The Three

January 10, 2019 by Marc Handelman in Feet of Clay, Information Security, CPNI, Demise of Privacy, Mobile Networks, Mobile Telephony, Mobile Security

Three US Based Mobile Providers Still Selling User Location Data

The bad news was delivered to me on Tuesday afternoon by this outstanding post by Jon Brodkin, reporting for Ars Technica. Read it and weep my friends, as they will know you by your location... Think it's time to move to a dumb phone from your current leaky smartphone? Think again Binky, as your location can still be determined and sold (if only from triangulated tower geography when your phone mpves from cell to cell and registers with the tower).

"In June 2018, all four major US wireless carriers pledged to stop selling their mobile customers' location information to third-party data brokers. The carriers were pressured into making the change after a security problem leaked the real-time location of US cell phone users. But an investigation by Motherboard found that "T-Mobile, Sprint, and AT&T are [still] selling access to their customers' location data and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country." - via Jon Brodkin, reporting for Ars Technica*

Ray Ozzie Points His Magic Wand At Mobile Encryption →

April 30, 2018 by Marc Handelman in Encryption, Mobile Telephony, Mobile Security, Poor Architecture

Ray Ozzie's (the former CTO of Microsoft Corporation (Masdaq: MSFT) that created Lotus Notes...) patented encryption plan is clearly not indicative of a tenable solution to the encryption problems governement agencies, and vendors like (Nasdaq: AAPL) are grapplig with like two behemoth Olympic wrestlers on a greased floor. In answer to this rigamarole comes in the form of a particularly interesting post hand-crafted by the inimitable Dan Goodin, at ArsTechnica, in which, the Good Mr.Goodin tells all. Today's MustRead. 20180506 Update: Read El Reg's Thomas Claburn's take on the Ray Ozzie crypto-solution, such as it is...

A Cornucopia of Flaws, The LTE Debacle →

April 22, 2018 by Marc Handelman in Mobile Networks, Mobile Security, Mobile Telephony, Information Security

via Sean Gallagher, writing at Ars Technica, comes the astounding story of mobile telephony flaws extraordinaire. Also known as the vector of choice for espionage, network intrusion, and data exfiltration. Today's MustRead.

Developer Errors Exposes 180 Million Phones to Compromise →

November 14, 2017 by Marc Handelman in Cellular Telephony, Mobile Security, Mobile Telephony, Mobile Networks, Lack of Security Regimen, Or Lack Thereof

Oops, They Did It Again! Coupled with the other well-known security issues (e.g., the recently exposed (but decades old) SS7 Flaw) this latest display of security-related development governance (or lack-thereof) by the MNO's is highly dangerous; and spans borders.

The Banning →

October 12, 2017 by Marc Handelman in Data Leakage, Data Loss Prevention, Information Security, Mobile Security, Mobile Networks, Mobile Telephony

Behold, the top banned (i.e., blacklisted by the Enterprise) iOS and Android mobile applications with data generated by Appthority.

'According to Appthority’s proprietary Mobile Threat Risk Score, Uber, WhatsApp Messenger and Facebook Messenger are the riskiest Android apps commonly found in enterprise environments. The riskiest iOS apps found in enterprises are Facebook, Pandora and Yelp.' - via Helpnet Security

BlackHat, Moritz Lipp & Clémentine Maurice's 'ARMageddon' →

August 20, 2017 by Marc Handelman in Blackhat, Conferences, Education, Communications, Communication Security, Mobile Security, Mobile Networks, Mobile, Hardware Security

Burners, The Tightening

June 02, 2016 by Marc Handelman in All is Information, Communications, Communications Governance, Cryptography, Demise of Privacy, Information Security, Mobile Networks, Mobile Security, Signals

Well wrought thought piece on the use, and misuse, of prepaid cellular telephony hardware, the so-call Burner, and the effort to enforce regulations thereto. Entitled Burner Phones: Will Tightening Restrictions on Prepaid Cell Phones Solve Anything? Certainly today's Must Read post...

Android Security, The Fail →

November 03, 2015 by Marc Handelman in All is Information, Mobile Security, Information Security

Join Chris Hoffman, writing at How-To Geek, as he leads us through the voluminous maze of Android information security and it's failures. Read It and Weep, My Friends. Deemed Todays' Must Read.

Uh Oh... 30+ SCADA, Mobile, Zero Day Vulnerabilities To Be Announced at BlackHat

July 28, 2015 by Marc Handelman in All is Information, Information Security, SCADA, Mobile Security

Time to get busy...

NowSecure Researcher Discovers Enormous Mobile Flaw

June 19, 2015 by Marc Handelman in Information Security, Mobile Security

Samsung mobile devices flawed? Quite likely, the single most fascinating hack and crack of the year, when correctly executed, modifies the device functionality into a remote listening device.