ecosystem, there is a whole world of corporate applications and computing needs driven by Windows, Baker said.
"Products like these [tablets] will do well because Oak Trail provides a better experience for the user on a familiar platform, bridging the gap between corporate products and consumer ones," Baker said.
The iPad 2 has an ARM processor and offers outstanding power efficiency and performance features, Baker said. But for enterprises, iPad's software and hardware compatibility issues are more concerning than speed or battery improvements.
Oak Trail tablets differ from the iPad on hardware features, but provide the same level of comfort and compatibility for businesses that depend on a suite of applications they have developed, Baker said.
There is growing interest in the iPad in the enterprise, but Oak Trail tablets could also be a feasible alternative for enterprises concerned about security and application compatibility issues, analysts said.
"There's a security story that plays well in corporate. IT managers will be much friendlier to a Windows tablet than to an iOS one," said Roger Kay, president at Endpoint Technologies Associates. "Windows tablets
will likely appeal to commercial customers, who, for compatibility reasons, want to stay with Windows," Kay said.
The Fujitsu and Motion Computing tablets offer Trusted Platform Management 1.2 (TPM), a hardware-based cryptography and authentication technology to enhance tablet security. Intel has also said future tablet chips will include VPro technology to remotely manage and disable tablets.
The Fujitsu tablet reflects the positioning pursued by Intel and Microsoft where tablets qualify as "companion" devices that complement smartphones and traditional PCs, said Charles King, principal analyst at Pund-IT.
"The primary target markets are largely businesses dependent on Windows that want devices which support commonly used IT management and processes, and easily synched with Windows business applications" King said.
Intel has said that device makers will ultimately release Oak Trail tablets based its Meego and Google's Android 3.0 operating system code-named Honeycomb. But Oak Trail tablets face a tough challenge against Apple's iPad in both the consumer and enterprise markets, King said.
"Whether they can make a successful run at the iPad is anyone's guess. Right now, Apple looks virtually bulletproof," King said.
cliff
Can Intel atomize ARM with new tablet chips?
http://venturebeat.com/2011/04/11/can-intel-atomize-arm-with-new-tablet-chips/
April 11, 2011 | Dean Takahashi
Intel is taking on arch rival ARM today with the launch of new Intel Atom chips for tablet computers.
The Atom is a low-power version of Intel’s computer chips, and it is aimed squarely at tablets, netbooks, and smartphones. It represents the chip giant’s best chance to catch up with ARM, which dominates the mobile space with its power-efficient chip architecture and dozens of chip design partners.
Code-named Oak Trail, the new Intel Atom Z670 processor will appear in 35 tablet computers and other mobile devices this year, said Bill Kircos, general manager of marketing for Intel’s netbook and tablet group, in an interview.
The battle between Intel and ARM is the biggest collision in the entire semiconductor industry. With Atom, Intel is trying to extend its PC hegemony into tablets and smartphones. But ARM has the upper hand, since it started with a low-power architecture and is already built into billions of low-power devices such as ordinary cell phones. ARM is moving up into the computer-like tablet and smartphone devices.
While Intel is the world’s largest chip maker, it has to compete against ARM’s army. ARM doesn’t make chips itself. It designs a general architecture. Its licensees such as Qualcomm, Marvell, Broadcom, and Nvidia design chips based on the architecture that are used in mobile devices.
Intel’s Atom chips are becoming more power efficient with each generation. Kircos said that Intel will use its manufacturing muscle to accelerate its attack on ARM by leaping to new technology faster. The Oak Trail chips are made with 45-nanometer manufacturing. (A nanometer is a billionth of a meter). Intel will make the Cedar Trail chips with 32-nanometer technology. Each time it makes such a leap in manufacturing, Intel can build its circuitry smaller, resulting in faster, smaller, cheaper, and less power-hungry chips.
The Oak Trail chip, for instance, is 60 percent smaller (and therefore about 60 percent cheaper to make) than the previous generation Atom. For consumers, the new chips will deliver features such as smaller, thinner, fanless devices that can last a day on battery power.
That rate of introduction shows that Intel is moving faster than Moore’s Law, Kircos said. Moore’s Law, postulated in 1965 by Intel Chairman Emeritus Gordon Moore, predicts that chip capacity will double every two years. Intel is trying to double that pace so that it can double its chip capacity and other features every year at least for the Atom product line.
