Mobile IoT Authors: Terry Ray, Elizabeth White, Liz McMillan, Pat Romanski, Kevin Benedict

Related Topics: Mobile IoT

Mobile IoT: Article

Over-the-Rainbow Promises of Mobile Entertainment - Security remains an issue

Over-the-Rainbow Promises of Mobile Entertainment - Security remains an issue

Now that I've got my satellite uplink working, it's time for some luxuries here in Scotland, the first of which will be central heating. Coal is not the fuel of the future, and going out every morning to fill the scuttle isn't something I'll miss. First to arrive is an oil tank - our fuel still had to be stored on-site - and with it, what appears to be an electricity plug with an aerial on top. Closer inspection reveals this is our oil-level indicator, which picks up a wireless transmission from the tank in the garden and alerts us when we need to get another delivery. It may not be the latest radio technology, or utilize industry standard communications protocols, but it's through devices like this that we'll see wireless coming into our homes, changing every part of our lives.

At least this is one application where security isn't an issue. I have no objection to anyone who wants to intercept information about my readiness for a cold snap, but the issue of security in mobile devices is very much headline news. Hacks are starting to emerge that, apparently, enable other Series 60 phones to play games intended for the Nokia N-Gage. While this is worrisome for Nokia, what's more surprising for the rest of us is that it seems few of the N-Gage games are taking advantage of improved capabilities. If they are capable of running on other Series 60 devices, then they're only using standard Series 60 APIs.

This has also triggered a wider debate about the security of mobile devices in general. Will the opening of APIs and platforms inevitably lead to devices as lacking in core security as the desktop computer? While various groups attempt to add architectural security to the desktop through serial-numbered processors and hard-coded keys, will mobile computing reverse the process, giving up its secure certificate-store and opening us up to a new generation of worms and Trojans?

This is a key area of difference between the cellphone and the PDA. While PDAs still aspire to be desktop systems, allowing anyone's application access to any resources, cellphones tend to be a little more circumspect. Management systems such as QUALCOMM's BREW ensure that applications that haven't been approved by the network operator can't be installed on the phone. While this may seem draconian, it provides the only realistic way for a network to protect its customers (and, by extension, its own network). Voluntary systems, such as the warnings that pop up on a Symbian handset, rely on customers not only being able to make an informed judgment of the risk, but also being prepared to take responsibility for their decision.

It won't be long before we see the first customers complaining that they never made those international calls, or sent those premium-rate text messages, and instead, have found that a Trojan has infected their handset. It remains to be seen how the networks will react. If voluntary systems are ever going to be effective, then someone is going to have to inform the users of their responsibility. Just stating on a download site that the user will be asked some questions and should reply "yes" to all of them is enough to get most users to comply, no matter how dire the warnings displayed. This is already a huge issue for desktop computers; let's try and keep it out of our pockets.

One very good reason for mobile devices to have proper security on them is for Digital Rights Management, protecting the rights of the copyright holder regarding content sold for phones. Network operators are looking to sell entertainment - everything from radio shows, games, music, and eventually films - direct to your mobile, but without being able to protect the content, there's no way of making money. There seems to be an unwritten rule that once we're able to delivery quality audio and video content on the move, the money will roll in from subscriptions and pay-per-use business models. Even if phones do prove to be a secure platform, there's no guarantee that customers will pay for it. We're taking a long look at the over-the-rainbow promises of mobile entertainment, and it seems that the figures aren't adding up.

Location-based services is another avenue expected to bring in more revenue, but here the problems are very different. We've already talked about the impact location-based services may have on personal privacy, but the latest developments got us thinking about another demographic group who might be affected: children. We're coming into a world where paranoia about the welfare of children is reaching endemic proportions, so in this month's issue, we take a look at the rights of the children to protect their location. I know my childhood would have been awfully different if my parents knew where I was all the time, and it seems that the next generation might be living that.

So one year ends very much as it began, with concerns about security and personal privacy foremost in industry minds, though this should not be taken to mean that there has been no progress in the last 12 months. These issues will not go away, and as wireless technologies find their way into new areas of our lives it's important we talk about them and work out the kind of world we want to live in for the next 12 months and beyond.

More Stories By Bill Ray

Bill Ray, former editor-in-chief (and continuing distinguished contributor to) Wireless Business & Technology magazine, has been developing wireless applications for over 20 ears on just about every platform available. Heavily involved in Java since its release, he developed some of the first cryptography applications for Java and was a founder of JCP Computer Services, a company later sold to Sun Microsystems. At Swisscom he was responsible for the first Java-capable DTV set-top box, and currently holds the position of head of Enabling Software at 02, a UK network operator.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...