There are three things that matter in consumer data collection: location, location, location.
E-ZPasses clock the routes we drive. Metro passes register the subway stations we enter. A.T.M.’s record where and when we get cash. Not to mention the credit and debit card transactions that map our trajectories in comprehensive detail — the stores, restaurants and gas stations we frequent; the hotels and health clubs we patronize.
Each of these represents a kind of knowing trade, a conscious consumer submission to surveillance for the sake of convenience.
But now legislators, regulators, advocacy groups and marketers are squaring off over newer technology: smartphones and mobile apps that can continuously record and share people’s precise movements. At issue is whether consumers are unwittingly acquiescing to pervasive tracking just for the sake of having mobile amenities like calendar, game or weather apps.
New cyberthreats that will emerge in 2014 include the use of Internet-connected devices to carry out physical crimes, including murders, and cybercriminals leveraging mobile-device Near Field Communications (NFC) to wreak havoc with banking and e-commerce, predictsIID (Internet Identity, a provider of technology and services that help organizations secure their Internet presence,
With nearly every device, from healthcare to transportation, being controlled or communicated with in some way via the Internet, IID predicts that criminals will leverage this to carry out murders.
Examples include a pacemaker that can be tuned remotely, an Internet-connected car that can have its control systems altered, or an IV drip that can be shut off with a click of a mouse.
“With so many devices being Internet connected, it makes murdering people remotely relatively simple, at least from a technical perspective. That’s horrifying,” said IID president and CTO Rod Rasmussen. “Killings can be carried out with a significantly lower chance of getting caught, much less convicted, and if human history shows us anything, if you can find a new way to kill, it will be eventually be used.”
NFC dangers
By 2014, Juniper Research predicts, almost 300 million (one in five) smartphones worldwide will be NFC-enabled, and Global NFC transactions will total almost $50 billion. NFC is a set of smartphone standards that enables everything from payments to unlocking of hotel room doors to automatic peer-to-peer information exchange between two devices placed closely together. IID predicts that while the underlying technology in NFC is secure, almost all of the applications that will be written to interface with the technology will be riddled with security holes, and massive losses will ensue.
“The amount of banking and point of sale e-commerce apps that are being developed utilizing NFC is astronomical,” said IID Vice President of Threat Intelligence Paul Ferguson. “This is a gold mine for cybercriminals and we have already seen evidence that they are working to leverage these apps to siphon money.”
Other cybersecurity trends IID predicts for 2014 include:
A large increase of government-sanctioned malware targeting other government institutions around the globe, with nation states openly engaging in acts of cyber-espionage and sabotage
At least one successful penetration of a major infrastructure component like a power grid that results in billions of dollars in damage
An exploit of a significant military assault system like drones that result in real-world consequences
Intelligence sharing network
However, IID predicts a strong response in the form of an intelligence sharing network that will alert participating companies, government institutions, and more about the latest cybercrime attacks.
Currently, government agencies lack clear guidance about the rules of engagement for sharing, and enterprises are worried about the potential liabilities created by intelligence sharing. IID expects that Congress will enact new cybersecurity legislation that provides safe harbor protections enabling enterprises and government institutions to share intelligence without such fears in the coming months.
If you visited the Ubuntu home page early this morning, you couldn’t have missed the countdown timer that promised something, “So close, you can almost touch it.” Most assumed it to be about a fully touch-optimized UI for the next version of the popular Linux distribution, but it turned out to be something even more significant. In an announcement earlier today, Canonical unveiled Ubuntu for phones, a fully working Ubuntu distribution meant for existing and future mobile handsets.
If you are thinking “Wait, wasn’t Ubuntu for Android already announced last year,” you aren’t alone. Upon first hearing the news, that was the first thing that came to my mind as well. However, this is a whole different project with a much more ambitious aim and broader scope. While Ubuntu for Android was built to run in tandem with Google’s mobile OS to offer a full Ubuntu desktop experience only when docked, Ubuntu for phones is a complete OS in and of itself, entirely independent of Android. Before we get into the details, check out a hands-on video courtesy of The Verge. You will notice significant amounts of lag, but don’t be alarmed because this could be due to this being a development build that is not yet ready for release.
