Some of you may have heard the news that the Department of Justice and the Federal Trade Commission are currently involved in discussions to determine which agency will begin an antitrust inquiry into Apple and a new policy that has been implemented.  When I first saw the article from the New York Post discussing the DoJ/FTC inquiry, I immediately thought I was going to read an article about how government regulators were going to be looking into how Apple maintains an almost Orwellian control over the application ecosystem that is the App Store.  An awful lot of “experts” in the industry spend a good amount of time debating whether or not Apple’s policy of restricting or approving applications for publication and use on the iPhone/iPad is acceptable.  I have several opinions on that particular subject, but I’m only going to ask one question and then I’ll get to what is actually going on with Apple and the DoJ/FTC:

Let’s assume for a second that Apple were to decide to open the App Store for open development with no approval process (I know, it’s crazy, right?).  Who are all of the talking heads and analysts going to go to when it gets overrun by malware?  Will they blame Apple or the will they blame the developers who are creating the malicious apps?  Think about that for a second…

As I read through the article, an entirely different case began to take shape…and it may have some merit.  In the final months of 2009, Adobe announced that its Flash Professional CS5 would include the Packager for iPhone when it ships. From Adobe’s website, Flash Professional CS5 will benefit iPhone developers in the following ways:

“The Packager for iPhone allows developers to use Flash technologies to develop content for iPhone and iPod touch, devices that were previously closed to them. Developers can write new code or reuse existing web content to build applications for iPhone. Because the source code and assets are reusable across the Flash Platform runtimes,—Adobe AIR and Flash Player—it also gives developers a way to more easily target other mobile and desktop environments.”

Just like me, you may be wondering how this differs from the Adobe Flash Player 10 coming to the iPhone.  Here is what Adobe has to say:

“The new support for iPhone applications included in Flash Professional CS5 will not allow iPhone users to browse web content built with Flash technology on iPhone, but it may allow developers to repackage existing web content as applications for iPhone if they choose to do so.Flash Player uses a just-in-time compiler and virtual machine within a browser plug-in to play back content on websites. Those technologies are not allowed on the iPhone at this time, so a Flash Player for iPhone is not being made available today.

I essence, Adobe has attempted to make an end-run around Apple’s policies that denied the ability to brows for Flash content on the web from an iPhone by creating a framework that would allow developers to first find that same existing content and then spit out a native iPhone application that uses the content.  All is well and good and pretty darn ingenious, if you ask me.  But, there’s one little problem.

Whether it be related to Steve Jobs’ well publicized dislike for anything related to Adobe, or that Apple decided that now was a good time to take a hardline stance by adding a new segment to the iPhone Developer Program License Agreement, section 3.3.1 of the developer’s agreement states that, “Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs”. This one little line prohibits the use of unauthorized code or using tools to act as an intermediary translation or compatibility tools.

In essence, Apple has stated that they will not allow applications to be published to the App Store that have been developed with any tool other than the Apple Software Development Kit (SDK), effectively pushing Adobe’s Flash Professional CS5 right out of the playing field for developing applications for the iPhone/iPad…Again!  Whether we’re talking about Adobe or any other rapid-development application, Apple is saying to developers that they need to make a decision:  either they can continue to try to use framework-like tools that can develop applications that are platform independent and use the translation capabilities to produce platform specific apps; OR they can develop applications for Apple products.

In the real world, developers are paid for their time by selling their apps.  For a developer to be able to create a platform independent application and then be able to translate and compile it into multiple platforms is huge.  Apple just told them they can’t do it on their platform.  Thus, the decision that is necessary from developers and the decision from the DoJ/FTC.

No Comments »  Ι   Filed Under:Tech  Ι     Ι     Ι  

On Thursday morning, the good people over at BlackBerrySync.com released the results of a study that attempted to compare two mobile security products to determine which is the best. BlackBerrySync.com is widely considered to be one of the leading sites on the Internet for all things BlackBerry and they have also been followers of SMobile’s products for quite a while.  In fact, the author of the study has been using SMobile’s security software on her personal device for quite some time now.

The author does a great job of explaining the reason behind her desire to perform this side-by-side test of five of the leading spyware applications that are available to attackers who are interested in spying on users of BlackBerry devices.  The spyware products she tested against were Flexispy, MobileSpy, PhoneSnoop, Flexispy Pro, and SpyBubble.

Instead of simply restating her results of the tests, I believe you should probably just read her report in order to get the full picture.  There were some pretty startling  results…

No Comments »  Ι   Filed Under:Mobile Security  Ι     Ι     Ι  

Maybe I’m just lucky, but somehow I’ve always managed to have decent cell phone coverage at home.  Wireless carriers work hard to provide good coverage, but the nature of wireless communications makes that a very difficult task.  Over the years, I’ve had many conversations with people who complain that their cell phone works great when they’re out and about, but when they return home, they’re greeted with poor coverage.

For years now, the carriers have been installing equipment that I’ve always called “micro cells” into large commercial buildings, due to the fact that the frequencies used for mobile phones aren’t great at penetrating building materials like steel and concrete.  These micro cells are essentially small indoor cell towers, and help to improve signal strength inside of the building.

