Slashdot Mirror

← Back to Stories (view on slashdot.org)

Making Carriers Shoulder Smartphone Security

Posted by timothy on from the wait-for-per-byte-malware-removal-fee dept.

alphadogg writes "Georgia Tech researchers have received a $450,000 NSF grant to boost security of iPhones, BlackBerries and other smartphones and the wireless networks on which they run. And it's those networks where the researchers are really zeroing in. The researchers are looking into ways wireless carriers such as AT&T and Verizon can detect malware on devices and clean up the devices before they do further damage. 'While a single user might realize that a phone is behaving differently, that person probably won't know why,' says Patrick Traynor, assistant professor at Georgia Tech’s School of Computer Science. 'But a cell phone provider may see a thousand devices behaving in the same way and have the ability to do something about it.' Georgia Tech is going to build out a cellular network test bed to try out its remote repair techniques."

8 of 57 comments (clear)

  1. Anyone else have a bad feeling about this? by rolfwind · · Score: 5, Insightful

    The researchers are looking into ways wireless carriers such as AT&T and Verizon can detect malware on devices and clean up the devices before they do further damage.

    Last time a company had access to the contents of a device (Amazon -> Kindle), they caused a really big uproar.

    1. Re:Anyone else have a bad feeling about this? by nine-times · · Score: 4, Insightful

      Yeah, it seems like it has to be a fine line. Like what gets defined as "malware"? Anything that uses more bandwidth than the carrier likes?

      It reminds me slightly of broadband providers blocking port 25 in order to prevent spam. I don't mind that as a concept, but if so they should be willing to open it on request without too much of a hassle. Charging an extra $15 a month to open it seems like they're not really trying to cut down on spam, but rather trying to milk their customers by charging for things that really should come free with access.

  2. signs your smartphone's been p0wned by girlintraining · · Score: 4, Funny

    Upon turning on your phone, it demands a cookie.

    Your phone tells you it needs antivirus installed.

    Hold music is replaced by a twisted AI that sings about cake and says it's okay if you want to leave (a message). ...

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:signs your smartphone's been p0wned by highbulp · · Score: 4, Funny

      Upon turning on your phone, it demands a cookie.

      And if you give your phone a cookie, it's going to ask for a glass of milk. One thing will lead to another, and soon it will want your social security number.

  3. Oh great by the_Bionic_lemming · · Score: 5, Interesting

    So they are going to deploy the ability to remotely update the users device. Because the bad guys will never figure out how the company does it. I can see it now. An entire carriers smart cell line bricked by a remote exploit that updates phones.

    --
    _ _ _ Go for the eyes Boo! GO FOR THE EYES!
  4. Re:Contract addendums by peragrin · · Score: 4, Funny

    you forgot all contacts entered into this phone are open to our marketing department. all photos taken can be used by the carrier for advertisements. all calls made will be recored to insure "quality" control

    --
    i thought once I was found, but it was only a dream.
  5. Bitpipe by BodeNGE · · Score: 5, Insightful
    Wireless Internet Providers are just that, ISP's. They should have the same level of monitoring and control of the sites I surf and the applications I run as a terrestrial ISP, ie NONE. I can see that they would welcome this move, it helps them disguise the fact that they have become dumb bitpipes and are losing money on value added services.

    In the corporate space however there are device management solutions available for Windows Mobile, Blackberry and Symbian that have seldom been rolled out at carrier level. These can lock down devices so that malware cannot be installed, and unauthorized applications removed. I cannot see that working as a consumer proposition, it really doesn't work well at the corporate level either. importantly these solutions are all at the IP layer (dumb bitpipe) and don't care how the device connects to the management server. ActiveSync, WiFi, cellular connection (and yes, via SMS too) will all trigger a wiped device or an app uninstall.

    Nothing to do with telcos. Move along.

  6. Why is the NSF? by joocemann · · Score: 4, Insightful

    Spending money to facilitate better service for these private businesses who have not only made billions from customers, but took billions of tax dollars and screwed us as citizens.

    NSF should not be paying a cent for this. The issues need to become prominent enough for the customers to demand better products from the oligopoly of telcos.