NEWS: iPhone anti-malware stuck in state of denial. Not needed, says Apple. Won't run, say developers.
in [Wireless Internet]
|
Prev: Setting a different IP address for each access point
Next: NEWS: iPhone anti-malware stuck in state of denial. Not needed,says Apple. Won't run, say developers.
From: nospam on 3 Dec 2009 17:42 In article <oUURm.59233$%j4.29101(a)newsfe18.iad>, Todd Allcock <elecconnec(a)AnoOspamL.com> wrote: > The biggest (non jailbroken) iPhone security threat seems to be, at least to > me, a rogue application, like a game, that has personal data-stealing code > built in that is disguised well enough to sneak by Apple's approval process > and can lift user data an send it back to a server somewhere, but that > possibility seems pretty remote to me, and probably wouldn't last long in > the wild before someone figured it out, allowing Apple to finally test out > the app "retrieval" process and wipe it from all iPhones OTA. it's happened already. there was some app, i forget which one, where it uploaded the user's phone number and the company then called the user to upsell them. not only is that not cool, but getting their phone number required a non-public call so even if they never called anyone, it broke the rules. once the news broke, it was pulled from the store, but existing copies remained. as far as i know, apple has never activated the kill switch.
From: Todd Allcock on 3 Dec 2009 19:07 "nospam" <nospam(a)nospam.invalid> wrote in message news:031220091742011033%nospam(a)nospam.invalid... > In article <oUURm.59233$%j4.29101(a)newsfe18.iad>, Todd Allcock > <elecconnec(a)AnoOspamL.com> wrote: > >> The biggest (non jailbroken) iPhone security threat seems to be, at least >> to >> me, a rogue application, like a game, that has personal data-stealing >> code >> built in that is disguised well enough to sneak by Apple's approval >> process >> and can lift user data an send it back to a server somewhere, but that >> possibility seems pretty remote to me, and probably wouldn't last long in >> the wild before someone figured it out, allowing Apple to finally test >> out >> the app "retrieval" process and wipe it from all iPhones OTA. > > it's happened already. there was some app, i forget which one, where it > uploaded the user's phone number and the company then called the user > to upsell them. not only is that not cool, but getting their phone > number required a non-public call so even if they never called anyone, > it broke the rules. That's "amateur hour" data mining though. Using legal calls, one could pop all Contacts data, and probably get the text of all the notepad files, which, if the user was dumb enough, might contain all manner of financial data (credit card numbers, checking account numbers, etc. that users might want to keep "handy.") Even so, as threats go, this is still pretty minor stuff compared to hacking someone's computer, so where's the payoff to justify the investment in time and resources? > once the news broke, it was pulled from the store, but existing copies > remained. as far as i know, apple has never activated the kill switch. I suspect Apple will reservethe kill switch for a major FUBAR situation. The Cold War taught us that most of the power of The Bomb is in the threat of using it.
From: Todd Allcock on 3 Dec 2009 19:28 "Larry" <noone(a)home.com> wrote in message news:Xns9CD6AD62E5B0Cnoonehomecom(a)74.209.131.13... > "Todd Allcock" <elecconnec(a)AnoOspamL.com> wrote in news:hpRRm.34593 > $Sw5.2840(a)newsfe16.iad: > >> you can't download anything from a web page > > This is true. So, why are iPhones so much "load" on the ATT system? What > is Apple doing that sucks up so much data on a WAP phone? Nothing. The harsh reality simply was, as you've said many times, the business model is predicated on selling the same (largely unused) bandwidth over and over. What floored me was the "average data" figures one of the analyst firms put out a few months ago (Gartner maybe?) that said the average iPhone uses 400MB/month, and other smartphones average 80MB. That seems to tell us, in congested areas at least, all it takes to bring a cellular network to its knees is for a significant number of users to have the audacity to use a dozen or so MBs of data per day out of their "unlimited" internet. It's the guys like you, pulling 25GB/month that are the problem (and I don't blame the guys like you- if they sell the service as unlimited, you should be able to use what you want. They need to reign in the marketing folks or enforce limits. The cellcos want their cake and eat it too. They want to market the service as "unlimited" then don't want anyone to actually use it!) At CTIA AT&T's CEO said 3% of AT&T smartphone customers use 40% of the smartphone data.
