Android Users Suffer Security Problems

User Rating:  / 0

Details

Created on Wednesday, 03 August 2011 17:52

Written by Peter Brockmann

CNet reported this morning research from a security company called Lookout, that Android users are more than twice as likely to see malware now than they were only six months ago. Mobile users also have a 30 percent chance of clicking on a malicious link.

Malicious mobile attacks come in several varieties including OS-specific software and phishing attacks. Phishing attacks, where the villans send emails claiming to be from trusted sources like your bank, eBay or PayPal warning of some problem requiring immediate response and providing a link for your convenience. Clicking on the link directs the unsuspecting user to a website where they enter their account number, ID and password which of course is recorded and used to steal from the victim's account. Phishing attacks are device independent since any browser and email-enabled device is vulnerable.

Android users are particularly vulnerable to Android-specific malicious apps. Since the standard to get on the Android Marketplace is so low, and with a wide-open operating system with few security hygene safeguards (Apple's iOS prevents one app from interfering with another and every app is tested by Apple BEFORE it gets in the App Store), the Android system is a security disaster.

In only the first half of 2011, an estimated 0.5 million Android users were affected by the 350 new Android-specific malware apps released in the Marketplace. Of course, nobody markets their app as malware. They position it as a game, an important security utility or the like and do their nasty work when the user least expects it.

More recently, some developers release a benign app in the Android Marketplace and then add in the malware as an update, once a sufficiently large community of users has developed and instantly infect thousands or millions of Android users.

Damaka Demo

User Rating:  / 0

Details

Created on Friday, 29 October 2010 19:27

Written by Peter Brockmann

Earlier this month I had a briefing with the CEO (Siva Chaturvedi) and CTO (Satish Gundabathula) of the Dallas and India-based mobile UC developer, Damaka. The management team was passing through central Massachusetts as part of an analyst roadshow highlighting their latest capabilities for mobile collaboration and I was asked to participate. I spent an hour with the team at a local StarBucks. The demos presented were very impressive.

Sita showed off (at right) an example of a collaboration program running in one instance on the PC (background) and in another on the iPad (foreground). Here markings made by the touch screen user (in this demo he was a radiologist looking for questionable issues in the chest xray) showed instantly on the PC user's screen.

And, in another scenario (at left), he showed a three-way video conferencing service connecting an iPhone 4 user (left hand), Google Android user (right hand) and a PC user (background). I asked about the networking infrastructure and use of standards, but was told that their patent portfolio (5 issued, 16 pending) describes their 'self-discovery' methods used.

Except, it's not self-discovery. I was thinking that the claim of self-discovery would point to some kind of broadcast method or maybe even some kind of SMS-based ping to get IP addresses of devices. Not true. The patents describe a method where a central host knows something about each of the participants (IP address for example) and shares it as appropriate. This is how every SIP, H.323, Instant Messaging, VoIP and even Skype (proprietary) service works - because it's efficient. Every device can learn where the host is. The host can keep track of who's available and who is not.

The challenges for the company are not technical. The products work and the demos prove they can be quite impressive - especially over a coffee shop WiFi - since getting an Android to communicate with an iPhone (other than making a call or sending an SMS) is currently unusual. The challenges are centered around distribution (sales) and targeted selling. Who is the market they hope to serve and how will they compete against the myriad other solutions, many of which are reviewed on this site, is the central question?

In my initial review of the company and solution, I learned that the company was focusing on tier 2 mobile operators in Asia (because that's where their Israeli systems integrator, Starhome is focused) and are more recently collaborating with Alcatel-Lucent to bring the capabilities to the healthcare industry. I will look forward to learning more about the market developments since, from what I can see, this is a real challenge for the company. Bringing great new technologies to the enterprise communications market is usually more about the channels and sales model and less about the technologies.

OnRelay OnTrack for Profits

User Rating:  / 0

Details

Created on Friday, 03 September 2010 16:05

Written by Peter Brockmann

I had a briefing the other day with Marie Wold, the President of OnRelay, which is celebrating its ninth year of operation and is probably one of the earliest innovators in mobile UC. We discussed the state of the business, advances in the market and OnRelay's success in the marketplace.

Originally, OnRelay developed and marketed an IP PBX adjunct application and client software called MBX. The architecture relied on signaling to and from the brand-specific IP PBX (such as Nortel CS 1000) to coordinate the call flows to the mobile client and smartphone running the client software. In 2009, the company decided to focus on service providers and integrated the MBX with a carrier-grade open source softswitch project called sipXecs.

At the time of my previous posting about OnRelay, the company was only beginning to experience commercial results through the new focus area. Since then, OnRelay has continued its focus on implementing cloud-based services for mobile operators to enable mobile UC class services for mobile business users. According to Marie, the company is making great strides convincing operators to join in their service. More mobile operators, more revenue opportunity, more revenue, more profit. Leveraging the IP networks of Verizon Business, network cloud services of Amazon and the multi-tenant capabilities of the sipXecs, OnRelay can establish a service trial with a new potential service provider in as little as two business days.

For enterprise customers that want services to run off their enterprise IP PBX and not with a hosted service design, the service provider uses a [[session border controller]] and SIP trunk to the customer premise-deployed IP PBX to assure consistent and uninterrupted call flow control.

One thing to watch is the focus on devices. Support for Nokia and BlackBerry are great (as shown in the Unified MBX graphic at right) and address the #1 and #2 smartphone devices used by business people, but the solution can't afford to ignore the increasingly popular Apple iPhone and Google Android devices. These classes of devices deserve their own client software version as the market feedback will soon indicate. Otherwise, OnRelay will be available only for a sub-set of the total market and its plans for profitability will be short lived.