In 2013, Intel will launch a 22-nanometer Atom chip. Normally, chip makers move to a new manufacturing technology every couple of years. But by putting out a new Atom chip on a new manufacturing process three years in a row, Intel is showing that it is dead serious about staying ahead of ARM. To match Intel’s effort, ARM’s partners will have to invest billions of dollars in their own chip factories.
Customers using Oak Trail include Evolve III, Fujitsu, Lenovo, Motion Computing, Razer and Viliv. New tablets with the Intel chips will start shipping in May. Then, later this year, Intel will debut new Atom chips code-named Cedar Trail. Those chips for the netbook and entry-level desktop markets will appear in the second half of 2011.
The Intel Atom Z670 is a single-core (one brain) chip that runs at 1.5 gigahertz. Kircos said the exact battery life will depend on actual tablets, but most of the new tablets using the new Atom will be able to run a full day on one battery charge.
Not only will the new chips have better media, graphics, and power consumption. The Cedar Trail chips will have features such as Intel Wireless Music (which lets you play music anywhere in the home), Intel Wireless Display (for displaying a mobile device’s screen on a big-screen TV), PC Synch (for synchronizing with a PC), and Fast Boot (for starting instantly).
The new Atom chip, unveiled at the Intel Developer Forum event in Beijing today, will give customers a choice of operating systems. It will run on Google Chrome and Android, MeeGo, and Windows operating systems. The Z670 chip will have faster video playback, fast internet browsing, and longer battery life. It can play 1080p video, and it supports high-definition multimedia interface (HDMI) and Adobe Flash for rich animations.
cliff
Very interesting Nokia-Msft news in view of SKS comments starting at 6:15 of the America's Growth Capital presentation:
Nokia and Microsoft Announce Plans for a Broad Strategic Partnership to Build a New Global Mobile Ecosystem
Companies plan to combine assets and develop innovative mobile products on an unprecedented scale.
http://www.microsoft.com/presspass/press/2011/feb11/02-11partnership.mspx
Nokia and Microsoft Announce Plans for a Broad Strategic Partnership to Build a New Global Mobile Ecosystem
Companies plan to combine assets and develop innovative mobile products on an unprecedented scale.
LONDON – Feb. 11, 2011 – Nokia and Microsoft today announced plans to form a broad strategic partnership that would use their complementary strengths and expertise to create a new global mobile ecosystem.
Nokia and Microsoft intend to jointly create market-leading mobile products and services designed to offer consumers, operators and developers unrivalled choice and opportunity. As each company would focus on its core competencies, the partnership would create the opportunity for rapid time to market execution. Additionally, Nokia and Microsoft plan to work together to integrate key assets and create completely new service offerings, while extending established products and services to new markets.
Under the proposed partnership:
• Nokia would adopt Windows Phone as its principal smartphone strategy, innovating on top of the platform in areas such as imaging, where Nokia is a market leader.
• Nokia would help drive the future of Windows Phone. Nokia would contribute its expertise on hardware design, language support, and help bring Windows Phone to a larger range of price points, market segments and geographies.
• Nokia and Microsoft would closely collaborate on joint marketing initiatives and a shared development roadmap to align on the future evolution of mobile products.
• Bing would power Nokia’s search services across Nokia devices and services, giving customers access to Bing’s next generation search capabilities. Microsoft adCenter would provide search advertising services on Nokia’s line of devices and services.
• Nokia Maps would be a core part of Microsoft’s mapping services. For example, Maps would be integrated with Microsoft’s Bing search engine and adCenter advertising platform to form a unique local search and advertising experience
• Nokia’s extensive operator billing agreements would make it easier for consumers to purchase Nokia Windows Phone services in countries where credit-card use is low.
• Microsoft development tools would be used to create applications to run on Nokia Windows Phones, allowing developers to easily leverage the ecosystem’s global reach.
• Nokia’s content and application store would be integrated with Microsoft Marketplace for a more compelling consumer experience.
“Today, developers, operators and consumers want compelling mobile products, which include not only the device, but the software, services, applications and customer support that make a great experience,” Stephen Elop, Nokia President and CEO, said at a joint news conference in London. “Nokia and Microsoft will combine our strengths to deliver an ecosystem with unrivalled global reach and scale. It’s now a three-horse race.”