Fairly recently, carriers have been offering a device called a “Femtocell” that their customers can install in their homes.  The devices are about the same size as a cable modem or router, and act as a personal cell tower.  Calls are routed back to the wireless carrier over the users home broadband connection.

Unfortunately, these femtocell devices have been aimed at improving voice coverage and not data coverage.  Luckily, that may be changing!  I came across an article on Wired today that speculates (based upon documents files with the FCC) that Sprint is readying a femtocell that will provide 3G data service in addition to voice coverage to users on their network.  If it’s true, this could be great for smarphone users who live in poor coverage areas.

No Comments »  Ι   Filed Under:Tech  Ι     Ι     Ι  

Over the Easter weekend, there were stories coming out of China about a ‘virus’ called ‘MMS Bomber’ that was running rampant through Chinese smartphones.  Conservative estimates put the infection rate at 100’s of thousands to possibly more than a million devices were affected by the virus that appeared to be spreading over MMS.

Proper analysis of the malware in question revealed that a multitude of Chinese users had been affected by a new variant, Yxe.e, of the Worm.SymbOS.Yxe family of worms.  The Yxe worm is widely known to be the very first malicious program that was able to infect Symbian S60 3rd Edition devices that also had a valid digital signature.  Yxe.e’s predecessors (Yxe.a – Yxe.d) had the following functionality:

• Spread via SMS messages which contained a link to the worm
• Used social engineering in order to trick victims
• Harvested data about the smartphone from the device
• Sent the harvested data to a cybercriminal server
• Attempted to terminate third party applications designed for working with the smartphone’s file system or with active applications

Yxe.e adds in the following additional capabilities:

• Sends MMS messages containing a link to itself, and, attached, a black and white skull and crossbones image (Skuller, a Trojan which first appeared in 2004, also used a skull and crossbones)
• Connects to a Chinese social networking site
• Downloads files
• Block the smartphone’s Software Manager, making it more difficult to delete the malware

The Yxe.e worm currently spreads via MMS that includes social engineering as the means to trick the user into following a link to a website that will allow them to download and install the malicious program. Once the malicious application is installed on the victim’s device, Yxe.e automatically begins harvesting information about the device and sends it off to a server that is controlled by criminals, via SMS. Yxe.e will then attempt to stop several processes on the Symbian device that could assist the victim in identifying the malicious nature and/or from uninstalling the malicious application. In an attempt to propagate itself, Yxe.e will then begin crafting and sending MMS messages to phone numbers in the device address book that contains the URL to download the malicious applications, all at a cost to the user of the infected device. Yxe.e is also known to attempt to connect and spread itself via a Chinese social networking site.

It is believed that infections of the Yxe.e worm have been limited to devices operating within China. Symbian devices make up the largest percentage of smartphone devices in use outside of the U.S. However, Symbian devices make up merely a fraction of the market share of smartphones in the U.S. and North America.

As is the case with every malware threat that affects BlackBerry, iPhone and Android devices, the Yxe.e worm requires that the user manually install the malicious program, albeit under false pretenses. SMobile Security Shield currently provides detection and removal of this Symbian threat.

No Comments »  Ι   Filed Under:Blog, Mobile Threats  Ι     Ι     Ι  

For a few years now, you’ve heard the term “3G” used to describe data services on cellular networks. Now, all of a sudden, there is a new term showing up. Ads on TV, in magazines and newspapers, web sites, billboards, and anywhere else you can imagine are starting to feature new “4G” service from Sprint.

You may find yourself wondering “Do we really need an additional G? What is ‘G’ and why do I need four of them? Are the other carriers going to roll out an extra G for their customers too?”

First and foremost, “G” stands for “Generation”. The first generation cellular technology was the original analog cell phone system that became popular in the 80’s and early 90’s. The second generation transitioned us from analog to digital cell phone service in the late 90’s. The third generation, or “3G” technology added support for higher data speeds that have enabled the rich mobile experience we have grown accustomed to on our smart phones.

Quite simply, “4G” refers to the fourth generation cellular network technology that is optimized for high speed internet traffic. I know, this is an extreme simplification, but I don’t want to get hung up on the formal technical definition of 4G as set forth by the ITU. For the overwhelming majority of cell phone users, this is a good enough working definition to understand what the carriers are talking about.

Sprint is rolling out a 4G technology called WiMax on their network. This network upgrade will allow new devices to connect to the internet at speeds up to 20 Mbps. What this really means is that WiMax will allow mobile connections at speeds comparable to, or faster than many people’s home internet connections.

Sprint won’t be the only wireless carrier in the US to offer 4G service. AT&T, Verizon Wireless, and Tmobile are also planning to roll their own 4G network upgrades. The catch though, is that AT&T, Verizon, and Tmobile are planning to roll out a different 4G technology called LTE. LTE offers theoretical speeds of 56 Mbps, but real world connections will probably not reach this limit.

At this time, Sprint has a head start. They have already rolled out WiMax in a handful of markets around the US, and will expand their service throughout 2010. Verizon Wireless will be rolling out LTE starting this year, and plan to finish upgrading their network bo 2013. AT&T plans to start rolling out LTE on their network in 2011. Tmobile plans to launch their LTE network in 2011.

No Comments »  Ι   Filed Under:Tech  Ι     Ι     Ι