Here’s another, much more detailed 22 minute video featuring the founder of Canonical, Mark Shuttleworth himself, presenting Ubuntu for phones:
An announcement like this one is bound to receive mixed reactions. The Linux and Ubuntu enthusiasts among you must be rejoicing at the idea of getting an official and fully native Ubuntu experience that’s tailored for the small screen, rather than being a mere port of the desktop OS. At the same time, the skeptics must be wondering why on earth Canonical decided to release yet another mobile OS. With Android and iOS dominating the mobile ecosystem, the chances of a new smartphone platform thriving don’t seem too bright. After all, we’ve seen the lack of commercial success in Windows Phone, which despite Microsoft’s efforts over the past couple of years, has yet to grab significant smartphone market share. Though before we jump to conclusions, let’s give Ubuntu for phone a fair chance to at least present itself. So enough talk, let’s take a look at what Canonical has to offer the smartphone world.
The User Interface
From the details provided by Canonical and what can be seen in The Verge’s hands-on video, the OS clearly derives significant inspiration from the excellent but ill-fated Nokia N9. There are no on-screen or on-device buttons (it is running on a Galaxy Nexus, after all); and the OS is entirely gesture-driven. Edge-initiated swipes can be a great way to launch and navigate between apps, as we have already seen in case of the N9, and Ubuntu for phone makes full use of these gestures. Here’s how the UI works:
Instead of a lock screen, you wake the device to a welcome screen that shows you a stunning visualization of useful information such as the number of messages and tweets waiting for you, the distance you have walked, the time you have talked on the phone, and much more. All this information evolves as you keep on using your device.
Instead of providing you with app icons, tiles or widgets, the home screen shows you your most frequently used content including most used apps, most contacted people, and most played media.
A short swipe from the left edge brings up a bar of apps while a long swipe shows you all the currently running apps. Being accessible from anywhere across the OS, these gestures make app launching and switching super-fast.
Similarly, swiping from the right edge switches to the previously used app. This works in chronological order for all the apps you use, making app switching a breeze.
Swiping downwards from the top bar performs different actions depending on the icon in the notification bar you swipe down from. For instance, swiping down on the speaker icon brings up the volume controls, while doing the same on the message icon shows you all your messages, also allowing you to reply to them instantly from right there., rather than having to tap a notification and launch the app. This works not only for messages but also for tweets, email, Facebook interactions and phone calls.
As mentioned above, there are no system-wide controls other than gestures, hence there are no universal buttons. However, swiping up from the bottom edge reveals the control bar for in-app actions whenever required.
Global search feature will let you quickly access apps as well as content relevant to the current context from anywhere in the OS as well as online results.
Similarly, there will be fully integrated voice as well as text command support at both system and app level.
Based on the above, the user experience offered by the UI itself seems outstandingly intuitive. It was a pity to see this excellent gesture-driven interface not make it to the masses in form of the N9 due to Nokia’s decision to ditch the platform, and we hope things fare better for Ubuntu.
Docking Support
Smartphones of today have become powerful enough to be useful as our daily use PCs, but their size and form factor makes them unsuitable for getting serious work done. We have previously seen several attempts to do this by the likes of ASUS and Motorola, some of which have been successful in their niche, while others have faded into obscurity. One issue that keeps manufacturers from converging several devices into one is obviously commercial interest. It doesn’t seem to be a smart business choice to sell a phone that does it all for most users, when you can sell the same user a phone, a tablet, and a laptop or desktop PC. Nevertheless, with ~2 GHz quad-core processors, multi-core GPUs, 720p & 1080p HD displays, 32/64GB internal storage, and 2 GB RAM becoming the norm, this convergence is bound to happen sooner or later. While the likes of hardcore gamers, graphic designers and video editors will still buy PCs, these powerful phones have already adequate power for the average user who primarily only needs to play casual games, edit some documents, watch videos, listen to music, and browse the Internet.
With Ubuntu for Android, Canonical had aimed to converge our devices into one, offering a full desktop computer experience right from our phones when docked with a display, keyboard, and mouse. The same docking support is also there in Ubuntu for phones. Canonical aims to offer the OS on both mid-range and high-end devices, and the latter will be able to offer a full PC experience, allowing you to use your phone as your primary computer that you can carry around wherever you go. Being optimistic, we can even start expecting laptop and tablet terminals that only offer the screen, I/O devices, a few extra ports, and high-capacity batteries. These will then use our phones for the computation work itself, just like the ASUS Padfone.