“I am excited about this partnership with Nokia,” said Steven A. Ballmer, Microsoft CEO. “Ecosystems thrive when fueled by speed, innovation and scale.The partnership announced today provides incredible scale, vast expertise in hardware and software innovation and a proven ability to execute.”
cliff
Apple Plans Service That Lets IPhone Users Pay With Handsets
http://www.bloomberg.com/news/2011-01-25/apple-plans-service-that-lets-iphone-users-pay-with-handsets.html
Apple Inc. plans to introduce services that would let customers use its iPhone and iPad computer to make purchases, said Richard Doherty, director of consulting firm Envisioneering Group.
The services are based on “Near-Field Communication,” a technology that can beam and receive information at a distance of up to 4 inches, due to be embedded in the next iteration of the iPhone for AT&T Inc. and the iPad 2, Doherty said. Both products are likely to be introduced this year, he said, citing engineers who are working on hardware for the Apple project.
Apple’s service may be able to tap into user information already on file, including credit-card numbers, iTunes gift-card balance and bank data, said Richard Crone, who leads financial industry adviser Crone Consulting LLC in San Carlos, California. That could make it an alternative to programs offered by such companies as Visa Inc., MasterCard Inc. and EBay Inc.’s PayPal, said Taylor Hamilton, an analyst at consultant IBISWorld Inc.
“It would make a lot of sense for Apple to include NFC functionality in its products,” Crone said.
The main goal for Apple would be to get a piece of the $6.2 trillion Americans spend each year on goods and services, Crone said. Today, the company pays credit-card processing fees on every purchase from iTunes. By encouraging consumers to use cheaper methods -- such as tapping their bank accounts directly, which is how many purchases are made via PayPal -- Apple could cut its own costs and those of retailers selling Apple products.
Apple's plans could change, and the new products may be delayed or not come to fruition. Natalie Harrison, a spokeswoman for Apple, declined to comment.
Adding Features to Phones
“NFC is definitely one of the technologies that’s getting a lot of attention, but ultimately the consumer is going to choose,” said Charlotte Hill, a spokeswoman for PayPal, owned by San Jose, California-based EBay. Elvira Swanson, a spokeswoman for San Francisco-based Visa, said the company is “excited to see NFC mobile devices coming into the market.”
Ed McLaughlin, chief emerging payments officer at MasterCard, said the company is “running the world’s fastest payment network, and that doesn’t need to be re-created.” MasterCard sees NFC “as an opportunity to partner with organizations” and already has run NFC payment trials around the world.
The recently passed Durbin Amendment makes the timing right for a push by Apple, Crone said. The regulation, which will go into effect this summer, may limit debit-card fees paid by retailers and lets them encourage consumers to use one payment method over another.
Competing With Android
Under Apple Chief Operating Officer Tim Cook, who’s handling day-to-day operations as Chief Executive Officer Steve Jobs takes medical leave, the iPhone is adding features that will help it compete with phones that use Google Inc.’s Android software. Samsung Electronics Co.’s Nexus S phone, which runs Android, can read information from NFC tags. Nokia Oyj, the world’s largest maker of mobile phones, has pushed NFC adoption for years, though the technology has been slow to take off.
“Apple could be the game-changer,” Doherty said.
Apple, based in Cupertino, California, is considering starting a mobile payment service as early as mid-2011, Doherty said. It would revamp iTunes, a service that lets consumers buy digital movies and music, so it would hold not only users’ credit-card account information but also loyalty credits and points, Doherty said.
Using the service, customers could walk into a store or restaurant and make payments straight from an iPad or iPhone. They could also receive loyalty rewards and credits for purchases, such as when referring a friend, Doherty said.
Targeted Advertising
Apple also could use NFC to improve how it delivers mobile ads to customers’ handsets and charge higher fees for those ads, Crone said. NFC would let Apple’s iAd advertising network personalize ads to the places where a customer is spending money. That could double or triple the ad rates that Apple charges, Crone said.
Apple has created a prototype of a payment terminal that small businesses, such as hairdressers and mom-and-pop stores, could use to scan NFC-enabled iPhones and iPads, Doherty said. The company is considering heavily subsidizing the terminal, or even giving it away to retailers, to encourage fast, nationwide adoption of NFC technology and rev up sales of NFC-enabled iPhones and iPads, he said.
To help get ready for NFC, Apple last year hired Benjamin Vigier, who worked on the technology at mobile-payment provider MFoundry. It also has applied for a patent on a system that uses NFC to share information between applications running on various Apple devices.
cliff
Orange, T-Mobile Team on Mobile Payment Service
http://www.billingworld.com/news/2011/01/orange-t-mobile-team-on-mobile-payment-service.aspx
January 31, 2011
Everything Everywhere – the union of U.K. mobile service providers Orange and T-Mobile -- will have a payment-enabled phone available by summer through a partnership with Barclaycard.
The service will be the first commercial contactless mobile payment service in the U.K., the carriers said.
Barclaycard and Everything Everywhere will roll out a service-enabled handset in the second quarter of the year. The phones will use a SIM-enabled approach to allow people to use their mobile phones to make payments of up to £15 at more than 40,000 stores in the U.K.
The SIM-based payment system uses technology called Near Field Communication (NFC) to allow people to make payments by swiping their mobile phones across a point-of-sale card reader to register the transaction. NFC can transmit and receive information at a distance of up to four inches. A report published in Bloomberg Wednesday claims that the next versions of Apple’s iPad and iPhone will also feature this technology.
Barclaycard and Everything Everywhere have been planning to create a mobile payments service in the U.K. since 2009. Barclaycard already has an Orange-branded credit card and plan to introduce an Orange Cash prepaid payment card.
Mobile payments are being touted as the next wave in how people make purchases, and the SIM-enabled approach is not the only one being used. People also can use their phones to send a payment request via a text message and have the money taken out of their phone bill or an online payment system.
While the idea and technology for a mobile payment service has been around for awhile, 2011 is the year it’s expected to take off. There is a lot of interest in the service especially in Europe and Asia, but if the iPhone/iPad rumors are true, it will soon hit the U.S. market in a big way as well.
cliff
Verizon Wireless, AT&T, T-Mobile Unveil Joint Mobile-Commerce Plan
http://www.billingworld.com/news/2010/11/verizon-wireless-at-t-t-mobile-unveil-joint-mobil.aspx
We now know more about a mobile commerce venture that will team three of the four largest wireless carriers in the United States.
First coming to light this past summer, AT&T, Verizon Wireless and T-Mobile USA today announced that their joint venture will be called Isis. Isis is a national mobile commerce network that the telcos say aims to fundamentally transform how people shop, pay and save.
The first step will be building a mobile-payment network that allows consumers to use their mobile phones to make purchases. The carriers say Isis will use smartphone and near-field communication (NFC) technology – which delivers encrypted information between devices – to modernize the payments process, increasing competition and value to consumers and businesses. Expect to see Isis get off the ground in major markets sometime in the next 18 months.
"Our mobile commerce network, through relationships with merchants, will provide an enhanced, more convenient, more personalized shopping experience for consumers," said Michael Abbott, new CEO of Isis, in a statement. "While mobile payments will be at the core of our offering, it is only the start. We plan to create a mobile wallet that ultimately eliminates the need for consumers to carry cash, credit and debit cards, reward cards, coupons, tickets and transit passes."
The teaming of the three major telcos should potentially give more than 200 million people access to the new service. Isis is working with Discover Financial Services to develop a mobile-payment infrastructure for the venture. Barclaycard US is expected to be the first issuer on the network, offering multiple mobile payment products.
Of course, security will be the question on the minds of many American consumers. The carriers say the new system is being designed and built to include strong safeguards to protect your information.
The carriers are likely to face a battle royale with credit behemoths Visa and Mastercard, which have their own mobile-payment ideas. One stumbling block is that handset makers haven’t been in a hurry to install near-field communication chips into their devices since mobile payments haven’t taken off in the U.S.
cliff
Dabears, there were some Booz Allen Hamilton dots to the State Of Virginia back in 2005, when ETS was bundled with Gateway enterprise PCs:
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=8495134
Plus this:
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=8496477
And more recently:
http://www.defenseworld.net/go/defensenews.jsp?n=Northrop Grumman wins $430 million US Army cyber security contract&id=3490
Not a Wave mention in any of them, but the connection seems highly probable.
cliff
Weby, I'm with you on the Atrix.
"... 36 hours battery and with a keyboard."
