Windows Phone Thoughts - Daily News, Views, Rants and Raves

Be sure to register in our forums! Share your opinions, help others, and enter our contests.


Digital Home Thoughts

Loading feed...

Laptop Thoughts

Loading feed...

Android Thoughts

Loading feed...





All posts tagged "security"


Sunday, June 5, 2011

Using 2-step Verification and Application Specific Passwords to Protect Your Gmail Accounts

Posted by Nelson Ocampo in "Windows Phone Talk" @ 10:00 PM

http://www.wpcentral.com/applicatio...rts+(wpcentral)

"Security is always a cause for concern, whether it be with online banking or simply ordering a Domino's pizza. Passwords used online for applications or services are no different, especially with the amount of cyber crime occuring since the boom of the world wide web. Google have published an article on their blog outlining recent attacks being made on Gmail accounts and how users can protect themselves further."

While the video only mentions a few mobile OS's by name, you should also be able to use this on other OS's like Windows Phone. You just won't have the ability to use the Google Authenticator App at this time.


Wednesday, July 14, 2010

Windows Phone 7 to Feature Web Services & Remote Security

Posted by Jason Dunn in "Windows Phone News" @ 03:30 PM

http://windowsteamblog.com/windows_...b/windowsphone/

"The Web is a great companion to just about any computing experience these days and today we're talking a little more about some of the new services for Windows Phone 7 that tie the phone in your pocket up to the cloud. Through a push notification service that we've also extended to third party app developers, apps will be able to deliver real time updates. This way you know you're getting the latest info at a glance, either as banner-style alerts or straight to the personalized live tiles on your phone's Start screen. A feature we're discussing for the first time today is the new Windows Phone Live companion site that gives people a central place to see pictures they've published, view their Windows Live calendar and contacts, exchange OneNote files and access other information shared between the phone and the Web. The site will offer25GB of SkyDrive and host the Find My Phone service, which allows people to find and manage a missing phone with map, ring, lock and erase capabilities right from your PC - and all for free."

A strong Web-based component will be critical to the success of Windows Phone 7, and let's face it, given that Apple can't pull off a Web service to save their lives, this could be an important differentiator if done right. Much of this already exists today in the form of My Phone, but it looks like it's being integrated in a new way - which is great. Microsoft has some killer technologies across the company, but their biggest challenge is just getting them all in sync and working together in a unified, easy to use way.

Other confirmed news includes the fact that the first Windows Phone 7 devices will ship in English, French, German, Italian, and Spanish. I wonder if they'll finally have the ability to switch languages on the device? This has been a request I've seen come up time and time again, and the languages on the phone really depended on the phone - some European HTC phones supported multiple languages, some North American phones supported English and Spanish, and some phones supported only the language they shipped in. Microsoft has an opportunity to make some in-roads here with multi-linguals users...I hope they take this opportunity.

Mary-Jo Foley has some further details on this news.


Friday, May 28, 2010

Get Those iPhones Out Of Your Corporation!

Posted by Jon Westfall in "Windows Phone Competition" @ 06:30 AM

http://www.engadget.com/2010/05/27/...ven-when-using/

"Bernd and fellow security guru Jim Herbeck have discovered that plugging even a fully up-to-date, non-jailbroken iPhone 3GS into a computer running Ubuntu Lucid Lynx allows nearly full read access to the phone's storage -- even when it's locked. The belief is that they're just a buffer overflow away from full write access as well, which would surely open the door to making calls. Bernd believes the iPhone's lack of data encryption for content is a real problem, and also cites the inability to digitally sign e-mails as reasons why the iPhone is still not ready for prime time in the enterprise."

If you work in a highly regulated industry and think allowing your executives to use an iPhone instead of a Windows Mobile or RIM device is a fine idea, you may want to look at this article and others like it that point out that while an excellent device, the iPhone lacks basic security. Heck, iPhones blatantly lied to exchange servers for years about encryption capabilities, much to the chagrin of Exchange System Administrators. Apple succeeds at a lot of things, but iPhone security is not one of them!


Tuesday, August 25, 2009

Lock It Down with SureLock

Posted by Jon Westfall in "Pocket PC Software" @ 06:00 AM

http://www.42gears.com/index.html

" 42Gears has released SureLock Studio, a product aimed at enterprises using Windows Mobile devices. SureLock locks down Windows Mobile devices into kiosk mode and helps enterprises increase their mobile workforce productivity and reduce regular device maintenance. In recent times Windows Mobile has become quite popular among companies to deploy and run their business applications. Windows Mobile is a generic operating system and therefore provides opportunities to employees to use the device for entertainment and gaming purposes (browsers, audio players, games, phone etc) which results in wastage of crucial working hours. Besides, accidental corruption of device settings by employees can cause critical business applications to fail."