From: nospam on 3 Dec 2009 19:28 In article <jpYRm.73926$W77.4785(a)newsfe11.iad>, Todd Allcock <elecconnec(a)AnoOspamL.com> wrote: > > it's happened already. there was some app, i forget which one, where it > > uploaded the user's phone number and the company then called the user > > to upsell them. not only is that not cool, but getting their phone > > number required a non-public call so even if they never called anyone, > > it broke the rules. > > That's "amateur hour" data mining though. it's actually a bit more than amateur. getting the phone number is a little tricky, but not impossible. > Using legal calls, one could pop > all Contacts data, and probably get the text of all the notepad files, > which, if the user was dumb enough, might contain all manner of financial > data (credit card numbers, checking account numbers, etc. that users might > want to keep "handy.") Even so, as threats go, this is still pretty minor > stuff compared to hacking someone's computer, so where's the payoff to > justify the investment in time and resources? other than the address book, there's no direct access to any of that. there was some game a year or so ago that used the address book to find other players nearby, and apple didn't like that one either. i don't remember the exact details, but i think in that case it had more to do with not telling anyone that it was combing through their address book, rather than just simply accessing it. > > once the news broke, it was pulled from the store, but existing copies > > remained. as far as i know, apple has never activated the kill switch. > > I suspect Apple will reservethe kill switch for a major FUBAR situation. > The Cold War taught us that most of the power of The Bomb is in the threat > of using it. they said it's for a last ditch effort. so far, anything that breaks the rules gets pulled from the store and not eradicated. if you were lucky enough to buy it before they pulled it, you can keep using it and that includes the tethering app which violates the term of service for at&t (and probably other carriers).
From: Larry on 3 Dec 2009 19:43
nospam <nospam(a)nospam.invalid> wrote in news:031220091741570819%nospam(a)nospam.invalid: > In article <Xns9CD6AD62E5B0Cnoonehomecom(a)74.209.131.13>, Larry > <noone(a)home.com> wrote: > >> > you can't download anything from a web page >> >> This is true. So, why are iPhones so much "load" on the ATT system? >> What is Apple doing that sucks up so much data on a WAP phone? > > it's not a wap phone, not by a long shot. What I meant was, what does a phone that doesn't play Flash, Real, Windows Media, etc., and can't "download anything from a webpage" need with all the bandwidth the reports say they are using from ATT? I've seen its Safari and it's a pretty simple browser, both in form and function. I think it does normal frames. It looked like it did the hour that I played with it connected to my Cricket broadband through my Cradlepoint mobile router's wifi LAN. I got annoyed with the narrow width of it not rendering a normal webpage's width. It never looked like it was too busy just downloading the pictures it would render, leaving blank the codecs it doesn't support, especially Flash widely used all over by content and spammers. I just wonder what it's doing with all that data transfers loading up ATT so much....??? Is Apple collecting data from its proprietary nonsense? Are they using where you go and what you do for market research, snooping as you browse? That would seem kinda stupid if someone found out, but it's happened before, many times in many companies. Very few of the apps I've seen on them are very demanding of system bandwidth. Without removable storage, what would be the point of stuffing it with data? Its owner (a new 3GS phone) did take advantage of the opportunity to download quite a few apps from the app store over my free link he said was much faster than ATT, though I'm not really impressed with Cricket's bandwidth, being a mediocre EVDO-A system. I don't like to call any of them "broadband" until more data comes down than you can get on a T1 at 1.5Mbps. The app store didn't seem to use a bunch of data as I could see the lights blinking away on the Cricket A600 aircard over on the router. What's it doing with all that downloading/uploading that's loading ATT?? |