To access corporate VPNs with 256-bit RSA credentials, Motorola offers its FIPS 140-2 compliant AirBEAM Safe product (http://www.motorola.com/web/Business/Products/Software%20and%20Applications/Mobility%20Software/Mobile%20Security%20Applications/AirBEAM%20Safe/_Documents/Static%20Files/SSLVPN_SS_V4_0808.pdf?localeId=33). But I don't see support for Android.
http://www.technotrick.com/2011/01/motorola-atrix-4g-latest-android-2-2-smartphone-features-reviews/
Motorola Atrix 4G Latest Android 2.2 Smartphone Features & Reviews
January 8th, 2011 Carlos Vassallo
Motorola Atrix 4G Latest Android 2.2 Smartphone Features & Reviews: Motorola Atrix 4G is the latest mobile handset that is based on 4G technology. It comes out with features like 4 inch touchscreen, 5 megapixel camera on rear side which is used to take photos, videos and front facing VGA camera is used for video calling, digital zoom, 1 GB RAM, 1930 mAh battery, 16 GB internal memory storage capacity which can be expandable upto 32 GB, Adobe Flash 10.1, Firefox 3.6 browser, LED flash, HSPA, HD video recording. It runs with dual core 1 GHz processor and it looks very stylish.
Motorola Atrix 4G is available on AT&T network in US and it runs with Android 2.2 Froyo operating system. It has netbook dock on it and it runs 11.6 inch netbook which uses 36 hours battery and with a keyboard. Stay tuned for more updates.
cliff
7 trillion connected devices by 2017; it is a staggeringly-large and complex-to manage technology infrastructure that is being built step-by-step and day-by-day. Investing in the key and not-yet-fulfilled enablers of this infrastructure is a no-brainer ... this is not something that might or could happen. It is happening now.
http://en.wikipedia.org/wiki/Tera-play
Tera-play is the next generation of connectivity supported by communications service providers. While triple play and quadruple play describe multiple communications services offered by the same company, Tera-play describes support for communications services between people and between machines when a trillion devices are connected to the telecommunications network (“Tera-” means trillion). This includes not only phones and personal electronics, but things like cars, TVs, refrigerators and medical devices.
Connected devices
The number of devices connected to the network is predicted to reach 7 trillion by 2017.[1] This has the potential to affect every aspect of daily life, including communication, home, healthcare, education, entertainment, and transportation. Many enabling technologies already exist, and usage is expanding. Tera-play providers will not only connect billions of people to each other but also people to machines and machines to machines. The connection of objects to the network is sometimes referred to as the Internet of Things.
A connected world
The increase in connectivity, smart devices, content, applications, and services will enable a more connected world, which has the potential to revolutionize markets, communities, and entire industries. For example, emerging markets are now receiving access to critical services as result of connected networks and devices. Through m-health initiatives, people in rural areas lacking in healthcare infrastructure can receive medical support. In developed markets, patients will be able to access connected health or telehealth services via remote monitoring systems and “virtual doctor visits” supported in Canada by TELUS and in Germany by Deutsche Telekom. In regions of Africa where banking services are scarce, network connection allows consumers to pay using mobile payment services or m-commerce transactions that support microfinance such as Vodafone’s m-pesa services.
In September 2008, Yankee Group analysts estimated that one out of seven people worldwide were plugged into what they call the “Anywhere Network,” where people are always connected no matter where they are. They have since forecasted that consumer spending on anywhere access and service will total more than $972 billion in 2013.
cliff
OT: Interesting excerpt from transcript from Forbes interview with Julian Assange (go to page 6):
http://blogs.forbes.com/andygreenberg/2010/11/29/an-interview-with-wikileaks-julian-assange/
Forbes: I wanted to ask you about [Peiter Zatko, a legendary hacker and security researcher who also goes by] “Mudge.”
Assange: Yeah, I know Mudge. He’s a very sharp guy.
Forbes: Mudge is now leading a project at the Pentagon’s Defense Advanced Research Projects Agency to find a technology that can stop leaks, which seems pretty relevant to your organization. Can you tell me about your past relationship with Mudge?
Assange: Well, I…no comment.
Forbes: Were you part of the same scene of hackers? When you were a computer hacker, you must have known him well.
Assange: We were in the same milieu. I spoke with everyone in that milieu.
Forbes: What do you think of his current work to prevent digital leaks inside of organizations, a project called Cyber Insider Threat or Cinder?
Assange: I know nothing about it.
Forbes: But what do you <think> of the potential of any technology designed to prevent leaks?
Assange: Marginal.
Forbes: What do you mean?
Assange: New formats and new ways of communicating are constantly cropping up. Stopping leaks is a new form of censorship. And in the same manner that very significant resources spent on China’s firewall, the result is that anyone who’s motivated can work around it. Not just the small fraction of users, but anyone who really wants to can work around it.
Censorship circumvention tools [like the program Tor] also focus on leaks. They facilitate leaking.
Airgapped networks are different. Where there’s literally no connection between the network and the internet. You may need a human being to carry something. But they don’t have to intentionally carry it. It could be a virus on a USB stick, as the Stuxnet worm showed, though it went in the other direction. You could pass the information out via someone who doesn’t know they’re a mule.
Forbes: Back to Mudge and Cinder: Do you think, knowing his intelligence personally, that he can solve the problem of leaks?
Assange: No, but that doesn’t mean that the difficulty can’t be increased. But I think it’s a very difficult case, and the reason I suggest it’s an impossible case to solve completely is that most people do not leak. And the various threats and penalties already mean they have to be highly motivated to deal with those threats and penalties. These are highly motivated people. Censoring might work for the average person, but not for highly motivated people. And our people are highly motivated.
Mudge is a clever guy, and he’s also highly ethical. I suspect he would have concerns about creating a system to conceal genuine abuses.
Forbes: But his goal of preventing leaks doesn’t differentiate among different types of content. It would stop whistleblowers just as much as it stops exfiltration of data by foreign hackers.
Assange: I’m sure he’ll tell you China spies on the U.S., Russia, France. There are genuine concerns about those powers exfiltrating data. And it’s possibly ethical to combat that process. But spying is also stabilizing to relationships. Your fears about where a country is or is not are always worse than the reality. If you only have a black box, you can put all your fears into it, particularly opportunists in government or private industry who want to address a problem that may not exist. If you know what a government is doing, that can reduce tensions.
cliff
waveytrain, please stop posting drivel ...
http://www.computerworld.com/s/article/9180872/HP_s_Fortify_buy_puts_spotlight_on_obscure_but_important_niche
Privately-held Fortify will provide HP with a set of technologies for on-premise testing of applications through all stages of the development process through deployment.
The planned acquisition complements HP's 2007 purchase SPI Dynamics, a vendor of Web application security products. Fortify will also give HP the means to match IBM's range of static and dynamic analysis tools that help companies test applications during the coding and testing stages, as well as the deployment phase.
cliff
For Weby, on a slow day and against my better judgement:
http://video.yahoo.com/watch/4953703/13188504
cliff
Smart Meters Not So Smart
http://www.tmforum.org/community/blogs/industry-insider/archive/2010/06/30/smart-meters-not-so-smart.aspx
Don’t think for one minute that CSPs have billing and, more particularly, ‘bill shock’ issues all to themselves. The move to ‘smart metering’ for some utility companies in the USA is proving to be a minefield.
According to Wikipedia, a smart meter is an advanced meter (usually an electrical meter) that identifies consumption in more detail than a conventional meter; and optionally, but generally, communicates that information via some network back to the local utility for monitoring and billing purposes (telemetering).
Utility companies are selling the virtues of smart meters as cost saving devices that can monitor energy usage in each household, utilize lower cost off-peak periods and warn the occupant of excessive usage and even limit energy delivery to avoid blackouts at times of extreme usage. (Nobody seems to mention the demise of the 'meter reader' that used to ply our streets and the costs savings achieved as he disappears.) In theory, as more and more appliances are fitted with their own communications chips and IP address it should be possible to monitor energy usage of individual units in the household.
However, as California based Pacific Gas and Electric Co. (PG&E) has discovered, you need to get things right the first time or face the wrath of customers and regulators. When PG&E started rolling smart electricity meters in San Francisco they had a surge in complaints from customers reporting their bills had increased dramatically and inexplicably. It wasn’t just one or two, but tens of thousands.
Some customers were told that the increases were due to the fact that the previous meters were inaccurate and that the new smart meters were recording everything more accurately! Despite protest meetings held by disgruntled consumers and an investigation by a CBS TV affiliate, PG&E resolutely held firm even when it was discovered that some meters had been installed incorrectly.
