Enterprise Mobility - eWeek



Mobile

This Time, Cell Phone Virus Is for Real


By: Carol Ellison
2004-06-19
Article Rating:starstarstarstarstar / 3


There are  user comments on this Enterprise Mobility story.



  Table of Contents:
  1. This Time, Cell Phone Virus Is for Real
  2. ' Pondering Possibilities '

Updated: Opinion: It's heeeere ... an international team of security researchers has created a "proof-of-concept" cell phone virus, and this one is no hoax.

This Time, Cell Phone Virus Is for Real - ' Pondering Possibilities '
( Page 2 of 2 )

When you contemplate the possibilities, the concept of Cabir gets pretty scary. The number of computer users who are already targets of virus infections pales in comparison to the number of mobile phone users out there. And the threat is compounded by the fact that its not the first proof-of-concept of Bluetooth vulnerabilities weve seen.

There were bluesnarfing and bluebugging, in which it was shown that hackers could anonymously gain access to a Bluetooth device.

There is also bluejacking, which isnt hacking. Its the practice of sending anonymous messages to nearby Bluetooth devices, but some researchers suggest that it opens the door to abuse by enabling data exchange.

(A detailed description of these and other possible attacks can be found here.)

And if you think these holes might affect only kids and gamers who exchange files, ask yourself whether the Java applets used to facilitate enterprise data exchanges can really remain immune. They are, after all, executables.

According to Bruce Schneier, founder and chief technology officer of Counterpane Internet Security, in Mountain View, Calif., they wont always be safe.

Schneier, the author of "Applied Cryptography," has been predicting this day for nearly three years now. In 2001, he took one look at Bluetooth and the over-the-air peer networks it enables and declared it "an eavesdroppers dream." He cautioned it should be treated as "a broadcast protocol, because thats what it is."

After news of Cabir broke, I caught up with Schneier on his cell phone while he was awaiting takeoff to Albuquerque. What amazed him about news of the virus was that anyone was amazed. That malicious code could infect a cell phone network is no more surprising, he says, than having it show up in a computer network.

"It takes specialized knowledge to exploit a cell phone, but youre going to see more of this because mobile phones and handheld devices are the new computers," Schneier predicts. "They have OSes. They download software. So, theyre going to be just as vulnerable."

And he predicts that the back-end networks that communicate with them will become vulnerable as well, posing yet another threat that IT staff will have to be cognizant of.

"What were seeing is a lot of convergence," Schneier said. "Were plugging our mobile devices into our networks. Although it is complicated as heck, it is not inconceivable that some kind of malicious software could get onto my network through my mobile phone."

Editors Note: This story was updated with corrections regarding the nature of the virus.

Check out eWEEK.coms Mobile & Wireless Center at http://wireless.eweek.com for the latest news, reviews and analysis.

Be sure to add our eWEEK.com mobile and wireless news feed to your RSS newsreader or My Yahoo page








 
 
>>> More Enterprise Mobility Articles          >>> More By Carol Ellison
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Microsoft Sponsored Resource Center

Increase Your Microsoft Office 365 Knowledge! Dig inside this suite of cloud-based collaboration tools.

Watch the video >>

Brought to you by

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
Contact Us | About | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 7
 
Close this advertisement