Data at Risk: Mobile Computing, Apps and User Data

Mobile computing is a paradigm shift away from personal computers and their infrastructure toward very large flexible networks of loosely connected platforms. It has new platforms, operating systems, applications (apps) and exciting new approaches to old problems. As the paradigm shift gains momentum, the application of the technology expands to include areas never considered when the technology was designed. Risk mitigation requirements tend to be glossed over as the devices’ ease of use, affordability, and accessibility compels use. Users are often naive regarding the risks to their information, enjoying the benefits of use without giving a lot of thought to potential dangers.

Mobile devices that do not require users to be identified and authenticated are said to have anonymous users. Anonymity is an issue because it is impossible to impose accountability for user actions or mediate access to resources based on prior granted access. In effect all of the mobile devices’ assets are available to any anonymous user solely based on physical access to the device. Availability is important as the applications supported by mobile devices expand to include electronic commerce transactions and manage privacy-related data. The transparency of apps is an issue, apps that store sensitive information have been found that store the information in intermediary files that are shared with third parties without the knowledge or consent of the user originating the information.

Computing technology paradigm shifts have tended to ignore issues that would complicate or slow their acceptance, information security is a case in point. The shift to client server and wireless networking both had periods when protection requirements remained unaddressed and serious problems arose, Mobile computing is following a similar path, ignoring old lessons does not make them any less important, it simply means they have to be relearned. At this point protection measures are well understood, so the path to a secure solution does not have to be as painful as earlier experiences would indicate.

Ignoring previous generation protection measures has tangible benefits for the platforms. Administration is greatly simplified and significant processing and other overhead is eliminated, performance benefits. Measures associated with user aggravation are eliminated, improving the user experience and satisfaction, facilitating acceptance.

Mobile devices rely on the Internet for much of their communications, eavesdropping or hijacking Internet sessions are well understood and common attacks executed to steal data, encryption will defeat this attack, when the measure is used. The reliability of communications is an important issue as time-sensitive apps rely on it to complete revenue-generating transactions and to provide a satisfactory user experience for a variety of activities. We are quickly moving beyond the issue of dropped calls.

The lack of common protection measures is a non-trivial issue, raising risks thought to have been minimized long ago. Device theft to allow the thief to use the device for its intended purpose is giving way to theft for the purpose of access to specific data, often for packaging with other stolen data for sale to a customer with ulterior motives. Stealing address books for sale to spammers is a nuisance compared to data theft with the intention of large scale fraud or identity theft.

Corporate entities are making apps available to current and potential customers who have little to no insight into the apps, trusting the provider to address data security requirements that are outside the provider’s requirements sets or concerns. As provider expectations evolve to business critical levels, satisfying customer expectations will increase in importance to providers, complicating requirements and demanding increasingly sophisticated apps.

Corporations are also making mobile devices available to employees as productivity tools, without giving serious thought to the corporate data that will ultimately be processed, stored or transmitted by the devices. Configuration management of mobile computing platforms is, at best, informal. The easy access to apps introduces risks each time a new app is introduced. Allowing, if not encouraging sensitive information to be used with the platform places that information with exposure to a largely undefined and poorly understood set of risks for compromise, loss of integrity, and non-availability.

E-commerce apps that manage payment transactions and information are of interest to the Payment Card Industry’s Data Security Standard (PCI DSS). Where the host mobile device does not provide basic protection measures, compliance with the DSS is unlikely, raising a variety of serious questions. The value of information associated with the next generation of transaction processing apps is increasing, incentivizing execution of sophisticated attacks to steal the highest value assets.

We remain in the early days of malicious activities targeting mobile devices. At least one large scale attack of mobile targets has recently occurred, more sophisticated attacks are likely as the technology’s use grows and attack strategies are perfected. Attacks using malware remain to appear, although there seems to be no serious technical impediment to their occurrence other than the lack of recognized algorithmic vulnerabilities available for exploitation.

The integration of mobile computing into architectures supporting business critical applications remains an unexploited opportunity. How long this is true is in serious doubt, replacing the desktop PC has compelling economic drivers — it has to happen. Tying mobile apps into servers is already occurring on an experimental basis. This will raise the stakes significantly for tablets and the other evolving mobile devices. Corporate requirements for robust solutions will put pressure on technology providers to enable the safe expansion of the application of the platforms beyond messaging and e-commerce, which goes full circle back to resolution of conventional protection needs.

