Panelists differed Friday on U.S. models for international broadband competitiveness and domestic competition at a forum of the Innovation Technology & Information Foundation. They did agree that a new national broadband policy that promotes competition is needed from the new presidential administration.
Pervasive use of mobile devices poses risks to security and privacy, the European Network and Information Security Agency said Friday. Someday PDAs, smartphones and near field communication (NFC) or contactless devices may see use to pay taxes, vote and open bank accounts, the agency said. But mobile device users leave traces of their identities and transactions that can be exploited for wrongdoing, it said. Key vulnerabilities of smart cards and NFC devices include untrustworthy user interfaces and theft, it said. And smart cards can be attacked physically, by rewiring chips or using probing pins to track data flows and gain access to secret stored information, the agency said. Side-channel attacks exploit physical information leaked during transactions, it said. Smart cards are at risk of man-in-the-middle attacks between server and card intercepting or deleting communications, the agency said. Cryptoanalytic attacks directly pursuing cryptographic algorithms are possible, it said. NFC and contactless devices can be skimmed secretly by an unauthorized device eavesdropping or reading their content, the agency said. Criminals can use the modalities to track people, in time profiling a person’s activities, it said. Unauthorized writing into the file system could falsify content, the agency said. The vulnerabilities could lead to invasion of privacy and financial loss from theft of sensitive data, it said. EU governments should set privacy mandates for emerging technologies with aid from industry and academia, the agency said. It seeks globally accepted standards for telecommunications, data transfer, security and payments. Mobile network operators, banks and national ID card producers must resolve the problem of fundamentally differing personalization processes for ID cards, mobile phones and payment cards, it said. Finally, the agency said, mobile infrastructure should give users a central role in security, and sellers of the devices should train buyers in their proper use.
Pervasive use of mobile devices poses risks to security and privacy, the European Network and Information Security Agency said Friday. Someday PDAs, smartphones and near field communication (NFC) or contactless devices may see use to pay taxes, vote and open bank accounts, the agency said. But mobile device users leave traces of their identities and transactions that can be exploited for wrongdoing, it said. Key vulnerabilities of smart cards and NFC devices include untrustworthy user interfaces and theft, it said. And smart cards can be attacked physically, by rewiring chips or using probing pins to track data flows and gain access to secret stored information, the agency said. Side-channel attacks exploit physical information leaked during transactions, it said. Smart cards are at risk of man-in-the-middle attacks between server and card intercepting or deleting communications, the agency said. Cryptoanalytic attacks directly pursuing cryptographic algorithms are possible, it said. NFC and contactless devices can be skimmed secretly by an unauthorized device eavesdropping or reading their content, the agency said. Criminals can use the modalities to track people, in time profiling a person’s activities, it said. Unauthorized writing into the file system could falsify content, the agency said. The vulnerabilities could lead to invasion of privacy and financial loss from theft of sensitive data, it said. EU governments should set privacy mandates for emerging technologies with aid from industry and academia, the agency said. It seeks globally accepted standards for telecommunications, data transfer, security and payments. Mobile network operators, banks and national ID card producers must resolve the problem of fundamentally differing personalization processes for ID cards, mobile phones and payment cards, it said. Finally, the agency said, mobile infrastructure should give users a central role in security, and sellers of the devices should train buyers in their proper use.
Panelists differed Friday on U.S. models for international broadband competitiveness and domestic competition, at a forum of the Innovation Technology & Information Foundation. They did agree that a new national broadband policy that promotes competition is needed from the new presidential administration.
A top CTIA official expressed outrage Thursday that the South Carolina Department of Corrections plans to go ahead Friday with a demonstration of cellphone jamming technology at a state prison. CTIA has called the test of technology provided by vendor CellAntenna a violation of federal law and asked the FCC to step in. Chris Guttman-McCabe, CTIA vice president, said companies rarely issue a news release to announce plans to “break the law.” State prison officials hope jamming equipment will keep inmates from using cellphones smuggled into their cells.
Adoption of open-source technologies is on the rise in the General Service Administration, said Chief Information Officer Casey Coleman in an interview. Open source also is winning in other federal agencies and huge opportunities are expected under the Obama Administration, open source vendor Red Hat told us.
Adoption of open-source technologies is on the rise in the General Service Administration, said Chief Information Officer Casey Coleman in an interview. Open source also is winning in other federal agencies and huge opportunities are expected under the Obama Administration, open source vendor Red Hat told us.
Malicious programs targeting online games and virtual worlds grew 145 percent in 2007, and over 30,000 new systems emerged that are aimed at swiping Internet game passwords, the European Network and Information Security Agency said Thursday. The malware is used to steal virtual money from players’ accounts and exchange it for real money, ENISA said in a report. With almost 1 billion registered users of MMO/VWs, and global real-money sales of virtual objects estimated at nearly $2 billion last year, “this is a serious issue,” ENISA said. Failure to protect the real-money value of this economical “grey zone” is sparking more attacks on online games and virtual worlds, it said. Another area of risk is disclosure of personal data, it said. Users’ false sense of security about their avatars leads them to reveal private data such as location and personal characteristics, the agency said. Risks include avatar theft and identity fraud, intellectual property breaches, harassment, cheating and security issues, credit card fraud and MMO/VW spam, it said. ENISA urged the European Commission and national governments to take steps including supporting creation of an industry forum for online game providers to share best practices on security vulnerabilities, and to fund legal work on questions such as the status of intellectual property and personal data in MMO/VWs. Game providers should balance security measures aimed at detecting and responding to malware and those needed for prevention, the agency said, calling detection and response often a better way to address security problems. Privacy policies should state clearly which information providers collect for anti-cheating measures and data available to other users, the agency said. It called for more research and education.
Broadband is a key infrastructure priority for the next Congress, House Majority Leader Steny Hoyer, D-Md., said in a statement on the coming year’s agenda. “We must ensure that all of our people have access to broadband connections,” he said. Hoyer’s endorsement is good news for broadband backers who spoke at a Wednesday conference of the need for activist policies from the Obama administration.
CTIA, wireless carriers, the National Emergency Number Association and the Public Interest Spectrum Coalition met Monday with an aide to FCC Chairman Kevin Martin, seeking prompt agency action barring future deployment of wireless microphones in the 700 MHz band. The mics pose “significant risk of interference” to both commercial and public safety systems, the group said, reporting on a meeting with Martin adviser Charles Mathias. “The parties stressed the importance of an immediate decision prohibiting” manufacture or sale of the devices, “thereby exacerbating the interference problem,” a filing said. “They also highlighted the continued efforts of numerous sales outlets to sell, often at significant discounts, wireless microphones operating in the 700 MHz bands in advance of any definitive FCC action.”