As innovation in the mobile phone space starts to take
off, will this in turn subject users to the security threats that
many are already suffering on their PCs, asks Simon
Moores
It’s over a year since we saw the start of a series of
bizarre 118 advertisements featuring two David Bedford look-alikes.
This was part of a campaign to capture a market valued at £300m and
the memories of a population thatthought that 192 was the only
number for directory enquiries.
However, in August last year, thanks to the telecoms regulator,
192 ceased to exist and mass confusion reigned among subscribers,
leading me to warn at the time, “The deregulation of any industry
is invariably expressed in terms of opportunity but in this case,
it is more likely to be defined by its failures than its
successes.”
With business calls to directory enquiry services (DQ)
accounting for over half of the UK market, I had been carrying out
research for Unisys among the new 118 DQ providers. I wanted to
identify the type of “value-add” proposition they planned to
introduce for business. This ranged from absolutely nothing, to
wildly imaginative location-based services, that would tell you
where the nearest Wi-Fi-enabled Starbucks to your phone was.
In fact, very little has happened of practical interest, to show
off the very latest mobile phone technology, until last week, when
I found myself on the concourse of Victoria station opposite a
Yell.com booth.
This turned-out to be a promotion for Yell’s new service for
mobile phones. Send the text “mobile” to 80248 and a Java program,
the Yell agent said, will be sent to your handset.
So, I sent the message and waited a few seconds for the reply,
which arrived with an attachment that I had to install on my Sony
Ericsson P900.
The result, was the Yell.com service attached to the menu of my
phone. This allows me to search for a plumber within easy reach of
the station, where I could find a set of new tyres and the location
of the nearest fish and chip shop.
Now, this is really quiet clever and very practical, using Java
and taking the link between mobile telephony and DQ services into
the future that was imagined for it a year ago.
There is however one small problem, nothing to do with Yell, I
add, that threatens this kind of useful innovation in the mobile
phone space.
A series of newly discovered vulnerabilities by security
researcher Adam Gowdiak in Sun’s Java Virtual Machine have been
shown to allow all kinds of mischief on phones using mobile Java
(J2ME).
These days, I have Bluetooth on my own phone turned off but Java
and the kind of application from Yell.com that is now sitting on,
it offers the expandability that consumers now expect.
The trouble is that as PCs become harder to exploit, the hackers
will turn their attention to the next weakest link in the
technology chain, millions upon millions of easily exploitable
smartphones that use Java to manage their clever new mobile
services.
Isn’t progress a wonderful thing?
Setting the world
to rights with the collected thoughts and opinions of leading
industry analyst Dr Simon Moores of Zentelligence.
Acting globally,
Zentelligence (Research) advises governments, suppliers, business
and the media on the evolution, application and delivery of
leading-edge technologies, and specialises in the areas of
e-government and information security.
For further
information on Zentelligence and its research, presentation and
analyst services, visitwww.zentelligence.com