TELECOM Digest OnLine - Sorted: Users Threaten Mobile Phone Security; Not Malware

Users Threaten Mobile Phone Security; Not Malware

Liam Tung, ZDNet (
Thu, 12 Jul 2007 23:30:32 -0500

By Liam Tung, ZDNet Australia

Users are the weakest link when it comes to protecting information
systems because of social engineering, which relies on the
manipulation of people rather than machines.

The same trickery is being used against mobile phone users--despite
attempts by companies such as Nokia to create relatively secure
operating systems such as the market leader, Symbian.

F-Secure security expert, Patrik Runald, said in an interview with
ZDNet Asia's sister site, ZDNet Australia, last week that the Symbian
operating system is "fairly secure".

"All the malware we've seen so far relies on the user installing it
themselves, bypassing three to four security warnings, so there hasn't
really been a flaw in the operating system," he said.

Runald admits some problems may be caused by unclear instructions on
the user-interface (UI) but, by and large, it is caused by users
ignoring warning signs.

Runald said that there have been a few cases where cyber criminals
have disguised files to make them look like an interesting shareware
or freeware, but mostly he blames user ignorance.

"They think it's about ringtones, games, wallpapers, videos; all good
and fun things but there are actually malicious things out there as
well," said Runald.

Threat from Bluetooth

Bluetooth users may find themselves asked the question "Would you like
to install this program now?" When they click "no", the question
persists. Often immediately until they choose the other option out of
frustration. "That's the reason why people get infected: because they
repeatedly click no and obviously 'no' doesn't work and so they
click 'yes' and they get infected," said Runald.

When faced with this, Runald advises users to "Just walk away".

"Bluetooth has a very limited range -- it's about 15 to 20
meters. Then go into your Bluetooth settings and disable Bluetooth
completely or make it hidden for all other devices," he added.

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Represto: "Removing SSH on PIX"
Go to Previous message: Spencer S. Hsu, Washingon Post: "No Phone Calls Allowed For Many Detainees"
TELECOM Digest: Home Page