Whether mobile computing technology is “ready for prime time” in large scale applications remains to be seen. Clearly a large number of lessons need to be learned by app developers and architects regarding compliance with statutory privacy requirements as well as less formal user confidentiality expectations. Early adopter tolerance for problems that can be interpreted as technical glitches is unlikely to exist in production environments with large user populations and big company revenues.

Mobile computing is in its early days, the lack of meaningful protection measure for the information processes, stored, and transmitted by the platforms is a serious concern. Use of the technology for new applications without consideration of the risks by users and technology providers raises the likelihood and scope of potential damage to be inflicted by well thought out and executed attacks. The bell has rung, class is in sessions.

Mobile Computing: The Impact of Social Media

The implication of mobile phones in our modern world is getting clearer and with the impact that these devices have had on social media networking sites, mobile computing just got better and attention from hardware and software developers and vendors. Mobile computing innovations have seen the rise of Android and iPhone platforms where third-party developers have developed hundreds of thousands of apps that run on these devices, some right in the cloud. The real drivers of mobile computing however are not the hardware and software manufacturers but rather the many users that interact and are always connected on these social networks and using these devices. It can therefore be assumed that the future of these devices and where they are used will largely determine future innovations surrounding the proliferation of mobile devices.

Mobile users spend more time on networking sites than their desktop counterparts. This means that network systems will require more dynamic connectivity patterns if this trend is expected to continue and if social networking sites expect to reap more revenue in the future. Mobile advertisers will also reap a huge chunk of that revenue as innovation in the field of geo-location, user activity sensing and social profiling is expected to lead to more targeted and therefore better advertising. It is also highly likely that mobile computing developments will largely revolve around social networks like Facebook and Twitter. Already, the launch of Facebook places and the ability to add longitude and latitude to tweets are evidence that the future of mobile computing is in social media.

All the above sounds interesting, however it also means that things like customer experience with low latency, high responsiveness and ease of interaction will need major improvements if customers are expected to have the same kind of experience on mobile platforms as desktop users. It is also interesting to see that the current limitations on mobile devices have induced new behavior in users. This includes skimming through content rather than reading and writing short answers. While solutions to these challenges can be built around these emerging behaviors, one this is clear, users?expectations cannot be met unless these challenges can be solved.

Energy concerns for mobile computing are another challenge. Smartphones rarely store charge for more than 12 hours in continuous use and bigger and more colorful screens means that power usage just went up. These are challenges that can be resolved by having more efficient hardware and software. We can only reflect on the current developments in mobile computing and its impact on social media and hope that it will tangibly shape the unpredictable path into the future of human interaction.

Electronic Evidence Discovery May Shift To The Mobile Computer Forensic Specialist

As the computing world advances and especially as the world of the wireless computing advances, there are certainly going to be instances where the services of a mobile computer specialist will be required.

The mobile arena now includes hand-held devices with comprehensive capability, in fact there are many more wireless units than desktops.The complexities of today`s wireless units such as iPods, iPads, Smartphones and tablet computers now have the same computing power of PC`s that were manufactured within the last decade. With cutting-edge technology such as infrared and bluetooth now integrated in to mobile computers, the advances in mobile computing are rapidly surpassing those of the desktop computer.

The hand-held device now includes a wide variety of units and can include video cameras, iPods,digital recorders or any hand held units.Mobiles may differ from the desktop computer in the way that they operate. The mobile computer forensic field now shifts from hard drive recovery to electronic evidence discovery of hand held units.

The mobile operating systems and hardware standards may change more frequently as new advances are introduced. New versions may be introduced several times within the product year, whereas computer software, may be revised annually or bi-annually. There are many different platforms in the wireless computing arena which makes the job of the mobile computer forensic specialist even more challenging and additionally, there may be variations within each communication technology. There are several variations of the 802.11 which is the standard used by all wireless networks. Shorter range wireless communication involves the use of Bluetooth, while within even shorter ranges, communication is handled by the infrared light waves.

Mobile computer forensics does not only involve mobile phones and the approach is not yet standardized due to the rapid advances and multiple operating platforms. The main reason for the state of affairs is that many manufacturers are pushing different standards in hardware, interfaces, operating systems and protocols. As a result, mobile forensics cannot be treated in the same way as static computer forensics, even though the concepts, may appear to be similar. The mobile forensic specialist job may rely less on technology and more on skills, procedures and problem-solving ability and the approach can be different.

Perhaps the most important forensic component of the mobile phone would be the Subscriber Identity Module card which is used to authenticate the user and verify the services. Alternatively, this information can be embedded in the phone. Forensic information may also be available in external Secure Digital cards that can be used by most mobile devices.

