Official Mobile Security & Innovative Technologies Blog
This blog is managed/edited by Eric Everson. The purpose of this blog is to discuss common threats and solutions that exist within the mobile community in addition to the intricacies of innovative technologies and the markets therein.
Thank you for taking the time to review my blog; I am Eric Everson the founder of MyMobiSafe.com. In addition to my duties at MyMobiSafe, LLC I am also a full-time graduate student and mobile industry researcher. As a mobile security expert and innovative technologies leader, I am glad to answer any questions you may have: EricEverson@Hotmail.com
Thursday 2 April 2009, 5:05 PM
Small Business: Thriving By Surviving The New Economy
Small Business: Thriving By Surviving The New Economy
Author: Eric Everson
For those of us with the audacity to remain firmly planted in our entrepreneurial pursuits despite the economic implosion around us, we face the trials of the new economy. While most media outlets are hinged on this word “recession” those of us running small businesses have come to know it as “reality”.
There is a simple fact that many people are losing their jobs throughout the world. While economists point their fingers at outsourcing and poor economic policy, it is we entrepreneurs that remain knee deep in what is emerging as the new economy. Personally, I am the founder of MyMobiSafe.com, we are a small mobile security company based out of Atlanta, GA, USA. For us the economic downturn had a profound effect on our business. We were beginning to gain some traction in the B2B mobile security sector and then the market started to change drastically. Companies began tightening their digital security expenditures which in turn meant we were losing customers. We came to realize that we could fold to the market pressure or do what entrepreneurs do best – innovate!
While we are still ironing out the wrinkles, we had to change our business into new areas. For us research has become a key element of our business model as it has always been one of our internal strengths as a company. We are now helping companies throughout the wireless industry with their research needs – both security-based and otherwise. Interestingly what we discovered in this transition is that by focusing on your core strengths you can begin to leverage your existing resources in ways that you never though possible before.
While our research doesn’t directly utilize the patent-pending MyMobiSafe Distribution Engine that empowers our brand as a mobile content distributor, it has allowed us to create key revenue streams that are allowing us to survive. Not to add a shameless plug, but if your company is in need of some mobile industry research, now you’ll know who to call. With companies closing their doors all around us, what we have identified above all else is that the new economy – the one we are all living each day – is one of survival.
In today’s new economy surviving is the new thriving! If you are a small business owner concerned with how you are going to keep your doors open, look inside your own company to find what core strengths have carried you this far already. If you can find a way to leverage those strengths in a way that generates new avenues of profit, chances are you too will thrive as a survivor of the new economy.
Eric Everson, Founder
MyMobiSafe.com
EricEverson@Hotmail.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Author: Eric Everson
For those of us with the audacity to remain firmly planted in our entrepreneurial pursuits despite the economic implosion around us, we face the trials of the new economy. While most media outlets are hinged on this word “recession” those of us running small businesses have come to know it as “reality”.
There is a simple fact that many people are losing their jobs throughout the world. While economists point their fingers at outsourcing and poor economic policy, it is we entrepreneurs that remain knee deep in what is emerging as the new economy. Personally, I am the founder of MyMobiSafe.com, we are a small mobile security company based out of Atlanta, GA, USA. For us the economic downturn had a profound effect on our business. We were beginning to gain some traction in the B2B mobile security sector and then the market started to change drastically. Companies began tightening their digital security expenditures which in turn meant we were losing customers. We came to realize that we could fold to the market pressure or do what entrepreneurs do best – innovate!
While we are still ironing out the wrinkles, we had to change our business into new areas. For us research has become a key element of our business model as it has always been one of our internal strengths as a company. We are now helping companies throughout the wireless industry with their research needs – both security-based and otherwise. Interestingly what we discovered in this transition is that by focusing on your core strengths you can begin to leverage your existing resources in ways that you never though possible before.
While our research doesn’t directly utilize the patent-pending MyMobiSafe Distribution Engine that empowers our brand as a mobile content distributor, it has allowed us to create key revenue streams that are allowing us to survive. Not to add a shameless plug, but if your company is in need of some mobile industry research, now you’ll know who to call. With companies closing their doors all around us, what we have identified above all else is that the new economy – the one we are all living each day – is one of survival.
In today’s new economy surviving is the new thriving! If you are a small business owner concerned with how you are going to keep your doors open, look inside your own company to find what core strengths have carried you this far already. If you can find a way to leverage those strengths in a way that generates new avenues of profit, chances are you too will thrive as a survivor of the new economy.
Eric Everson, Founder
MyMobiSafe.com
EricEverson@Hotmail.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Wednesday 1 April 2009, 3:56 PM
Conficker Not Targeting Microsoft Windows Mobile Devices
Conficker Not Targeting Microsoft Windows Mobile Devices
Author: Eric Everson, MyMobiSafe
With the digital security world buzzing today due to the recent mutations of the infamous Conficker virus, many mobile users are concerned that their Windows Mobile handset could be in jeopardy too. The reality is that this Conficker scare is actually just computer-based and so far we haven’t been able to identify any mobile-based variants that allow this threat to bleed into the mobile industry.
Despite the advances in sophistication that the Windows Mobile Operating System has undergone, the reality is that the computer-based Windows environment remains much more robust. This differentiation leaves Windows Mobile devices much less at risk for this type of attack. What many media outlets have done to create awareness has actually created an environment of confusion for many users. At a high level while you do not want your system to get infected by the Conficker virus, it’s not a malware designed to destroy your computer either.
Overall, this malware has been designed to create a gateway between your computer and those behind Conficker so that an environment conducive to spamming and data theft is established. This is nothing like the viruses of days past that are completely malicious in nature and destroy everything in their path. Conficker to most digital security experts marks a new shift in the sophistication and direction of mobile malware. Rather than creating destructive havoc, the Conficker platform is more specifically designed to create a “black market” tool for e-commerce. Unfortunately the very existence of Conficker confirms the reality of that hackers stand to make significant profit by developing tools that target your digital information.
While a number of threats do attempt to exploit vulnerabilities within the Windows Mobile environment, so far Conficker is not a threat that mobile users should fear. As Windows Mobile can be a cornerstone of small businesses on the go, it seems that for now Conficker is one less thing to worry about. I appreciate the flood of emails on the topic and I’ll try my best to reply to everyone as soon as I can. The interest in this threat from a mobile industry perspective sheds new light on the importance of the mobile environment of digital security. I expect to see many of the digital security companies gain a renewed interest in mobile as a result of this high-profile security threat.
As always, I’m working to keep you informed on the latest developments in mobile security. Feel free to post your comments or send me email… on a day like this I’ll do my best to keep my Inbox from getting too backlogged.
Your mobile security guru,
Eric E – The MobileTech
Eric Everson – Founder MyMobiSafe.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Author: Eric Everson, MyMobiSafe
With the digital security world buzzing today due to the recent mutations of the infamous Conficker virus, many mobile users are concerned that their Windows Mobile handset could be in jeopardy too. The reality is that this Conficker scare is actually just computer-based and so far we haven’t been able to identify any mobile-based variants that allow this threat to bleed into the mobile industry.
Despite the advances in sophistication that the Windows Mobile Operating System has undergone, the reality is that the computer-based Windows environment remains much more robust. This differentiation leaves Windows Mobile devices much less at risk for this type of attack. What many media outlets have done to create awareness has actually created an environment of confusion for many users. At a high level while you do not want your system to get infected by the Conficker virus, it’s not a malware designed to destroy your computer either.
Overall, this malware has been designed to create a gateway between your computer and those behind Conficker so that an environment conducive to spamming and data theft is established. This is nothing like the viruses of days past that are completely malicious in nature and destroy everything in their path. Conficker to most digital security experts marks a new shift in the sophistication and direction of mobile malware. Rather than creating destructive havoc, the Conficker platform is more specifically designed to create a “black market” tool for e-commerce. Unfortunately the very existence of Conficker confirms the reality of that hackers stand to make significant profit by developing tools that target your digital information.
While a number of threats do attempt to exploit vulnerabilities within the Windows Mobile environment, so far Conficker is not a threat that mobile users should fear. As Windows Mobile can be a cornerstone of small businesses on the go, it seems that for now Conficker is one less thing to worry about. I appreciate the flood of emails on the topic and I’ll try my best to reply to everyone as soon as I can. The interest in this threat from a mobile industry perspective sheds new light on the importance of the mobile environment of digital security. I expect to see many of the digital security companies gain a renewed interest in mobile as a result of this high-profile security threat.
