Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Technology security myths debunked

Bursting the security bubble

Article comments

Think you can hide behind the privacy of an "unlisted" cell phone number? Think again. Maybe you believe you don't need security software on a Mac or iPad. You'd swear that Firefox is the safest browser in town. Wrong on both counts.

Most of us don't think about security for our digital devices until something goes wrong, or it's time to renew an antivirus subscription. But what the security experts like to call the threat landscape changes all the time, and keeping up is hard to do. So we'll save you some time. Here are five current facts that you probably don't know about digital security, but should.

1. Your cell phone is not a juicy hacking target

Related Articles on Techworld

How's this for a loss of privacy: Your suspicious spouse's detective hacks into your voice mail, figures out who belongs to the private numbers you've been calling, tracks their whereabouts and then listens to their voice mail messages. That's a real possibility, according to two young security researchers who have found a way to exploit weaknesses in mobile telecom networks.

The researchers, Don Bailey, of iSec Partners, and independent security researcher Nick DePetrillo, presented a paper called "We Found Carmen San Diego," at the Source security conference last month.

The title of the talk was funny, but what the researchers found "scared us as well," Bailey, 31, said in an interview. "Anyone with some basic knowledge is capable of building the attack tool we developed." Let's hope Bailey was being a bit modest, but the threats he and DePetrillo, 27, found are being taken quite seriously by wireless providers, they said.

Bailey and DePetrillo are "white hats" with no interest in publicising detailed hacking techniques, but they did give me a glimpse into how they do what they do. With my permission, the researchers did a bit of searching on my personal information and found enough to convince me that they are for real.

First and foremost, they have learned how to enter the various caller ID databases, a collection of phone numbers matched to subscriber names by providers for use in caller ID service. Like you, I never suspected that wireless numbers are also entered in those databases. But a number of major wireless providers have begun doing so. The researchers won't say which companies have and which companies have not.

Caller ID information can be matched with other data culled from the global SS7 telecommunications network, including information from the Home Location Record database, and mobile switching centers.

The good news here: the providers are working hard to plug the holes found by Bailey and DePetrillo. However, some of the weaknesses that allow that type of hacking are based on the fundamental design of the cellular network, so the fix is not an easy one.

2. Virus writers ignore Apple Macs and iPads

The iPad has only been on the market for a month, but hackers have already found a way around its security features, at least for those using the tablet in tandem with a Windows PC.

According to the BitDefender, (an antivirus maker) "This particular threat comes in the form of an unsolicited email, promising to keep iPad software updated 'for best performance, newer performance, newer features and security.' Via a conveniently provided link, the email instructs iPad users to download the latest version of iTunes to their PCs. The download page to which users are directed is a perfect imitation of the one they would use for legitimate iTunes software downloads."

Once downloaded, the code opens a backdoor into the system and attempts to read the keys and serial numbers of the software installed on the affected computer, while also logging the passwords to the victim's ICQ, Messenger, POP3 mail accounts and protected storage.

This threat does not target Mac computers, but don't get smug, Apple fans. Macs are vulnerable to other threats. The main reason you hear less about attacks on Macs, is that hackers prefer to go for systems that have the widest possible distribution, and that means Windows. At this year's CanSecWest conference, security researcher Charlie Miller used a flaw in Safari to break into a MacBook in under 10 seconds.


Share:

More from Techworld

More relevant IT news

Comments

Jeffrey Zacher said: I read somewhere that Opera had the fewest holes left open That was about a year ago Dont know what it is like now but an average of a 1 day window for IE Fox and Opera is not a bad number

thisisabore said: The browser comparison is flawed Yes Firefox had more security holes but they were patched very fast IE may have less security holes but if they stay opened for a long time or even for ever the situation is in fact a lot worseBetter more short-lived holes than a few long-standing ones



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *