MyMobiSafe.com Official Mobile Security Antivirus Solutions Blog
This blog is managed/edited by Eric Everson, Founder of MyMobiSafe.com. The purpose of this blog is to discuss common threats and solutions that exist within the mobile community.
Thank you for taking the time to review my blog, I am Eric Everson and I am a mobile application developer and self-proclaimed mobile threat hunter. I also manage a blog at MySpace which serves as a journal regarding my startup venture of MyMobiSafe.com available at http://blog.myspace.com/mymobisafe.
Friday 25 April 2008, 3:58 AM
Mobile Banking: The Weakest Link
Mobile Banking: The Weakest Link
By Eric Everson, Founder MyMobiSafe.com
For many the prospect of conducting their banking by cell phone either strikes them as totally cool or totally crazy. I tend to put myself in the first camp as an embracer of mobile technologies, but admittedly I am not without my mobile security reservations.
As we all know in digital security, the weakest link is always the most vulnerable point of any topology. In mobile banking this weak link happens to be the very handset that we are expected to entrust with our financial transactions. The adoption of third party mobile security solutions is still very limited across the global spectrum of mobile users, thus the greatest level of threat that mobile banking faces has become the very platform of the transactions.
Let us assume that the mobile phone is the next great platform of the digital future and instantly the security that many take for granted on their cell phone becomes a significant bargaining chip for mobile application developers. It is no surprise that industry titans such as Google are jumping into mobile advertising as the industry demographics are so encouraging to their financial prospects. On the other hand, as mobile users are already beginning to experience mobile advertising on their once sacred mobile space one can not help but exercise concern regarding the origination of the content. Just as viruses are spread so commonly through email in a computer-based setting, the content now arriving on your mobile handset may not be as safe as you might hope.
With the popularity of mobile keyloggers, these applications can be easily embedded in a mobile message. Again touching on the limitations of handset level security that are so common throughout the mobile industry, we start connecting the dots of the handset as the weakest link of mobile banking. You get an unassuming mobile advertising (spam) message delivered to your handset and before you know it your seemingly safe mobile banking is compromised from the inside. Your every keystroke can be remotely monitored, thus passing access to your mobile banking into the wrong hands.
Do not get me wrong, I am not trying to deter anyone from adopting mobile banking as I personally think it is a blessing. If you use your handset the way I do, you should at least consider the value of the information you are putting into your handset… since after all it is still the weakest link. I look for many of the banks to start partnering with mobile security firms to address these mobile vulnerabilities head-on, but until then remember to be on the lookout for your own mobile security.
Your mobile security guru,
Eric E
Eric Everson, Founder
MyMobiSafe.com
Friday 11 April 2008, 8:02 PM
Government Alarms Going Mobile
Government Alarms Going Mobile
By Eric Everson, MyMobiSafe.com
The American government has announced their intentions to send nationwide alerts to cell phone users based on three types of events: child abduction, natural disasters, or a terrorist attack.
According to CNN Money, “A nationwide alert system will use cell phones or other mobile devices to send text messages to Americans when an emergency occurs, the Federal Communications Commission will announce Wednesday, according to an FCC representative.” While this is a long overdue move to utilize existing technology for the good of the nation, American’s must take the necessary measures to alter their text plans accordingly.
This development is being celebrated among many that have been pushing for the advancement of wireless notification in the case of missing children. All U.S. cell phone users can already get Amber Alert wireless notifications sent to their phones by visiting www.wirelessamberalerts.org.
The official announcement is expected by next week and marks a leap forward by the U.S. government to embrace wireless devices as a warning system. This progressive stride for wireless technologies speaks to the willingness of the American people to further embrace wireless innovations. As mobile devices continue to replace computer-based communications, this announcement gives further credence to continued wireless venture investment.
As the founder of MyMobiSafe.com, I am glad to see the government implementing this mobile notification system. As the wireless technologies from both a software and hardware perspective continue to develop, it is important that both the government and American citizens alike continue to adopt wireless technologies. With respect to the wireless data traffic that a single notice would generate to reach every American cell phone user, it is easy to see why investors are so eager to embrace the emerging wireless “Bubble II”. Data services have already become a major revenue gateway for service providers, which are only compounded by innovative developments that make wireless communications so wonderful.
Already many sites have launched exclusively formatted for wireless browsers. Sites like MobiShaker.com further add dimension to the flexibility that wireless technologies represent to the American public. This announcement may be simple at face value, but for wireless innovators these mobile alerts represent a substantial embrace of the technologies to come.
Your mobile security guru,
Eric Everson
Eric Everson, Mobile Security Expert
MyMobiSafe.com
Thursday 10 April 2008, 1:16 AM
The Mobile Industry’s Growing DoS Risk
The Mobile Industry’s Growing DoS Risk
By: Eric Everson, Founder MyMobiSafe
In the not so distant past, major labels such as Yahoo and Amazon have become targets of malicious Denial of Service (DoS) campaigns. DoS campaigns are designed to hit servers so hard with false traffic that the real traffic is denied service. Have wireless service providers created a vulnerability that puts them at greater risk for such attacks?
