Don't Phone Home: Mobile Phone Viruses On The Way.While traveling recently I happened upon a disturbing article in the Europe edition of The Wall Street Journal. The piece examined an idea I had been considering on and off since authoring a piece on WAP (1) (Wireless Access Point) See access point. (2) (Wireless Application Protocol) A standard for providing cellular phones, pagers and other handheld devices with secure access to e-mail and text-based Web pages. in the spring: mobile phone viruses See smartphone virus. . I chose not to address this topic in my story for two reasons: because I had not heard of a single instance of a phone virus, and because the hysteria over the Love Bug A famous virus that arrived as an e-mail attachment using the "double extension trick." The file name was "I LOVE YOU.TXT.vbs." The .vbs extension slipped by users who thought it was a safe text (.TXT) file. and FW: Joke viruses didn't need any more stoking from the computer press. However, I am now convinced that, with the arrival of WAP 1.2-based phones this fall, we will begin to see viruses written for mobile phones and phone-based PDAs. Initially, the outbreaks will be contained because mobile phones are currently unable to send executable content (operating system) executable content - Executable programs sent by one computer to another via a network. For example a Java applet is executable content. Usage: rare. to other phones; today's network is server-to-phone and vice versa VICE VERSA. On the contrary; on opposite sides. , and phone processors are not yet powerful enough to perform local processing tasks. All this will change over the next 12 months as phones become more powerful and offer users the ability to forward and exchange content among one another, and to execute small applets and, perhaps, scripts. This power, of course, will allow malicious code to move "into the wild," as virus experts say, replicating and doing all sorts of damage. What kind of havoc could a mobile phone virus wreak? Initially, the damage would probably be limited and relatively minor: perhaps spam messaging or corrupting data. The real damage will come as virus writers learn how WAP works and how differing phone operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and micro-browsers implement the technology: stolen passwords, filched credit card data, and phone data that could be used for cloning. Of course, all this data is encrypted when it is sent into the ether, but an enterprising villain might figure out a way to steal the data and then decrypt To convert secretly coded data (encrypted data) back into its original form. Contrast with encrypt. See plaintext and cryptography. it later, or, more ominously, instruct the phone to decrypt the data before it is sent. One of the lessons to be learned from the recent email virus See e-mail virus. outbreaks is that software developers--in particular those with enormous market penetration--need to make their products more secure before releasing them to the public. Microsoft scrambled to write patches for Outlook which helped to control the spread of email viruses. In doing so, some convenience was lost; thus is the price of security. Companies in the mobile phone industry should learn from Microsoft's mistakes and build strict security features into their products, even if it means sacrificing some ease of use. They need to take these measures while the products are in development, not after millions of devices are in the hands of consumers, and at the mercy of virus authors everywhere. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion