Cryptosmith

I recently migrated from my venerable Palm Treo 700 to a Blackberry Storm II. In between I had a brief fling with a Droid, but jettisoned it after about a day. There were two problems. First, it’s too much like having a laptop instead of a phone, IMHO. Second, I don’t like the security model.

When we talk about the “Droid security model” we’re really talking about the Android operating system and not about any particular phone. The exact phone I had isn’t as important as the mechanisms that are undoubtedly common to all Droids.

The basic problem is that it’s too vulnerable to malware like viruses, worms, or Trojan horses. This is a feature of its openness, but not a feature I personally crave on my cell phone. My phone serves a little as an electronic wallet, and I don’t want malware in there, even if it limits my choice of apps.

Continue Reading »

Posted under Household Tech & Security | No Comments »

Minnesota’s Senator Klobuchar has co-sponsored a bill to criminalize certain behavior by peer-to-peer file sharing programs.

The bill is supposed to require a sort of informed consent by computer owners whenever a P2P file sharing program arrives. Here’s what the bill wants to require:

• Ensures that P2P file sharing programs cannot be installed without providing clear notice and obtaining informed consent of the authorized computer user.

• Makes it unlawful to prevent the authorized user of a computer from:
1. Blocking the installation of a peer-to-peer file sharing program, and/or
2. Disabling or removing any peer-to-peer file sharing program.

Having taught several networking courses (not to mention having written my share of networking software), I’m not sure where they can draw the line. What constitutes ‘clear notice,’ and does that include such things as Windows and Apple file sharing? Do these OS vendors already comply with planned legislative requirements, or will they have to update their configuration software?

Does “Microsoft Genuine Advantage” violate the law if it won’t let the computer owner block its communication with the Mother Ship in Redmond? If so, how does Microsoft check for people using the same license on two or more computers?

Continue Reading »

Posted under Household Tech & Security | No Comments »

Cousin Jon sent me this Wired link: how to bypass iPhone’s 3GS encryption using jailbreaking tools. I haven’t paid serious attention to the iPhone (AT&T hasn’t had a strong signal in my town) but crypto bypass always gets my attention.

In fact, the weakness has nothing to do with protecting personal information on an iPhone. It’s all about third parties: Apple, the cell provider, and possibly an employer who provides/manages the iPhone.

If you’re not troubled by being limited to the iPhone Apps Store, then the threat’s relatively small, especially compared to desktop systems. Moreover, I doubt we’ll see real iPhone viruses as long as most people are happy with Apple’s app restrictions.

Continue Reading »

Posted under Household Tech & Security | No Comments »

I just bought a Dell laptop. I generally buy from vendors I know, and St. Thomas has been buying Dell systems for the past several years. I might have bought an Apple, but their lowest base price was $1,000. I knew I could do a little better. In any case, I wanted to run both Windows and Linux. Running OS-X would have been a plus (I’m addicted to Aperture) but not worth the extra dollars.

The hardware seems solid – an XPS 1330 – and it’s comfortably compact. It has thumbprint authentication that seems tolerably robust. The major size limiters, the RAM and hard drive, are easy to replace. So is the 802.11g network card. It came with “Windows Home Premium.” I’m astonished at the amount of Dell-branded software you have to trim back. And I’m appalled that the default search engine, “Live.com,” directs you away from OpenOffice.org when you go looking for it.

Continue Reading »

Posted under Household Tech & Security | No Comments »