As a mobile security expert and founder of MyMobiSafe.com, the unwillingness of most wireless service providers to adopt handset level security solutions perplexes me. Perhaps it is that by partnering with mobile security providers they believe they are admitting to a veil of ignorance that they have been skirting for years. The problem however is that as handsets and technologies are becoming increasingly developed all the while hackers are ripping that artificial veil of ignorance off of the providers.
One may wonder why wireless providers are at greater risk today than they were before? To this I have a three letter response “GAN”. Generic Access Network (GAN) also known as Unlicensed Mobile Access (UMA) permits the seamless transition between diverse networks. With GAN/UMA when a handset detects a new network, it establishes a secure IP connection through a gateway to a server which creates an alternate base id and allows for differentiated connection protocols to work in tandem. With GMA/UMA becoming more widely
deployed, service providers are allowing subscribers to have direct access to mobile core networks over via IP. This makes it easier to spoof identities and use illegal accounts to launch
a variety of attacks such as… you guessed it, DoS attacks!
If top Internet companies like Yahoo are susceptible despite all of their advanced computer and server-based security measures, it’s easy to see how the top mobile service providers are carrying a much greater risk (especially considering the lack of attention to security the handset level). I look for wireless providers to begin warming up to third-party mobile security providers as the speed of technology is showing no signs of a slow down.
Your mobile security guru,
Eric E.
Eric Everson, Mobile Security Expert
Founder of MyMobiSafe.com
Wednesday 9 April 2008, 12:28 AM
Facebook Mobile Security Threat
Facebook Mobile Security Threat
By: Eric Everson
Yes I will admit it, I am addicted to social networking with the likes of sites such as MySpace and Facebook too. After all it was our prelaunch presence at http://www.myspace.com/mymobisafe that allowed us to debut the startup of MyMobiSafe.com to the world weeks before actually going live. I am a Web 2.0 entrepreneur as I have integrated social networking into my business, so don’t think that what I am about to say comes lightly. As great as social networking is, there is a mobile security threat that everyone should consider.
All too often as I am visiting my friend’s profiles I see where they have listed their cell phone number for the world to see. As I said, I am a constantly connected Web 2.0 junkie and yet this is one area that I always recommend avoiding. The problem is that malware is becoming a very real issue on the most popular social networking sites. As a staff writer of ITWeb recently put it, “…Trojans will continue to be present and there will be a significant rise in the number of Trojans designed to steal information from users of social networks such as MySpace and Facebook.” This includes mobile malware too. Today all a hacker needs is a phone number to push their latest malware creations. In the past a mobile hacker had to know the provider in order to send a loaded malware email to your phone, but today every ten digit mobile phone number can be attacked. Through a service known as “teleflip” any mobile number can become a target.
With teleflip (Teleflip.com) one only has to have the mobile phone number (ie. yournumber@teleflip.com). ---I don’t recommend that too many people share their number openly, but after all I do own MyMobiSafe.com one of the hottest mobile security companies around. --- So to make a long story short, quit advertising your cell phone number on your Facebook profile! The sophistication of mobile malware continues to evolve and your phone is more hacker accessible than you might realize. Continue to embrace the Web 2.0 movement, but don’t let yourself become a mobile malware victim.
Your mobile security expert,
Eric Everson
Eric Everson, Founder
MyMobiSafe.com
Article Ref:
http://www.itweb.co.za/sections/internet/2008/0803131331.asp?A=VIR&S=Virus%20Watch&O=FPPN
Wednesday 2 April 2008, 8:20 PM
Samsung Soul: Full Metal Jacket
Samsung Soul: Full Metal Jacket
By: Eric Everson, Founder MyMobiSafe.com
As a leading mobile security expert, I can not deny my military roots which makes the U.S. debut of the Samsung Soul very exciting. Before you go and dismiss this debut as “yet another multimedia phone” one must ask what’s up with the full metal jacket?
In military speak, a full metal jacket (FMJ) suggests a metal composite layer over the lead core structure of a bullet. In weaponry this feature is designed to enhance the structural integrity of the round while decreasing the damage caused by metallic bore deposits. Additionally, an FMJ allows for greater muzzle velocity for the round. One might ask how all of this FMJ stuff transfers into the mobile environment…
As for increasing ones mobile security I must contend that the FMJ feature doesn’t protect your handset from hackers any more than that bogus claim if wrapping your Blackberry in aluminum foil. The despite the purely aesthetic appeal of the FMJ on the Samsung Soul, the only added protection it might create is in strength of the handset. A quick review of physics would demonstrate the ability of the metal casing to displace the shock of impact across the surface area of the handset potentially resulting in less internal damage in the case of dropping the handset.
The FMJ may not keep the hackers out, but it sure makes the handset look cool! I’ll give this one an A+ for the cool factor. As for any of you wrapping your Blackberry up in aluminum foil to keep the hackers out, go look up gullible in the dictionary and take your phone out of that foil so you don’t look foolish. If you are worried enough to wrap your phone in foil, you might just consider a third-party mobile security solution.
Your mobile security guru – Eric E
Eric Everson, Founder
MyMobiSafe.com