As always, I’m working to keep you informed on the latest developments in mobile security. Feel free to post your comments or send me email… on a day like this I’ll do my best to keep my Inbox from getting too backlogged.
Your mobile security guru,
Eric E – The MobileTech
Eric Everson – Founder MyMobiSafe.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Thursday 26 March 2009, 3:07 PM
CanSecWest Security Conference: $10K to Hack Your SmartPhone
CanSecWest Security Conference: $10K to Hack Your SmartPhone
Author: Eric Everson
Admittedly I was not in attendance at this year’s CanSecWest Security Conference, but as CNet.com confirms big money was being offered to hackers to exploit mobile devices.
According to the article, “That innocent-looking mobile phone you use to call your mother and check e-mail represents the next frontier for malicious hackers, though it eluded researchers who stood to earn $10,000 for exploiting a smartphone at the CanSecWest security conference this week. TippingPoint Technologies, which sponsors a Pwn2Own hacking contest each year at the event, was offering the prize money for each successful exploit of an iPhone, BlackBerry, and phones running Google's Android, Windows Mobile, and Symbian operating systems.”
Masqueraded as “research” apparently we don’t have enough problems with mobile hackers, thus prize money is now being attached to hacking Mobile Operating Systems (MOPS). Having been in the mobile security industry since 2005, I found it interesting to see the apparent divide between the skill levels of computer- versus mobile-based hackers from this event. Despite the prize money the computer-based hackers merely fumbled in the streamlined MOPS environment and were ultimately unsuccessful (at the CanSecWest event) at exploiting the security vulnerabilities of the mobile devices. This, as mobile-based hackers know, is due to the approach that was used, not because these mobile platforms are impregnable.
One other interesting tidbit from the CanSecWest event (mostly because it supports my long-held position on the matter) was when the founder of the event Dragos Ruiu noted, “"I carry two phones at any one time… and now, they are more capable computers." Is this further proof that mobile devices are displacing computer futures… you know where I stand, so I’ll let you decide.
Article In Ref: Mobile: The holy grail at security conference: http://news.cnet.com/8301-1009_3-10201356-83.html
Your friend and loyal researcher of mobile security,
Eric Everson – A.K.A: “The MobileTech”
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Author: Eric Everson
Admittedly I was not in attendance at this year’s CanSecWest Security Conference, but as CNet.com confirms big money was being offered to hackers to exploit mobile devices.
According to the article, “That innocent-looking mobile phone you use to call your mother and check e-mail represents the next frontier for malicious hackers, though it eluded researchers who stood to earn $10,000 for exploiting a smartphone at the CanSecWest security conference this week. TippingPoint Technologies, which sponsors a Pwn2Own hacking contest each year at the event, was offering the prize money for each successful exploit of an iPhone, BlackBerry, and phones running Google's Android, Windows Mobile, and Symbian operating systems.”
Masqueraded as “research” apparently we don’t have enough problems with mobile hackers, thus prize money is now being attached to hacking Mobile Operating Systems (MOPS). Having been in the mobile security industry since 2005, I found it interesting to see the apparent divide between the skill levels of computer- versus mobile-based hackers from this event. Despite the prize money the computer-based hackers merely fumbled in the streamlined MOPS environment and were ultimately unsuccessful (at the CanSecWest event) at exploiting the security vulnerabilities of the mobile devices. This, as mobile-based hackers know, is due to the approach that was used, not because these mobile platforms are impregnable.
One other interesting tidbit from the CanSecWest event (mostly because it supports my long-held position on the matter) was when the founder of the event Dragos Ruiu noted, “"I carry two phones at any one time… and now, they are more capable computers." Is this further proof that mobile devices are displacing computer futures… you know where I stand, so I’ll let you decide.
Article In Ref: Mobile: The holy grail at security conference: http://news.cnet.com/8301-1009_3-10201356-83.html
Your friend and loyal researcher of mobile security,
Eric Everson – A.K.A: “The MobileTech”
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Wednesday 11 March 2009, 7:10 PM
Mobile Malware: The JavaMite Evolution in Digital Security
Mobile Malware: The JavaMite Evolution in Digital Security
Author: Eric Everson, Founder MyMobiSafe.com
The landscape of digital security is evolutionary in nature. From one malware variant to the next, malware represents a means of interrupting digital norms. Occasionally there comes an evolution in technology that is so profound that it carries the ability to transcend all future developments. In such a paradigm shift, the digital landscape as we know it can become transcended to new heights. Such is the case for the latest form of mobile malware, the JavaMite.
As defined, “a JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” As an evolutionary form of mobile malware, this development stands to redefine the norms of mobile security. JavaMite malware has such a profound dynamic due to its overwhelming scalability given the modern mobile environment.
As upwards of 86% of handsets are Java-enabled this renders JavaMites as the most threatening class of mobile malware to surface – relative to its prospective mass industry epidemiology. Though currently there is not a JavaMite variant capable of mass market threat, this is exactly the medium that mobile malware could use to target unprecedented numbers of mobile handsets. The limitations that massive attacks face are primarily underpinned by handset processing capabilities, though there is no limit on the sophistications that JavaMites can embody.
In short, JavaMites are the newest form of mobile security threat to emerge and likewise represent the greatest opportunity for globalized attacks to mobile devices. Given the many formalities that have shaped the emergence of this unique mobile malware, JavaMites likely represent the basis of next generation mobile malware developments.
As we continue to rely on our mobile devices as a critical element of communication, JavaMites represent a paradigm shift in digital security for governments and businesses alike.
Keeping you informed,
“The MobileTech”
Eric Everson, Founder – MyMobiSafe.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Author: Eric Everson, Founder MyMobiSafe.com
The landscape of digital security is evolutionary in nature. From one malware variant to the next, malware represents a means of interrupting digital norms. Occasionally there comes an evolution in technology that is so profound that it carries the ability to transcend all future developments. In such a paradigm shift, the digital landscape as we know it can become transcended to new heights. Such is the case for the latest form of mobile malware, the JavaMite.
As defined, “a JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” As an evolutionary form of mobile malware, this development stands to redefine the norms of mobile security. JavaMite malware has such a profound dynamic due to its overwhelming scalability given the modern mobile environment.
As upwards of 86% of handsets are Java-enabled this renders JavaMites as the most threatening class of mobile malware to surface – relative to its prospective mass industry epidemiology. Though currently there is not a JavaMite variant capable of mass market threat, this is exactly the medium that mobile malware could use to target unprecedented numbers of mobile handsets. The limitations that massive attacks face are primarily underpinned by handset processing capabilities, though there is no limit on the sophistications that JavaMites can embody.
In short, JavaMites are the newest form of mobile security threat to emerge and likewise represent the greatest opportunity for globalized attacks to mobile devices. Given the many formalities that have shaped the emergence of this unique mobile malware, JavaMites likely represent the basis of next generation mobile malware developments.
As we continue to rely on our mobile devices as a critical element of communication, JavaMites represent a paradigm shift in digital security for governments and businesses alike.
Keeping you informed,
“The MobileTech”
Eric Everson, Founder – MyMobiSafe.com
Eric Everson is a leading mobile technologies researcher and is the founder of MyMobiSafe.com. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Wednesday 4 March 2009, 5:02 PM
JavaMites: Next Generation Mobile Security Threats
JavaMites: Next Generation Mobile Security Threats
Author: Eric Everson – Founder, MyMobiSafe.com
As you may be familiar, upwards of 86% of mobile devices are now Java-enabled. This mass scale Java adoption in mobile is merely a result of the interoperability issues third-party content developers faced throughout the wireless industry. Java has been critical in the mobile environment for allowing an abundance of content to become accessible to users that would have otherwise faced interoperability hurdles caused by Mobile Operating Systems (MOPS). While the migration of creating Java-enabled handsets have been welcomed by millions starved for quality mobile content, the introduction of JavaMites has opened a new chapter of mobile security.
As defined in my Whitepaper (JavaMites: The Emerging Universal Mobile Threat 1Q09) a “JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” This is a technical way of saying that if your handset is Java-enabled (as most of ours now are) there is a new form of mobile malware that you should be aware of.
How new is it? In all honesty this cutting-edge form of mobile malware began surfacing towards the end of 2008, but was not successfully executed until a few weeks ago. You may have heard about that mobile virus (more technically referred to as JavaMite file: Trojan-SMS.J2ME.GameSat.a) that targeted handsets in Indonesia to successfully override their handsets to transfer money from their mobile banking accounts. This was the first documented JavaMite attack that has been recorded, but unfortunately due to its success will not be the last of its kind.
Why are these “JavaMites” so different that anything else? Simply put, this form of mobile malware forces the curtains open to expose the pregnable weakness of nearly every mobile device. With the ability to infect the masses, JavaMites offer the first global platform for mobile security vulnerability. Much of this technology development has been driven by the availability of Open Source MOPS Software Development Kits (SDK) as JavaMite malware can now effectively gain control of the operating files (the sandbox of the handset) that were once inaccessible given a Java SDK alone.
This is an emerging threat that has yet to become a mainstream concern. As a safeguard, be very cautious when opening emails with attachments and when downloading new applications/content with your mobile device. Since the bulk of handsets are Java-enabled, the days of mobile malware targeting only one MOPS are behind us. We expect to see JavaMites emerge as the preferred platform of next generation mobile malware due to its ability to infect handsets by the masses. In short, whether you are an individual from a small business or one at a major corporate enterprise you share the same risks against JavaMites - these things are really scary!
As always, I’ll keep you up to date on the developments in this area.
Your friend in mobile security,
Eric E - “AKA: The MobileTech”
Eric Everson is a leading mobile security researcher and is the founder of MyMobiSafe.com: The Infrastructure of Delivery; The Future of Mobile Security. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Author: Eric Everson – Founder, MyMobiSafe.com
As you may be familiar, upwards of 86% of mobile devices are now Java-enabled. This mass scale Java adoption in mobile is merely a result of the interoperability issues third-party content developers faced throughout the wireless industry. Java has been critical in the mobile environment for allowing an abundance of content to become accessible to users that would have otherwise faced interoperability hurdles caused by Mobile Operating Systems (MOPS). While the migration of creating Java-enabled handsets have been welcomed by millions starved for quality mobile content, the introduction of JavaMites has opened a new chapter of mobile security.
As defined in my Whitepaper (JavaMites: The Emerging Universal Mobile Threat 1Q09) a “JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” This is a technical way of saying that if your handset is Java-enabled (as most of ours now are) there is a new form of mobile malware that you should be aware of.
How new is it? In all honesty this cutting-edge form of mobile malware began surfacing towards the end of 2008, but was not successfully executed until a few weeks ago. You may have heard about that mobile virus (more technically referred to as JavaMite file: Trojan-SMS.J2ME.GameSat.a) that targeted handsets in Indonesia to successfully override their handsets to transfer money from their mobile banking accounts. This was the first documented JavaMite attack that has been recorded, but unfortunately due to its success will not be the last of its kind.
Why are these “JavaMites” so different that anything else? Simply put, this form of mobile malware forces the curtains open to expose the pregnable weakness of nearly every mobile device. With the ability to infect the masses, JavaMites offer the first global platform for mobile security vulnerability. Much of this technology development has been driven by the availability of Open Source MOPS Software Development Kits (SDK) as JavaMite malware can now effectively gain control of the operating files (the sandbox of the handset) that were once inaccessible given a Java SDK alone.
This is an emerging threat that has yet to become a mainstream concern. As a safeguard, be very cautious when opening emails with attachments and when downloading new applications/content with your mobile device. Since the bulk of handsets are Java-enabled, the days of mobile malware targeting only one MOPS are behind us. We expect to see JavaMites emerge as the preferred platform of next generation mobile malware due to its ability to infect handsets by the masses. In short, whether you are an individual from a small business or one at a major corporate enterprise you share the same risks against JavaMites - these things are really scary!
As always, I’ll keep you up to date on the developments in this area.
Your friend in mobile security,
Eric E - “AKA: The MobileTech”
Eric Everson is a leading mobile security researcher and is the founder of MyMobiSafe.com: The Infrastructure of Delivery; The Future of Mobile Security. If you would like to contact Eric Everson for interview or with research related inquiries contact him directly at EricEverson@Hotmail.com.
Previous
