Speaking Engagements & Private Workshops - Get Dean Bubley to present or chair your event

Need an experienced, provocative & influential telecoms keynote speaker, moderator/chair or workshop facilitator?
To discuss Dean Bubley's appearance at a specific event, contact information AT disruptive-analysis DOT com

Thursday, March 02, 2006

Firewalls and antivirus on dual-mode phones?

About a year ago, there was a huge fuss made over the first examples of viruses and Trojan horses on mobile phones, typically spread via Bluetooth. Various companies like McAfee and F-Secure have subsequently produced security software for handsets, typically focusing on ant-virus functionality. NTT DoCoMo has been selling Symbian-based phones with built-in A-V for a while now, although few other carriers have bothered.

Now, another, sneakier virus has been detected - this one jumping from a PC to a PDA when using Microsoft ActiveSync, presumably via a USB cable. And another Trojan targets Java-capable phones.

And all these are with phones using "non-standard" types of connection - Bluetooth, WAP initiated via circuit-switching and so on.

Now consider what happens when phones have "native IP" connections. Like WiFi, for example. Couple this with an expanding number of bits of software on the phone that can download and execute new functionality - the OS, Java, maybe XML or JavaScript in the browser. Even MMS has been discussed as a possible "vector". Yes, there are various signing and certification programmes intending to lock down the software added to the phone... but will these programmes be able to catch all the malware? And yes, BREW is a "managed" application environment - but maybe loopholes exist?

Maybe there should be enhanced security in the network, rather than burdening the handset with the task of managing security?

Yes, but while that might protect against certain exploits, it won't impact "local" infections via Bluetooth or WiFi. And what about this idea of viruses going from phone to PC, or vice versa? Will these be detected by the certification process? And what about the other types of attack - denial of service, for example?

My view is that over time, the uncertainties will grow. And these uncertainties will be multiplied by a "wireless IP" connection, especially one hooked into a customer's broadband at home.

I see firewalls and anti-virus becoming mandatory on WiFi-enabled cellphones, in particular. The FMCA already recommends this, and discussions I've had with carriers indicate that they are moving towards the same position - although some seem happy that basic non-smartphone UMA phones are "immune" . I wonder what their thoughts are, now that Java virus has been spotted?

Interestingly, an almost-circular argument about WiFi handsets starts to open up here - do they need to be smartphones with a "proper" OS?

Well, it could be argued that featurephones are more secure, so maybe not. But now it looks like some featurephones may be vulnerable anyway, because of Java, MMS, browser etc, which can also support malware. But if you want to add firewall/AV, it will probably need a smartphone OS, or maybe some other multitasking embedded platform.....

No comments: