The question that many have had on their minds is if mobile devices will become a source of DDoS attacks. Whether mobile phones will be used as zombies is currently under speculation by many researchers, who say “It may be imminent.”
It can be figured due to the amount of trojans found on Android devices, how iOS devices got attacked, and Windows Phone being vulnerable. Trojans are masks that cover an legitimate looking program. Basically, a program appears to be legitimate, but has hidden features to do something different. Most of the time, either the trojan will steal data and mine some cash, or use your computer as a zombie (using your resources such as CPU, RAM, etc.) to launch a DDoS attack.
A distributed denial of service is used to cause a server to take too many requests that it cannot handle. This is usually done by blackhat hackers or cybercriminals to either protest a specific ideal, or just for fun.
A highly used DDoS tool by Anonymous called “Low Orbit Ion Cannon” (LOIC) was recently redesigned for use on the Android platform. The porting over to Android from the Desktop app took no programming skills. In fact, it’s easy to use old tools and port them over to Android.
With device manufacturers slowly releasing updates to device operating system, firmware, etc. – this leaves an open hole for exploit/cyberattack. Android is particularly vulnerable because of the ability to use ‘unknown source’ apps, or apps outside of the Google Play store.
Although, if it is thought out, it would take thousands of devices to be able to have the power to construct a DDoS attack. However, this would make it a lot simpler for a pre-constructed attack, that can come from many countries – thus making it hard to trace the origin of the attack(s).
It is sure that as carriers and app developers are distributing e-wallet apps, the ability to rob personal data, credit card, etc. will increase. Heads up!
iOS 6.0.1 was released recently, fixing a slew of issues in the mobile operating system, here’s the overview:
- Fixes a bug that prevents iPhone 5 from installing software updates wirelessly over the air
- Fixes a bug where horizontal lines may be displayed across the keyboard
- Fixes an issue that could cause camera flash to not go off
- Improves reliability of iPhone 5 and iPod Touch (5th generation) when connected to encrypted WPA2 Wi-Fi networks
- Resolves an issue that prevents iPhone from using the cellular network in some instances
- Consolidated the Use Cellular Data switch for iTunes Match
- Fixes a Passcode Lock bug that sometimes allowed access to Passbook pass details from lock screen
- Fixes a bug affecting Exchange meetings
This update is highly recommended, especially because the Passbook issue being fixed. It also includes an update tool, which automatically prepares the iPhone/tablet OS for future updates.
As you upgrade to the iPhone 5, please keep in mind some principles, both personal and business.
- If your iPhone will be handed down to a child, make sure ALL critical data is removed from there. This includes all business data, personal details, etc. It is highly critical to maintain your business and personal identity.
- As new devices are created, new threats are created as well. These security threats need to be identified and taken care of. Just because it is a new iPhone does not mean it’s immune from security threats. Security is a losing battle, because hackers are always trying to stay one-step ahead of programmers/developers. While developers are working around the clock trying to prepare these new capable hardware/software, hackers are doing the same working against them.
- The iPhone 5 is set to accelerate BYOD, which means better available options to network administrators. Things like data copying, wiping operations (erasing loads of data), etc.
- The iOS 6’s Passbook feature can store financial information for securing digital transactions. If you’re comfortable storing that information go ahead, otherwise just keep it off.
- Emails, texts, and calendar appointments can be modified by the Siri app, without requiring the administrator to log in to the device.
- If Apple succeeds in the acquisition of AuthenTec, it allows for a fingerprint identification security system for the device, making it more secure physically. But this technology is pending at the moment.
- Apple calls the iPhone 5 “The thinnest, lightest, fastest iPhone ever”, but they mention nothing about security do they?
If this has helped you personally or your business in any way, please consider making a donation to help further the seCURE Connexion project.
BYOD is the technology philosphy and business/education policy of bringing your own device (mobile) or technology (shortened BYOT for laptops, iPads, etc.), and using it while at work or school. Therefore, the use in education can be very beneficial as well as troublesome. Of course, monitored by teachers, it can prove those benefits.
In the past, schools provide the technology that the students would need, but as economic troubles emerge and technology is more pricey, it is better established for a student to BYOD. Basically, the schools are asking the parents of these students (except for college-age students) to purchase the devices so the student can use the technology at school.
These are some of the reasons for the set list below of advantages and disadvantages of BYOD in education, and how you can decide what’s best.
(Awesome guide by Cisco [PDF]: http://www.cisco.com/web/strategy/docs/education/46096_byod_ed_aag.pdf )
- Frees up tons of expenditure in educational costs.
- Provides a big teaching arsenal for teachers, allowing students to view e-textbooks, videos, educational apps, online research, digital learning apps, etc. This type of provision allows reinforced ideas and teachings, and blends the learning. Thus, it has been named as Blended Learning.
