Get that iPhone off my Network!

No, this isn’t a rant asking AT&T to do something about the 3G iPhone users clogging up my data pipes. No, not at all. This is actually a tip from Jason Langridge’s Blog tell those IT managers how to block iPhone users from using their corporate Microsoft Exchange Servers.

I’ve had a number of customers asking how they can block certain devices from connecting to Exchange.  This has arisen primarily around many IT departments being uncomfortable with people using an iPhone to connect to their corporate Exchange environment due to security concerns over the iPhone platform.

Now if you are using ISA as your firewall then you can block an iPhone (or other devices by inspecting the HTTP header)

To do this right click on the Activesync rule, choose Configure HTTP and then do the following

Thanks Jason Langridge’s

Know your enemy

This comment was left recently at my blog  in a post where I was talking about a video showing a laptop thief in plain action:

its actually quite simple go to best buy when its busy, ask for something compact like me i asked for a mac book air, i shoped for a bit hid it under my coat mind you it was winter at the time, so i was not standing out like a sore thumb, picked something out got to the register paid for it, i walked out the alarm went off, and said oops and showed the guy my reciept with my bag and cd i bought, and walked out, went home played around with my new mac book air for a few weeks, and then sold it on ebay now $1,800 richer :D number 1 way to get away with it stay calm, the goon squad at best buy cant touch you or intercept you, all they can do is call the cops but if you notice a lot of store drones looking at you thats a good hint to GTFU and scan your suroundings for signs of the MAN on your tail.

I’m not saying that whoever wrote this is for real a thief but judging by the spelling this could be the case. The main reason I’m posting it now in the main page is to show our readers how these guys work. Every store should train employees in the same way Casinos do. A simple one hour training showing all these little tricks could save them thousands of dollars. Sometimes a video surveillance system is not enough.

ULTRA MOBILE PC TIPS: How to steal a laptop

Tracking your stolen UMPC

Every year thousands of Laptops are stolen or lost in USA along and you could become part of these statistics. Are you prepared if this happens? What can you do? Should you pay hundreds for a tracking software? What if I tell you that you can track the location of your UMPC without paying a penny. And that’s exactly what Adeona is promising.

Adeona is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service. This means that you can install Adeona on your laptop and go — there’s no need to rely on a single third party. What’s more, Adeona addresses a critical privacy goal different from existing commercial offerings. It is privacy-preserving. This means that no one besides the owner (or an agent of the owner’s choosing) can use Adeona to track a laptop. Unlike other systems, users of Adeona can rest assured that no one can abuse the system in order to track where they use their laptop.

I have been testing this program in my P1610 and it’s amazing to see how I can recover the IP address and ISP  used to connect to Internet. Knowing the IP you can contact the Police and they can demand from the Internet Service Provider (ISP) the information about who is using or used that IP. That simple.

Adeona is a "Must Have" in any mobile device.

Window Vista Parental Controls Are Awesome

I posted a little slice of praise for these parental controls on my personal blog. In the 1st couple hours, I got a comment and two emails asking for more info. Wow, I didn’t realize there was that much interest in the subject. Anyhow, I decided to share this on Mobilitysite although it’s kind of off topic.

I have blocked internet use for my kids for a long time, but now it’s getting to the point where I need to let my 14 year old daughter get online to do some things. I am not going to allow her the run of the net like many have at that age, but I am going to unlock the information superhighway a little…

Anyhow, if you haven’t messed around with the Parental Controls in Vista, DO SO NOW. They are really nice.

This is nothing new, but today was the 1st time that I took the time to setup these controls and I am really in awe at the power. I used to own a license to an after market program that was quite costly and not as nice.  Read on for screenshots of the setup controls…

[Read more]

Turn your phone into an Authentication token!

I was turned onto this Authentication Solution, and I have to admit that the possibilities for this type of a solution seem to be quite high!

Here’s how it works:

You download and install a client applet on your device, and this client interacts with their server software installed on your VPN Authentication server.   Instead of answering a network challenge by providing your PIN and PASSCODE displayed on your SecurID token, this service will call your cell-phone and then you enter a code into your phone.

Some advertised benefits

Works with any VPN, enterprise application, or website

Eliminates the need for tokens

Works with any phone anywhere

Easy to setup, manage, and use

 

Pretty cool, huh?   For more details, check out their homepage…

Two Must Have Utilities for your Desktop

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it’s fast (normally taking less than a second to run) and contains NO Spyware or Adware! :)  Get it here.  When I use it, it frees up hundreds of MB of space.  It’s a must-have.

The PC Decrapifier will uninstall many of the common trialware and annoyances found on many of the PCs from big name OEMs. Below is the current list of software and items that the PC Decrapifier can detect and remove. You get to see the list of items it detects and then choose what will be removed automatically.  Get it here.  Free for noncommercial use.

