Official Mobile Security & Innovative Technologies Blog
This blog is managed/edited by Eric Everson. The purpose of this blog is to discuss common threats and solutions that exist within the mobile community in addition to the intricacies of innovative technologies and the markets therein.
Thank you for taking the time to review my blog; I am Eric Everson the founder of MyMobiSafe.com. In addition to my duties at MyMobiSafe, LLC I am also a full-time graduate student and mobile industry researcher. As a mobile security expert and innovative technologies leader, I am glad to answer any questions you may have: EricEverson@Hotmail.com
Monday 16 February 2009, 3:20 PM
Mobile Banking Safe? Not So Much… Happy Valentines?
Mobile Banking Safe? Not So Much… Happy Valentines?
Author: Eric Everson; Founder MyMobiSafe.com
How many times do we have to read analyst’s sugar coating the threats that mobile banking faces? As a lead researcher and mobile security expert at MyMobiSafe, let me just say for the record that mobile banking is not secure.
With so many millions of dollars in infrastructure behind mobile banking, it is in the banks best interest to promote the security of this emerging medium, but at whose expense? I recently read an article from a reliable news site that essentially suggested that there are no mobile viruses designed to attack mobile banking. So what about the mobile malware file “Trojan-SMS.J2ME.GameSat.a”?
For those of you unfamiliar with this particular mobile virus, this is one of the first broad spectrum mobile viruses to target the mobile banking industry. In fact given its J2ME origin, this little application masquerading around as a cute dating/chat application might prove to be one of the bigger threats given the time to spawn more targeted variants. This particular malware is currently growing in popularity in the Asian market however given its success, it is expected that a variant will be making its way toward your market soon enough.
Those of you that read my entries know that it is from academic roots that I attempt to cut through the façade with regard to mobile security. Rather than just paint a picture of a perfect secure mobile environment, I’ll do my best to not only tell you that there is a threat but back it up with as much as the file name/origin. The truth is that this application must be loaded on to your handset with your permission even if it arrives via your inbox. The problem is that in pure Trojan nature, you think you’re getting a dating/chat application and you end up with a malware that attempts to access your mobile banking registries to transfer your money away.
With Valentines Day looming in the so recent past, don’t let your search for love steer you into the dating/chat application that is really the more dangerous “Trojan-SMS.J2ME.GameSat.a” file. If you are a small business owner or just another cell phone user, stay alert!
Your go-to guy in mobile security!
Eric Everson “The MobileTech”
Eric Everson, Founder MyMobiSafe.com. If you have any questioned related to mobile security, contact me at EricEverson@Hotmail.com.
Author: Eric Everson; Founder MyMobiSafe.com
How many times do we have to read analyst’s sugar coating the threats that mobile banking faces? As a lead researcher and mobile security expert at MyMobiSafe, let me just say for the record that mobile banking is not secure.
With so many millions of dollars in infrastructure behind mobile banking, it is in the banks best interest to promote the security of this emerging medium, but at whose expense? I recently read an article from a reliable news site that essentially suggested that there are no mobile viruses designed to attack mobile banking. So what about the mobile malware file “Trojan-SMS.J2ME.GameSat.a”?
For those of you unfamiliar with this particular mobile virus, this is one of the first broad spectrum mobile viruses to target the mobile banking industry. In fact given its J2ME origin, this little application masquerading around as a cute dating/chat application might prove to be one of the bigger threats given the time to spawn more targeted variants. This particular malware is currently growing in popularity in the Asian market however given its success, it is expected that a variant will be making its way toward your market soon enough.
Those of you that read my entries know that it is from academic roots that I attempt to cut through the façade with regard to mobile security. Rather than just paint a picture of a perfect secure mobile environment, I’ll do my best to not only tell you that there is a threat but back it up with as much as the file name/origin. The truth is that this application must be loaded on to your handset with your permission even if it arrives via your inbox. The problem is that in pure Trojan nature, you think you’re getting a dating/chat application and you end up with a malware that attempts to access your mobile banking registries to transfer your money away.
With Valentines Day looming in the so recent past, don’t let your search for love steer you into the dating/chat application that is really the more dangerous “Trojan-SMS.J2ME.GameSat.a” file. If you are a small business owner or just another cell phone user, stay alert!
Your go-to guy in mobile security!
Eric Everson “The MobileTech”
Eric Everson, Founder MyMobiSafe.com. If you have any questioned related to mobile security, contact me at EricEverson@Hotmail.com.
Wednesday 11 February 2009, 12:27 PM
Rural Medicine Getting SmartPhone Overhaul
Rural Medicine Getting SmartPhone Overhaul
Author: Eric Everson, Founder MyMobiSafe.com
In the medical field of rural medicine, access to technology can provide drastic improvements in patient health. As Health Editor, Madeleine Brindley pointed out yesterday SmartPhones are creating vast improvements in this critical health field.
As noted, “The 140 district nurses in Powys have become the first in Wales to be given smart phones in a bid to reduce the amount of time they spend on paperwork. The phones allow them to access vital patient information at the touch of a button while visiting patients in the community.”
Despite all of the issues that we discuss related to the complexities of these handsets, it’s always good to see the application of mobile technology to advance the treatment of healthcare. As rural healthcare is a global issue, certainly mobile technology has the ability to play a pivotal role in advancing the quality of care.
Your go-to guy in mobile security,
Eric E - “The MobileTech”
Eric Everson, Founder MyMobiSafe.com
EricEverson@Hotmail.com
In Ref. to: http://allnurses.com/nursing-news/futuristic-phones-bring-369285.html
Author: Eric Everson, Founder MyMobiSafe.com
In the medical field of rural medicine, access to technology can provide drastic improvements in patient health. As Health Editor, Madeleine Brindley pointed out yesterday SmartPhones are creating vast improvements in this critical health field.
As noted, “The 140 district nurses in Powys have become the first in Wales to be given smart phones in a bid to reduce the amount of time they spend on paperwork. The phones allow them to access vital patient information at the touch of a button while visiting patients in the community.”
Despite all of the issues that we discuss related to the complexities of these handsets, it’s always good to see the application of mobile technology to advance the treatment of healthcare. As rural healthcare is a global issue, certainly mobile technology has the ability to play a pivotal role in advancing the quality of care.
Your go-to guy in mobile security,
Eric E - “The MobileTech”
Eric Everson, Founder MyMobiSafe.com
EricEverson@Hotmail.com
In Ref. to: http://allnurses.com/nursing-news/futuristic-phones-bring-369285.html
Saturday 10 January 2009, 5:54 PM
Mobile Security Becoming $900 Million Market
Mobile Security Becoming $900 Million Market
Author: Eric Everson, Founder MyMobiSafe.com
If you keep tabs on the security industry financial reports there was a recent Infonetics Research report that was hard to overlook. While this market segment is just beginning to attract big business attention as the founder of MyMobiSafe.com mobile security industry reports are of significant interest to me. The Infonetics Research report I am referring to established an estimated market valuation of nearly $900 million for the mobile security industry by 2012.
As the economy has already flushed some of the less committed mobile security brands from the market, it is likely the tried and true companies of this industry that stand to capture the greatest market share. As the founder of MyMobiSafe.com, we knew early-on that this was a developing market, but the reality of achieving a market valuation upwards of $900 million sounds too good to be true… Right?
While the bulk of the Infonetics Research report was focused on mobile security expenditures at the mobile service provider level the reality is that in the context of developing mobile malware technologies $900 million is really just the tip of the iceberg. Taking into account the mass market implementations that the developing threats (i.e. Java-enabled mobile malware, mobile internet browser targeting malicious code) are capable of, mobile security has become an emerging market of global proportions.
Where the western countries lag behind the Asian markets the advances in mobile technology in many Asian nations are proving the mass market demand for mobile security products and services alike. For brands like mine (MyMobiSafe) we have stayed the course in the pursuit of establishing next generation technologies to carry this emerging mobile security market into mass market levels of penetration. While the market stickiness and instant brand awareness of the MyMobiSafe brand have created tremendous market opportunities, it is the technologies we have developed at the core of our operations that truly define our ability to sustain mass market growth and continued brand vitality.
So are we looking at a mobile security market of $900 million by 2012? In considering the limited market scope of this research, I suggest that $900 million is selling this growth market short. With multimedia mobile phone usage growing at unprecedented rates globally and mobile malware becoming increasingly sophisticated mobile security is undeniably poised for significant growth in the months and years ahead.
Your mobile security guru,
Eric Everson – The MobileTech
Eric Everson, Founder MyMobiSafe.com
EricEverson@Hotmail.com
Author: Eric Everson, Founder MyMobiSafe.com
If you keep tabs on the security industry financial reports there was a recent Infonetics Research report that was hard to overlook. While this market segment is just beginning to attract big business attention as the founder of MyMobiSafe.com mobile security industry reports are of significant interest to me. The Infonetics Research report I am referring to established an estimated market valuation of nearly $900 million for the mobile security industry by 2012.