Want to suck the little bit of enjoyment your employees may have using a company issued device away from them (Namely solitaire)? Well then here's a product for you. Lock down that sucker so your automatons can work at peak potential, without bothersome free thought or expression...

OK, in all seriousness, I'm sure there are IT managers who pull their hair out with users who muck up devices with software they shouldn't be running, and somehow mess up things they should be, and even do spend way too much time indulging the solitaire addiction. And if you're one of them, SureLock looks like it may be a relief.


Wednesday, August 5, 2009

SMS Vulnerability For GSM Phones

Posted by Ed Hansberry in "Pocket PC News" @ 01:30 AM

http://arstechnica.com/apple/news/2...coming-soon.ars

"Demonstrations at the Black Hat computer security conference revealed that smartphones based on iPhone OS, Android, and Windows Mobile are indeed vulnerable to hacking via SMS messages. Those aren't the only phones that are vulnerable, though, and security experts are working with mobile carriers and handset vendors to patch the problem."

It looks like a general security breach in how almost all phones handle SMS. I'll be curious to see what patch is necessary and how far back Microsoft and their partners will go to fix the problem. My guess is, WinMo 5 devices won't get any on-device fix. We'll see. Because it involves the way SMS messages are crafted, it is possible the network could be modified to detect and trap the messages rather than allowing them to make it to your phone.

Tags: security, sms

Tuesday, May 12, 2009

Phoenix Freeze Bluetooth Authentication

Posted by Chris Gohlke in "Digital Home Hardware & Accessories" @ 03:00 AM

http://www.phoenixfreeze.com/

"Often the best ideas are the simplest. A laptop which locks itself as you walk away with your Blackberry® or iPhone™ and unlocks as you return. Cool, easy, secure! Just think of the benefits: One: More security - Freeze is designed to lock an XP or Vista based laptop when you walk away from it and unlock it when you return. All you need to activate the service is a Bluetooth® enabled mobile phone. Once you step out of the "zone of safety" your laptop is locked and your data is safe."

On the surface this looks pretty cool, I've seen versions of this idea using proprietary hardware, but letting it use a Bluetooth device you already have is a unique way to deal with it. Probably more than adequate for the home user, but without some further research, I'm not sure Bluetooth security is robust enough to make this the only form of authentication used on a corporate network. However, as part of a well-designed multi-factor authentication system, it certainly has potential. Notebooks.com has a video showing how this works.


Tuesday, January 6, 2009

Flexilis Security Suite For Windows Mobile

Posted by Ed Hansberry in "Pocket PC Software" @ 05:00 AM

http://beta.flexilis.com/

"We are a team of security researchers, software developers, and mobile technology fanatics who want to help make the mobile world a safe place to work and play. Our team is primarily comprised of very technical folks who want to take on the challenge of developing security solutions for the next generation of computing devices. Most importantly, we are the kind of people who love building great products that are as easy to use as they are advanced in how they keep you safe."

Flexilis is a new security suite that is designed to protect your data from malware, viruses, theft or loss. It is in beta right now. To find out more, or to sign up for the beta, head over to their site.

Tags: security

Thursday, July 31, 2008

vBulletin Vulnerability: Passwords Shuffled for Some Users

Posted by Jason Dunn in "Thoughts Media Status Updates" @ 12:51 PM

If you're trying to log into our forums and having trouble, here's why: there are some individuals going around and running scripts against vBulletin installs, specifically looking to hijack user accounts where the username and password are the same. These people then use these hijacked accounts to send our spam private messages and email messages (I've turned off the email function on our board). I was shocked to learn that we have 559 users who have done exactly that: chosen their password to match their user-name. Not only is this bad security, it leaves the door open for hacker-types to get into our board, pretending to be real users, and cause problems. To prevent this, what we've done is randomize the passwords for the 559 users who were impacted by this.

If you're one of these users, all you need to do is use the Lost Password Recovery Form to have the password sent to you - which you'll then want to reset the password to something else...something other than your user name of course. If you have any trouble with this process, please contact me and I'll manually reset your password. I apologize for any hassle this may cause, but this step was necessary to protect the security of all our users.


Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...