 

How about a bonus utility?  Check this freeware out:

Revo Uninstaller does what the built-in Windows Add/Remove programs cannot do; it completely removes programs including registry keys, files and folders, and any trace the program leaves behind.  I highly recommend it for removing AOL.  Get it here.

Scary iPhone Hack

I have to guess that Apple will be looking into this one…

Pretty Scary, huh? In Apple’s defense, all the operating systems have vulnerabilities too.

Source: Gizmodo

Update : Engadget Responds to this… Continue reading Debunk: Yes, Virginia, the iPhone libtiff exploit can also be used for mischief

Is "My space" safe?

There are few places is the cyberspace that I do not visit. One of them is “My Space”. In my case the main reason is that hate pages with loud songs playing in the background, that and the poor web design in My Space Webpages of the majority of the people with pages there, and that includes my own daughter page. Now on top of what I just said, I have found another reason why I should keep things in the way they are and stay away from that “zoo park”. Here is a report posted recently in the Exploit Prevention Lab blog.

Now, we keep finding MySpace pages that have had some sort of image-background link injected, that are reaching out to a different site in China that is both throwing exploits and using social engineering to install rootkits and (probably) dns-changers.

 

When I was watching this report it reminded me when a few years ago I had to clean my daughter’s laptop from about two different virus infections and when I was asking her what pages she was visiting to get that kind of infection her answer was very simple, she was visiting Britney Spears’ web site which according to my daughter, who was 14 at that time, was a “safe” website.

When a Virus comes a calling

Like most of us, I do not run an antivirus on my PPC. The time will come however when this will become a problem, especially with the increasing converged device market and adoption of mobile devices in the corporate market.  Stealing the address book of your teenage daughter is one thing, but stealing the password hash (or keylogger) from a corporate device is another.

According to Symantec, viruses spread on cell phones in a variety of ways: Internet downloads, MMS (multimedia messaging service) attachments, and Bluetooth transfers to name a few. They’ll often show up as game downloads, updates to your phone’s system, ringtones, or alerts. McAfee Avert Labs has identified about 450 different variants of mobile threats, and that’s not including phishing attacks and spam. According to McAfee research, 83 percent of worldwide carriers have had security incidents in 2007.

What do these viruses do? Reports are trickling in: A Seattle family was watched, monitored, and threatened because of spyware on their cell phone. A man’s cell phone content was wiped clean after he downloaded a virus-infested ringtone. Crashes, unstable or slower-than-usual performance, quick battery consumption, incorrect or skyrocketing mobile phone bills, a dramatic increase in messaging charges-any of these could be a virus.

One of the original cell phone viruses (2004) was transmitted through a Bluetooth connection. Like your PC, some phone viruses are just annoying-a pop-up or a silly joke. Others are a bit more insidious, like the one that resets your phone monthly.

But the latest and most sophisticated crop are what’s called “pranking for profit.” This can involve things like redirecting your calls to a different carrier in a different country, racking up a hefty phone bill. Or sending an MMS message to everyone in your contact directory, leaving you with enormous extra charges. Or “vishing,” when you’ll get a voice call that asks for information, faking it by posing as a legitimate business. A downloaded application may send information about your phone account to hackers. Snoopware (which is spyware on steroids) might capture your keypad clicks

Link: http://tech.yahoo.com/blogs/raskin/14640

Products: http://shop.symantecstore.com/DRHM/servlet/ControllerServlet?Action=DisplayProductSearchResultsPage&SiteID=symnahho&categoryID=2219900&Locale=en_US&ThemeID=106300&keywords=wireless&PC1.x=0&PC1.y=0&pgm=12821000

http://www.mobilefan.net/Pocket-PC.nsf/Download-Free-Software/Anti-Virus

http://www.airscanner.com/

http://f-secure-mobile-anti-virus.en.softonic.com/pocket

http://www.bullguard.com/why/bullguard-mobile-antivirus.aspx

Trend Micro Announces All-in-One Enterprise Security for Mobile Devices

Trend Micro Mobile Security 5.0 protects enterprise data on mobile devices from loss or theft. Newly-added data encryption and authentication, along with firewall, intrusion detection and malware protection are all managed by a single console.

Trend Micro Incorporated, a leader in network antivirus and content security software and services, today announced the latest version of its mobile device security solution, available to the market in December 2007. The release of Trend Micro Mobile Security (TMMS) 5.0, girded with data encryption and authentication, mitigates mobile security challenges such as security breaches and data leakage while allowing enterprise administrators to manage security for handheld devices from a single console.