As the economy has already flushed some of the less committed mobile security brands from the market, it is likely the tried and true companies of this industry that stand to capture the greatest market share. As the founder of MyMobiSafe.com, we knew early-on that this was a developing market, but the reality of achieving a market valuation upwards of $900 million sounds too good to be true… Right?
While the bulk of the Infonetics Research report was focused on mobile security expenditures at the mobile service provider level the reality is that in the context of developing mobile malware technologies $900 million is really just the tip of the iceberg. Taking into account the mass market implementations that the developing threats (i.e. Java-enabled mobile malware, mobile internet browser targeting malicious code) are capable of, mobile security has become an emerging market of global proportions.
Where the western countries lag behind the Asian markets the advances in mobile technology in many Asian nations are proving the mass market demand for mobile security products and services alike. For brands like mine (MyMobiSafe) we have stayed the course in the pursuit of establishing next generation technologies to carry this emerging mobile security market into mass market levels of penetration. While the market stickiness and instant brand awareness of the MyMobiSafe brand have created tremendous market opportunities, it is the technologies we have developed at the core of our operations that truly define our ability to sustain mass market growth and continued brand vitality.
So are we looking at a mobile security market of $900 million by 2012? In considering the limited market scope of this research, I suggest that $900 million is selling this growth market short. With multimedia mobile phone usage growing at unprecedented rates globally and mobile malware becoming increasingly sophisticated mobile security is undeniably poised for significant growth in the months and years ahead.
Your mobile security guru,
Eric Everson – The MobileTech
Eric Everson, Founder MyMobiSafe.com
EricEverson@Hotmail.com
Wednesday 7 January 2009, 1:05 AM
Mobile Security and the MD5 Hack: Day Trading By Mobile Beware
Mobile Security and the MD5 Hack: Day Trading By Mobile Beware
Author: Eric Everson, Founder MyMobiSafe.com
It seems that we can do as much or more from our phones today than we could from our laptops five years ago. You can enjoy a gamut of media related convenience and surfing the web from one’s handset has become a standard. Add to these mobile freedoms the ability to day trade via your mobile device and it’s a wonder we ever put our phones down.
Admittedly my life seems to revolve around “opening and closing bells” so the ability to make my trades and place my orders on the go has been awesome. The ability to trade in any market from the palm of my hand while I am cross-training is technology at its finest. While I as many other have come to love this market freedom, there seems to be a lurking vulnerability that has seen its fair share of press lately.
As computers and mobile devices use much of the same carry over technology in the way of web browsers the recent “MD5 hack” has created a ripple effect into mobile technologies as well. What does the “MD5 Hack” mean for mobile devices? Essentially MD5 collisions can be leveraged to generate rogue SSL CA certificates. Such rogue CA certificates can be used by an attacker to generate valid SSL certificates for targeted web sites. By forging these certificates in DNS redirection attacks, an attacker can spoof an SSL protected web site and obtain your sensitive information.
Now don’t stop day trading from your mobile just because of this vulnerability because in reality the role of MD5 algorithms in SSL certificates is becoming marginalized by the way of the SHA-1 approach. To execute on the MD5 vulnerability requires some sophisticated computing which may or may not be worth the time of a hacker. Nonetheless as your trusted mobile security advisor I wanted everyone to be aware of the threat. With many securities trading at bargain basement prices, now may be the best time to take advantage of the freedom of mobility that exists for day traders.
Your friend in mobile security,
Eric Everson, Founder MyMobiSafe.com
Author: Eric Everson, Founder MyMobiSafe.com
It seems that we can do as much or more from our phones today than we could from our laptops five years ago. You can enjoy a gamut of media related convenience and surfing the web from one’s handset has become a standard. Add to these mobile freedoms the ability to day trade via your mobile device and it’s a wonder we ever put our phones down.
Admittedly my life seems to revolve around “opening and closing bells” so the ability to make my trades and place my orders on the go has been awesome. The ability to trade in any market from the palm of my hand while I am cross-training is technology at its finest. While I as many other have come to love this market freedom, there seems to be a lurking vulnerability that has seen its fair share of press lately.
As computers and mobile devices use much of the same carry over technology in the way of web browsers the recent “MD5 hack” has created a ripple effect into mobile technologies as well. What does the “MD5 Hack” mean for mobile devices? Essentially MD5 collisions can be leveraged to generate rogue SSL CA certificates. Such rogue CA certificates can be used by an attacker to generate valid SSL certificates for targeted web sites. By forging these certificates in DNS redirection attacks, an attacker can spoof an SSL protected web site and obtain your sensitive information.
Now don’t stop day trading from your mobile just because of this vulnerability because in reality the role of MD5 algorithms in SSL certificates is becoming marginalized by the way of the SHA-1 approach. To execute on the MD5 vulnerability requires some sophisticated computing which may or may not be worth the time of a hacker. Nonetheless as your trusted mobile security advisor I wanted everyone to be aware of the threat. With many securities trading at bargain basement prices, now may be the best time to take advantage of the freedom of mobility that exists for day traders.
Your friend in mobile security,
Eric Everson, Founder MyMobiSafe.com
Sunday 4 January 2009, 5:18 PM
AT&T and TMobile: The New Era of Mobile Security Complexity
AT&T and TMobile: The New Era of Mobile Security Complexity
Author: Eric Everson, Founder MyMobiSafe.com
It has been just days since AT&T and TMobile have been issued steep fines related to the “security” of their voicemail systems. This action brought against these two providers is a direct reflection of the complexities that mobile service providers face as we are ushering in a new era of mobile security futures.
This most recent legal debacle related to mobile security stemmed from high-profile hacker attacks in the State of California. Investigators in this suit used the globally accessible TelTech Systems SpoofCard software to easily hack into voicemail accounts which enabled the investigators control over the hacked voicemail systems creating an opportunity to exercise caller-id spoofing, settings tampering, and further offering the ability to change or erase messages. Essentially this software enables hackers access to the network-level which puts handset-level security at significant risk.
According to respected industry analyst Marin Perez of Information Week, the outcome of this legal action is that “AT&T and T-Mobile have paid fines and agreed to stop advertising that their voice-mail systems are safe from hackers.” Both companies agreed to settle this suit by agreeing to pay respective fines but neither mobile service provider admitted any wrongdoing.
The reality is that whether you use your cell phone for personal communication or as the lifeline of your small business operations, mobile security is undeniably becoming an issue that everyone must acknowledge. For many of us this means exercising greater responsibility in exchanging mobile content while for others it means preparing for this emerging new battlefield of digital security. Whether you are simply concerned about the security of your individual handset or if you are looking at the digital security implications of mobile threats across an enterprise setting, it is important to first start by understanding the greatest threats you face.
Your friend and most trusted name in mobile security,
Eric Everson
A.K.A “MobileTech”
Eric Everson, Founder
MyMobiSafe.com
EricEverson@Hotmail.com
Author: Eric Everson, Founder MyMobiSafe.com
It has been just days since AT&T and TMobile have been issued steep fines related to the “security” of their voicemail systems. This action brought against these two providers is a direct reflection of the complexities that mobile service providers face as we are ushering in a new era of mobile security futures.
This most recent legal debacle related to mobile security stemmed from high-profile hacker attacks in the State of California. Investigators in this suit used the globally accessible TelTech Systems SpoofCard software to easily hack into voicemail accounts which enabled the investigators control over the hacked voicemail systems creating an opportunity to exercise caller-id spoofing, settings tampering, and further offering the ability to change or erase messages. Essentially this software enables hackers access to the network-level which puts handset-level security at significant risk.
According to respected industry analyst Marin Perez of Information Week, the outcome of this legal action is that “AT&T and T-Mobile have paid fines and agreed to stop advertising that their voice-mail systems are safe from hackers.” Both companies agreed to settle this suit by agreeing to pay respective fines but neither mobile service provider admitted any wrongdoing.
The reality is that whether you use your cell phone for personal communication or as the lifeline of your small business operations, mobile security is undeniably becoming an issue that everyone must acknowledge. For many of us this means exercising greater responsibility in exchanging mobile content while for others it means preparing for this emerging new battlefield of digital security. Whether you are simply concerned about the security of your individual handset or if you are looking at the digital security implications of mobile threats across an enterprise setting, it is important to first start by understanding the greatest threats you face.
Your friend and most trusted name in mobile security,
Eric Everson
A.K.A “MobileTech”
Eric Everson, Founder
MyMobiSafe.com
EricEverson@Hotmail.com
Previous