From what we have seen above, things definitely look great for Ubuntu. Though the UI or docking support alone can’t offer a great experience, which brings us to the ecosystem.
The App Ecosystem
Ubuntu for phones will ship with all the core apps you would expect from any mobile OS such as phone dialler, SMS & MMS, web browser, email client, camera, photo gallery, music & video player, calculator, alarm clock, and so on. Furthermore, all popular HTML5-based web apps will be readily available for the platform, and will work side-by-side with native apps, complete with their own icons and access to the notification system.
Apart from the web apps, the platform will also enjoy fully native third-party apps. And unlike Android, there will be no Dalvik virtual machine, which will force these apps to be written in native code. If you are a developer, this will be your primary interest, so let’s take a look at what the platform has to offer the developer community.
App Development
We have seen on multiple occasions (webOS and BlackBerry) how developer interest can truly make or break a platform. With almost every modern smartphone out there offering the hardware specs and every smartphone OS offering all the core features required from such devices, the number and quality of apps available for the platform is truly the deciding factor for many users when purchasing their next phone or tablet. This may be a little too early to say right nowm but in case of Ubuntu for phone, the future doesn’t look dark in this regard—even if not too bright just yet.
Canonical made the excellent choice to make Ubuntu for phones not a separate OS from its desktop variant, but rather the very same OS, merely with a different UI. This means apps written for Ubuntu PCs will run on Ubuntu phones and vice versa, with only minimal changes required in the code to support the different form factor and instruction set. The already established Ubuntu Software Center will also cater to phones as the application discovery, distribution, and installation platform. Ubuntu One is also integrated into the OS as the cloud storage medium offering plenty of free space, with optional paid upgrades for those who need them.
Ubuntu’s web app APIs will allow any web app developer to provide their service as a full application. With support for both HTML5 and native code, developers will get a much wider choice for writing their apps. Using Ubuntu’s QML-based development environment, you can write an app’s core features in C or C++, and build its UI using JavaScript. In addition, you get full OpenGL support for building fully hardware-accelerated games and graphic-intensive apps. To help you get started with building apps for the platform, Canonical is offering an Ubuntu QML toolkit preview.
What Lies Ahead?
While only time will tell whether Ubuntu for phones stands against its major competitors in an already saturated market, or ends up suffering the same fate as webOS or Meego, the concept as well as the product itself are both promising. What we do see right now is a well-built OS, a promising app ecosystem, and the much-needed convergence between platforms. Combined together, these are all ingredients for success in this industry. That said, how things actually turn out will also heavily depend upon manufacturer support, as well as the marketing strategy adopted by both Canonical and device manufacturers.
While you can’t try out the OS at the moment, Canonical has promised to make Ubuntu for phone available for several existing devices within this year, starting with the Galaxy Nexus. CES 2013 is just under a week away, and more details will be revealed at that time. Furthermore, you’ll be able to grab the binaries of the OS for your Galaxy Nexus within the next couple of weeks. However, devices with Ubuntu pre-installed aren’t expected to start shipping before 2014.
So what do you think of this newest combatant in the smartphone arena? Join the discussion and let us know in the comments below.
SYTECH carry out Digital Forensic tasks of this nature for various UK based Agencies on a regular basis.
Newtown police officers on the street where Adam Lanza and his mother, Nancy Lanza, lived
Photo by Jared Wickerham/Getty Images
Last week, before committing one of the worst mass shootings in modern American history, Adam Lanza tried to destroy the hard drive on his computer. But whatever he was trying to hide might still be recoverable—and other options are available when it comes to uncovering his digital trail.
According to report published Wednesday by the Washington Post, the authorities are moving swiftly to try to salvage the damaged computer. Investigators reportedly believe before massacring 20 children and six adults at Sandy Hook Elementary School in Newtown, Conn., Lanza took a screwdriver or hammer to the hard drive. This creates a hurdle for the cops trying to gain an insight into what was going on inside Lanza’s head in the lead up to his terrible shooting frenzy. But depending on the scale of the damage, it is likely that forensic experts will be able to recover at least some of Lanza’s data. It is a complex, timely, and costly process that can involve piecing together crucial broken parts of the drive like a jigsaw. However, as the Post notes:
Extraordinary recoveries have occurred. When the space shuttle Columbia disintegrated on reentry, investigators were able to recover hard drives that had fallen to Earth. “The data was almost 100 percent recoverable,” [Rob] Lee, the lead for digital forensic and incident response at the Sans Institute, a leading cybersecurity and training organization.
The authorities will also be able to glean information about Lanza from other electronic sources. Given that the 20-year-old killer was reportedly a member of a technology club and likely spent a great deal of time at his computer, he surely had at least one email account. Assuming they can identify that account, investigating officers will be able to obtain a warrant to retrieve a record of Lanza’s email activity, which may offer a useful glimpse into his life and mindset. And if Lanza tried to cover that base by deleting his Gmail or Hotmail account, he probably didn’t realize that deleted emails usually remain backed up on centralized servers, at least for a few weeks.
The officers will probably also try to make contact with Lanza’s Internet provider to attempt to get access to any data showing Lanza’s online behavior. Although ISPs in the United States do not retain data as part of a mandatory retention regime as is the case in Europe, many of the major providers do retain some data about their customers’ usage (often for billing purposes). This doesn’t necessarily mean the cops will be able to obtain a list of websites he was visiting, but they should be able to get hold of his IP address, which could in turn be used to link him to posts or comments made on forums or websites—so long as he didn’t use an anonymizing service like Tor.
If Lanza had a cell phone, some useful data might come from records stored by his telco. Most of the major cell providers retain data showing who you have called and when, and they also retain location data—sometimes for as long as two years—which could be used to try to trace Lanza’s movements in the weeks and months before the shooting. His bank transactions may yield useful intelligence, too.
But Lanza’s hard drive will remain the most crucial piece of the puzzle—which is likely why he tried to destroy it. The hard drive will contain vital information, such as website logs, documents accessed, notes written, images saved. Such data, if it can be salvaged, will help police understand whatever led to the massacre—offering a unique glimpse into Lanza’s troubled psyche by unlocking the secrets he intended to take to his grave.
Antivirus firm Bitdefender forming a partnership that promises to give its partners an edge in a yet unsaturated market — mobile security forensics.
The partnership is with mobile forensic firm Celebrite, and will give the Romanian antivirus firm’s security solutions tread into new markets with placement in products used by police, military and corporate security professionals. It’s a union that will give mobile and security solution providers the impetus to bulk up their Rolodexes and expand business into yet untapped circles with related consulting and forensic services down the road.
Altogether, the combined solution aims to help investigators conduct forensic examinations to determine whether undetected malware was used in the commission of a crime. For example, the solution could aid fraud investigators in pinpointing mobile malware used to ex-filtrate and exploit bank account information or commit securities fraud.
By the same token, law enforcement could potentially use the integrated solution to discern whether mobile spyware was being used for harassment and stalking purposes. And corporate security folks could use the solution to examine mobile devices when launching investigations around intellectual property theft.
Cellphone hacking sparked the inquiry that led Lord Justice Leveson to conclude that the press “wreaked havoc in the lives of innocent people” in his long-awaited report to the British government last week. But those in the public eye aren’t counting on heavier press regulation to stop future hackers. Instead, they are increasingly placing their bets on emerging smartphone technologies that foil eavesdroppers by encrypting voice and text data in real time.
One such technology hails from GSMK, based in Berlin, Germany. Its CryptoPhones are commercial smartphones that use military-grade encryption algorithms to ensure that calls, texts and voicemails – when passing between people with similar secure devices – are all but unhackable. These cost around €2000 per handset. But now a rival has entered the fray with a much cheaper approach.
Silent Circle of Washington, D.C., launched its real-time call encryption app Silent Phone for the iPhone in October, and next week it releases a version for Android. CEO Mike Janke, a former security expert with the US Navy Seals, claims demand for the service, which costs £13 per month, has taken him by surprise: “A-list Hollywood celebrities, special forces operatives, diplomats from nine nations and a clutch of Fortune 100 companies have signed up to use our service in our first 40 days,” he says.
Antivirus firm Bitdefender forming a partnership that promises to give its partners an edge in a yet unsaturated market — mobile security forensics.
Cellphone hacking sparked the inquiry that led Lord Justice Leveson to conclude that the press “wreaked havoc in the lives of innocent people” in his long-awaited