Mobile devices have become small, powerful computers with large data storage capacities and growing network bandwidth. A remote and mobile workforce utilizing mobile applications on their handhelds are at risk for losing confidential and sensitive information critical to their companies. Mobile applications such as push email, customer relationship management, and field service automation boost convenience and productivity, but make data vulnerable. Enterprises need to ensure that both data and mobile devices are secure and protected.

TMMS 5.0 features new data encryption and authentication capabilities: If a mobile device is lost or stolen, the business-critical data contained in it is encrypted unless it is unlocked with a password. Data on devices that do not comply with policies can be wiped out by administrators. The anti-malware features block viruses, worms, Trojans and SMS text message spam. Built-in firewall and Intrusion Detection System (IDS) protects against hackers, intrusions and denial-of-service attacks — all potential threats to mobile devices.

“Businesses are dispatching workers outside the corporate structure, and are moving them through a variety of wireless networks. Workers are going through airports, hotels, restaurants, and homes to do their jobs,” said Thomas Miller, global vice president and general manager of the Enterprise Business Unit. “Mobile devices that contain confidential data are not only at risk for viruses, worms, Trojans and spam, they’re also at risk for theft or accidental loss. Trend Micro Mobile Security 5.0 provides total mobile protection through a single, compact application.”

TMMS 5.0 uses the OfficeScan(TM) Client/Server Edition (OSCE) 8.0 console which also manages medium business and enterprise PC and server security. By installing TMMS 5.0 onto their OSCE 8.0 console, existing customers use a single console to manage mobile devices, desktop PCs and enterprise servers. Customers not presently using OSCE 8.0 receive an OSCE 8.0 console license with their TMMS 5.0 purchase.

Trend Micro Mobile Security 5.0 supports multiple leading platforms such as Windows Mobile(TM) 5.0 (Smartphone.) Windows Mobile 6.0 (Standard Edition); Windows Mobile 5.0 (PocketPC.) Windows Mobile 6.0 (Classic and Professional); and Symbian S60/3rd Edition (Nokia E-Series.)

Trend Micro Mobile Security 5.0 Standard includes antivirus, firewall,
Intrusion Detection System, and centralized management. Trend Micro Mobile Security 5.0 Advanced adds encryption and authentication. TMMS 5.0 starts at $US35 per device while TMMS 5.0 Advanced starts at $70 per device with standard volume discounts applying. TMMS 5.0 Standard and Advanced for Windows Mobile(TM) 5.0/6.0, and TMMS 5.0 for Symbian/S60 3rd Edition (Nokia E-Series) will be available in mid-December 2007. TMMS 5.0 Advanced for Symbian/S60 3rd Edition, which includes encryption and authentication, is planned to be available in the first half of 2008.

Source: Trend Micro press release

Quit Jammin’ Me

In the words of the bard Tom Petty;

You’re jammin’ me, You’re jammin’ me
Quit jammin’ me

SAN FRANCISCO, Nov. 2 - One afternoon in early September, an architect boarded his commuter train and became a cellphone vigilante. He sat down next to a 20-something woman who he said was “blabbing away” into her phone.

“She was using the word ‘like’ all the time. She sounded like a Valley Girl,” said the architect, Andrew, who declined to give his last name because what he did next was illegal.

Andrew reached into his shirt pocket and pushed a button on a black device the size of a cigarette pack. It sent out a powerful radio signal that cut off the chatterer’s cellphone transmission - and any others in a 30-foot radius.

“She kept talking into her phone for about 30 seconds before she realized there was no one listening on the other end,” he said. His reaction when he first discovered he could wield such power? “Oh, holy moly! Deliverance.”

The eternal conflict has risen again… the inconsiderate vs. the overly annoyed.  The idea of cell phone jamming isn’t new, but is illegal, regardless of how appropriate it might be in some cases.

 

Link: http://www.nytimes.com/2007/11/04/technology/04jammer.html?ei=5065&en=5e5485ab1f2c0aeb&ex=1194753600&partner=MYWAY&pagewanted=print

Is Your Computer Possessed?

Does It Seem Like Your Hard Drive’s Haunted? Reclaim Your Computer from Zombies, Botnets, Viruses and other Malware!

CYBERDEFENDER WILL EXORCIZE YOUR COMPUTER DEMONS WITH FREE TECH SUPPORT THIS HALLOWEEN

October 31^st is known for the ghosts and goblins of All Hallows Eve, but this Halloween is different as security software developer CyberDefender Corporation (www.cyberdefender.com) and leading tech support provider Quatrro are partnering to remove the zombies, spyware, botnets, adware and viruses that may have taken over your computers.

On Wednesday, October 31, 2007 any computer user can contact CyberDefender at (877) 377-3765 for free comprehensive technical support for their home or office computers. CyberDefender’s world-class technical resolution and support services are is available 24 hours-a-day, 7 days-a-week.

“Computer users are constantly under attack from industrious viruses, spyware and other threats,” said Alan Wallace, senior vice president, CyberDefender Corporation. “This is why we are so deeply committed to being a solid frontline defense against such threats.

“We do our best to ensure that our customers achieve worry free computing. We firmly believe that real protection means standing by your product and providing additional safeguards should something penetrate virus defenses as well offering support for our competitor’s security solutions,” added Wallace.

CyberDefender’s recently released Complete and Ultimate security suites, already include free phone and remote support for a full year, in addition to providing hassle-free support for competitors security solutions. 

“This free day of tech support is designed to demonstrate to all computer users that world-class, hassle-free tech support is a reality one that users of CyberDefender’s new security suites are already familiar with 24/7/365,” Wallace concluded.

CyberDefender’s support program is powered by Quatrro.

Quatrro BPO Solutions Pvt. Ltd. http://www.quatrro.com

CyberDefender Corporation www.CyberDefender.com

"Flight Mode" Does it really mean anything

Technology and convergence and ‘un-hip’ people clash.  Everyone wants to be a lawyer and few know what the laws are. Then you find there are few laws and wide interpretation and a person may actually be guilty because of (mis)interpretation

A flight attendant for ATA Airlines recently asked a flier watching a movie midflight on the way to Hawaii to shut off his iPhone, not for the perfectly reasonable reason that the man was watching the inane Jennifer-Love Hewitt vehicle I Know What You Did Last Summer, but because you’re not allowed to use cell phones inflight. Casey, the iPhone user, told Consumerist that he tried several times to explain to the flight attendant that the iPhone was in “airplane mode,” with all the radios disabled. But the flight attendants did not accept that explanation, and continued to insist that FAA regulations prohibit talking on cell phones when the cabin door is closed, despite the fact that Casey wasn’t actually talking and the fact they were over the middle of the Pacific Ocean.

Link: http://www.news.com/8301-13579_3-9796512-37.html

"Flight Mode" Does it really mean anything

Technology and convergence and ‘un-hip’ people clash.  Everyone wants to be a lawyer and few know what the laws are. Then you find there are few laws and wide interpretation and a person may actually be guilty because of (mis)interpretation

A flight attendant for ATA Airlines recently asked a flier watching a movie midflight on the way to Hawaii to shut off his iPhone, not for the perfectly reasonable reason that the man was watching the inane Jennifer-Love Hewitt vehicle I Know What You Did Last Summer, but because you’re not allowed to use cell phones inflight. Casey, the iPhone user, told Consumerist that he tried several times to explain to the flight attendant that the iPhone was in “airplane mode,” with all the radios disabled. But the flight attendants did not accept that explanation, and continued to insist that FAA regulations prohibit talking on cell phones when the cabin door is closed, despite the fact that Casey wasn’t actually talking and the fact they were over the middle of the Pacific Ocean.

Link: http://www.news.com/8301-13579_3-9796512-37.html

Cars That Fight Thieves

While this isn’t exactly “Mobilitysite” fodder, this is the integration of technology that will usher in new levels of convenience and security.

Say some clown steals your car from the parking lot while you are hard at work.
If it’s equipped with General Motors’ OnStar service, he could be in for a big surprise and you could get a little revenge - and even see your car again.

Starting with about 20 models for 2009, the service will be able to slowly halt a car that is reported stolen, and the radio may even speak up and tell the thief to pull over because police are watching.

OnStar already finds 700 to 800 cars per month using the global positioning system. With the new technology, which OnStar President Chet Huber said GM will apply to the rest of its lineup in future years, OnStar would call police and tell them a stolen car’s whereabouts.

Then, if officers see the car in motion and judge it can be stopped safely, they can tell OnStar operators, who will send the car a signal via cell phone to slow it to a halt.

The integration of GPS, Cellular technology, remote computing, and some form of carputer will work to make car theft a minimal occurrence.. or at least make it harder to get away with it.

The eventual evolution of this technology in my opinion could lead to the recording of the conversation in the cabin, data logging of the vehicle’s position, electronic lock out the next time the car stops at an intersection, even other “deterrents”… something about 160 decibels and strobe lights would make it very difficult to concentrate as well as making the vehicle stand out

It would even be very convenient if the car via OnStar could “bluejack” any cell phones that might be in the car at the time… I’d imagine that most people have a “Home” entry in their cell phones, even car thieves.

 

Link: http://www.cbsnews.com/stories/2007/10/09/tech/main3346016.shtml?source=mostpop_story