But it now appears the gig is up as San Francisco's City Attorney, Dennis Herrera, has asked state regulators to stop Pacific Gas and Electric Co. from continuing to install its controversial SmartMeters pending the completion of an official inquiry into the meters' accuracy.
"Common sense should argue against installing millions of defective SmartMeters until their problems are fixed, and questions about their accuracy are fully resolved," Herrera said in a news release. "Unfortunately, when a company lacks common sense, it means regulators need to do their job to protect the public interest."
What may be an even bigger concern for smart meter rollouts worldwide is the growing number of reports regarding their overall security. InGuardians, a security consulting company, was hired by three utilities to test the vulnerability of smart meters from five manufacturers and the systems used to manage them.
The results were that smart meters, which create a network link between customers and utilities, have a number of potential vulnerabilities that could lead to scenarios such as a third party remotely turning someone's power on or off.
This is like a case of ‘deja vu’ if you’ve been working in communications for even a short period. One has to wonder if utilities companies are naive or have simply turned a blind eye to all the same issues that have beset our industry for years. Maybe we should be more proactive in suggesting that they follow some of the TM Forum’s Frameworx to head off these issues. Either way, it seems that utilities certainly know how to deliver energy and water, but we know all about comms. Maybe we should be working more closely together as we strive to develop ‘smart pipes’ and they, ‘smart grids’.
cliff
awk, I wonder if the patents provide some participation in (and protection from) the data centre domain belonging to LSI and IBM, or are associated only to Seagate and OPAL.
cliff
FORD OFFERS SECURITY FEATURES TO PROTECT OWNERS' PERSONAL INFORMATION AS CARS, INTERNET CONVERGE
http://www.gminsidenews.com/forums/f57/ford-offers-security-features-protect-owners-personal-information-89804/
DEARBORN, Mich., March 8, 2010 – With the rapid convergence of in-car technology and the Internet, Ford Motor Company said today it is offering a suite of security features to protect the personal information of millions of Ford owners from the threat of computer hackers and viruses.
Protecting customers is critical as Ford moves to the forefront of in-car personal technology. Ford's popular SYNC system allows owners to connect digital media players and Bluetooth-enabled mobile phones to their vehicle's entertainment system and operate them with voice commands. The mobile phone also is a gateway to a number of Internet "cloud" services through SYNC's Traffic, Directions and Information application that provides turn-by-turn directions, business searches and more.
As a result, Ford is adapting methods and technologies most often associated with the fast-paced IT world to secure its mobile device-to-car connections from unwanted entry. Think firewalls, virus protection and password-controlled access.
"Ford Motor Company delivers highly advanced technology and entertainment platforms that, just like a consumer's laptop or smart phone, need to have security features built into it," said Jim Buczkowski, director, Ford Electronics and Electrical Systems Engineering. "Consumers want and need to know that their personal or professional information in their vehicle is specific only to them."
Recent industry data shows that more than 11 million people in the U.S. were victims of identity theft and fraudulent accounts in 2009 – with nearly a third of fraudulent accounts opened via mobile phone technology. As the use of smartphones escalates – with 174 million shipped globally in 2009 alone – concern over identity and information theft continues to rise.
Safeguards
To give customer peace of mind that their private information is protected, concealed and secure while in the vehicle, Ford is offering the following security features:
•SYNC Firewall: With the launch of MyFord Touch for the 2011 model year, Ford is adding WiFi "hot spot" broadcasting through SYNC using a USB-connected broadband modem. To prevent unauthorized access and combat piggybackers, Ford has built in firewalls to both the wireless network and the vehicle. Using the SYNC WiFi system, a signal will be broadcast throughout the vehicle. Default security is set to WiFi Protected Access 2 (WPA2), requiring users to enter a randomly chosen password to connect to the Internet. When SYNC sees a new WiFi device for the first time, the driver must specifically allow that device to connect, preventing piggybacking on the SYNC-provided signal.
•SYNC Phone Pairing Protection: The one-time pairing of a phone to SYNC is a simple process through Bluetooth wireless connectivity technology allowing up to 12 cell phones to be recognized by system. The short-range nature of Bluetooth technology makes SYNC's connection to a paired cell phone's stored information – contact lists and address books – possible only when the phone is inside the vehicle. If there's no phone in the cabin, the wireless connection is broken and there's no evidence of stored data for invaders to collect.
•Encrypted Jukebox: Ford's onboard "Jukebox," which allows customers to download music onto a hard drive, has built-in digital rights management and encryption features. The encryption is unique to each navigation unit, which means the hard drive can't be removed, inserted into another vehicle's navigation system and accessed. In addition, hackers can't access the drive from another computer and enjoy those favorite tunes. Customers don't have to worry about someone hopping in their car sight unseen, plugging in a USB stick and doing a quick download of their personal music library, either. The Ford proprietary encryptions protect any songs saved to the system's digital jukebox – which can hold up to 2,400 tracks – from being moved or copied to another device.
•"Home" Protection: Ford also gives customers with voice-activated navigation the ability to protect their programmed destinations and addresses – such as "Home" – from unauthorized eyes. A valet mode can be engaged on the system that locks all programmed destinations from view unless a 4-digit PIN is entered with each ignition key cycle. MyFord Touch will also offer a valet mode.
•Engine Immobilizer: To help protect the vehicle, the mobile hub for all this personal information, Ford depends on SecuriLock. This patented passive anti-theft system prevents the engine from starting unless a coded ignition key is used. With SecuriLock, a wireless radio-frequency transmission is required to transfer an electronic code between a transponder in the key to the vehicle's ignition system. There are 72 million-billion possible codes so every Ford vehicle sold worldwide for the next 10 billion years will come with a unique code.
•Securicode Keyless Entry: The Ford-exclusive keypad gives customers the ability to lock their key fob in the car if they desire (consider not having to worry about losing the expensive fob when biking a mountain trail, sunning on the beach or jamming at a rock concert). Securicode works on a secure 5-digit code. The latest iteration of the keypad employs similar touch-sensitive technology, processors and algorithms used by the iPod and iPhone.
cliff
oclv99, I think that's very interesting!! Nice find, thanks for sharing. Tsunami07 unearthed something about this as well (http://investorshub.advfn.com/boards/read_msg.aspx?message_id=43998424) a while back.
Case in point here, under Advanced Features section on pasge 1:
http://www.arubanetworks.com/pdf/products/DS_AP120-121.pdf
Also interesting, and introduciong TNC and FIPS into the discussion:
http://www.arubanetworks.com/technology/high_security.php
We haven't heard much about ERAS and management of these network elements. ERAS currently is IT-oriented, and an overlay of Active Directory. Management requirements of the secure network will be fulfilled through the vendor element management systems, my guess is that the unit cost is much higher than for AD endpoints.
We know that Juniper is listed as a partner ... Aruba as well?
cliff
Ramsey2, the contract was for software licenses and support, no word on who is getting the services.
I was hoping it was HP/EDS, and that we'd maybe see a ripple effect over to the Navy business from last year.
But if HP is steak then Dell is no less, and I agree with your comments. I wonder if/how Perot Systems is involved, and how that adds to the bottom line. Also, the contract is SED-centric ... how soon before we begin to see TPM-centric action.
This is a bellwether account to watch going forward.
cliff
Snackman, SKS referred to an automaker in one of the quarterly calls last year ... indicating that there was something in the pipeline, but that economics were a problem (eg. don't want payment in the form of minivans). I'm thinking it was GM.
The various comments on the industry value chain are spot-on. Consider that i) EDS has managed the vast GM internal network for years now, and ii) EDS has known Wave for years, and iii) HP purchased EDS last year, and iv) the re-seller agreement with HP was signed in Nov 2009.
Also consider the HP/EDS track record at GM:
http://www.hp.com/hpinfo/newsroom/press/2006/060202xa.html
http://www.informationweek.com/news/global-cio/outsourcing/showArticle.jhtml?articleID=60403719
It seems likely that after all this time, we have something substantial going with HP, and that there is finally a return for the 2002 collaboration with EDS on the Trust Assurance Network.
cliff
nelzoni, try here (Q45 chipsets only):
http://www.intel.com/cd/channel/reseller/apac/eng/products/desktop/board/executive/265171.htm
Intel® Desktop Boards Executive Series
DQ45EK
DQ45CB
I rebuilt a desktop last year using the DQ45CB, actually set up as a media center (hint - not really taking advantage of the TPM). It was straightforward, just required some patience for transitioning & repartitioning existing hard-drives. Plus, there are many on-line tutorials available.
I just finished migrating my business laptop over to the rebuilt desktop, now have some reason to look into activating Embassy.
Ready for the cloud ...
cliff