The mobile forensic field is primarily concerned with the acquisition of mobile phone data and there are tools, both hardware and software. Another challenge for the mobile forensic specialist is to keep up with the avalanche of changes in the mobile computing industry. Mobile forensic software may behind the curve with regard to the new mobile technologies and you should be aware of the various tools both forensic and non forensic that can be used.

The new burgeoning field of mobile arena is sure to offer satisfying available opportunities and challenges for the mobile computer forensic specialist.

The Attraction of Laptops and Mobile Computing

Laptop computers are one of the hottest items in the computer market. It seems that many either have one or are clamoring to get one. Mobile computing is definitely a must have in the world we live in, with everyone always on the run and wireless technology has made this possible, as well as, of course so many other gadgets and electronics more functional.

Laptops come in so many varieties with many features. In fact, there are laptops for gamers, business, students, regular home use, each with its own distinct features and functions. There are also specially made rugged laptops, that the military uses, and some self defined klutzes at home that are built to withstand tons of abuse. It is no wonder that that laptops are so popular what can be better than checking email, working or chatting online while sitting at a beach, at the park, in bed, or anywhere else in the world without the confinement of a plug. Laptops are also technologically advanced computers capable of any and all functions of a pc or Mac computer except in a smaller size making them compact, mobile and wireless.

Pink laptops are something of another phenomenon in mobile computing. Pink laptops are very poplar items among women shoppers, as the color pink is a high fashion item and laptops have not been excluded from this. Pink laptops allow you to make a unique and fun fashion statement and still provide the many mobile computing options of laptops, including, sending email, work, browse the Internet, message friends, compose word documents and any other computer activities from anywhere on the planet, including the beach, mountains, by a pool, while on vacation, on an airplane, etc.

There are several manufacturers of pink laptops, including, Sony, Dell, Acer and Samsung. These come in different pinks, from light to almost neon, and there is one to suit any pink color lover. There is also the option of covering any laptop with a pink cover, however, for most it is not as cool as actually having the shiny covering of the laptop in pink.

The retail prices of laptops are quite high, often even more so than a desktop set up. The Internet is a great place to find deals on laptops, with sites such as eBay, Amazon and other online merchants who house many sellers and merchants that compete for the large volume of business and significantly cut retail prices. Refurbished laptops are also a great alternative for those who want a feature packed machine without the high price.

Mobile Computing and the Evolution of Modern Media – A Think Tank Topic – Let’s Talk Some More

As an avid reader of technology news, and the happenings in the modern media, as well as a study or of historical aspects and the evolution of the media I find it very interesting how the old media and new media is merging into one. And for many of the old newspapers and TV stations, it can’t happen fast enough, as a matter fact over 50% of the newspapers in our country are nearly bankrupt.

It’s all going mobile!

Some may wonder if everyone will be carrying around a tablet computer, which will also function as an e-book reader so they can get their daily news and read their newspaper on a screen rather than cutting down trees and printing paper for their daily addiction of the news. And I suppose the tablet computers will also have to be improved and protected against coffee spillers on the go, insulated from a caffeinated beverage leaking into the casing.

Think of how all this will play out in the future with mobile technology

Old Media dying and needs to evolve faster to compete, mobile personal tech game changes, copyright challenges of newspapers and media, blogging information flows, industry consolidation, CEOs of major TV media leaving – poor profits – stock price, capital inflows. “He who owns the media controls the minds of the people”, inaccuracies, plagiarism, talking points, shallow news, hostile debates, attention span and 2-3 minute segments, speed of news, “news finds us, we no longer find the news” – politics and incest with media. Use of media in wars, destabilizing nations, moving social agendas, attacking enemies, competitors, blowing events out of proportion.

Not long ago, we were discussing all this online in our think tank, and I made a statement about some of the problems and challenges I see in the modern media today, issues such as; World media slants, anti-US sentiments. Local newspapers, TV, hiring video editors, reporters from India and China, working by phone, VOIP, etc. to cut costs and write articles in the USA. A Pasadena CA newspaper and video TV program has already done this.

About 18 months ago one of the founders of Google stated that the old media and newspapers will become extinct one day, and he wasn’t going to predict when, only that it was a potential eventuality, which probably could not be stopped. In fact, I am one who agrees with him, and if the old media doesn’t evolve quickly with the new media, they will no longer exist. Consider if you will the number of newspapers and magazines which are no longer printed, and yet just 10 years ago were considered the hot reading material. Please think on it.