- Less confusion, since the student can use the device at school or at home. This will provide a major way for students to understand the apps much better, make better use of projects (and actually accomplish a good grade), and make learning more fun.
- Filtering software becoming available (which would be armed on wireless networks and have an acceptable-use-policy in place) to break some disadvantages, which are listed next.
- Makes learning more efficient. Students are more wired in to technology, so the efficiency of learning would be better for students of all types.
- Repair costs for educators? Phewey! Students/parents are responsible for repairs, no problem.
- Digitized classrooms, which brings back instant results in points systems and other apps. The teacher can have their own subscription to the service, while the students utilize their subscription. The students enter the answers or project data, and it can be automatically graded and sent to the teacher. Makes it easier for scoring, saves a lot of time grading, and boosts efficiency even more.
- Gamification, which brings educational games can be developed which correspond to the learning program and make it more fun for those student gamers talked about above.
- Ability to instantly send results from government checking units, which may see the quality of education through these digitized classrooms. This could provide the way for even better apps to be developed, more schools to take on the philosophy, and improvement of technology in the classroom.
- The biggest concern in doing the BYOD philosophy, is the inability to filter out inappropriate text, images, videos, etc. Teachers would still be required to check up on each student to make sure they’re staying on task. It is sure those sneaky students will still find a way around the fact the teacher checks on them.
- Ability to filter out gaming is a problem. Games are so easy to access and put away in smart phones and iPads, that it would be easy for students to play a game, see the teacher, react, and close the game before getting caught. The reaction time is so much easier than a PC/Mac (where a taskbar reveals current apps open).
- With students having access to the device at home and school, they can get used to the devices easier and learn better reaction times, just described above.
- Inappropriate digital material being brought to school. The major concern is focused on plagiarism, school cheating, etc. One example would include macros (which can automate math problems).
- Forgotten, lost, damaged, or stolen device. This is especially true for younger students. There could be problems of leaving it on the bus, dropping it in a puddle or water, leaving it on a desk, someone stealing it, etc. Also, the fact that confidential data could be at risk. This could provide a whole new level of privacy trouble and potential liability for schools, if gone out of hand.
- Some students live in poor or lower income/budgeted families that cannot afford such devices. There is hope that PTA organizations and such can provide financial assistance or a more generic low-cost device to help the student get the best learning possible. While many families are prepared for the general school fee, they’re not so prepared for this new philosophy of BYOD.
- Schools not prepared with the proper wireless equipment, filtering software, and other technologies such as software apps.
- Cuts the needs of extra teachers, teacher assistants, etc. Which could drop employment levels in education. But, of course, an assistant could qualify as helpful in monitoring the student’s habits on the device.
Overall, the advantages versus disadvantages are pretty standard, and hopefully, it can help educators decide if the use of it is okay for their systems of learning.
- 10 BYOD Classroom Experiments (and What We’ve Learned From Them So Far) (pattidudek.typepad.com)
- BYOD Brings The Ownership of Learning to Students (classroom-aid.com)
- Schools Implementing BYOD. Still Doubt The Cloud? (erplife.com)
- Mobile Learning: How Technology is Transforming Education Around the Globe (blogs.cisco.com)
- What Teachers Need to Know about BYOD ( Bring Your Own Device ) Trend in Education (teacherlingo.com)
- BYOD: Breaking the Traditional Mold in Education (blogs.cisco.com)
- BYOD could have insurance implications (premierlinedirect.co.uk)
- 10 Real-World BYOD Classrooms (And Whether It’s Worked Or Not) (edudemic.com)
When it comes to the Black Hat and other conferences soon, a lot of the discussion is going to be on mobile security. Ever since the rise of many mobile trojans on the Android Market, and the downfall of the Mac OS X – mobile security has been an issue among white hats, black hats, researchers, etc. One thing’s for sure: the market is growing for mobile malware.
Google’s new smart tool, Bouncer, the security watchdog for the Android Market (or Google Play), is a user of all the aggregate data on mobile threats. It is adopted to be an effective countermeasure in Android malware. However, may significant countermeasures be done, does not necessarily mean the ability to block all threats. Don’t limit the psychology of these situations… it’s all on the fact that security measures can and will be broken eventually. Therefore, Google must keep evolving their methods used in Bouncer to target more future attack vectors.
Many black hats have been discussing the possibility of targeting mobile security and other vulnerabilities for Bouncer and even doing other measures for breaking security on mobile devices and into the Market. One of the additional tests black hats are interested in doing is comparing the security of the Androis OS versus the iOS. The iOS is getting more updates to security holes/patches. But, what is the quality level between the patches? Should it be better to be the Google Android OS Team and release larger updates or updates in bulk, or be like the Apple iOS Team and release smaller, more manageable updates. It’s all speculation on the black hat scene.
Here are the upcoming black hat conferences:
Black Hat USA: Occurring now – July 21-26, 2012
DefCon: July 26-29, 2012