You are currently browsing the category archive for the ‘interesting view’ category.
You Just Can’t Secure Them
As I dig deeper into IT security and am exposed to more and more about security I can’t help to think about things from a security point of view. It is getting to the point where the security point of view to something is my first point of view.
As usual this time of year, I am involved in a lot of different audits and reviews. While going through a clients requirements for their vendors I started to think about mobile phone. Not any in particular, but all of them in general and how much the space has changed over the last five years.
What I am really curious about is why nobody seems to be leading the enterprise space for mobile phone and devices. Sure it seems iPhone is taking over and are a huge presence in corporate environments; though from a security point of view its all a scary proposition.
What is missing is the ability force policy and lock-down mobile phones and devices. I can’t set policies to say, all phones must have a password, and that password must be at least six digits long. Sure these parameters can be set from the phone, but not being able to centrally control this stuff is a big fail.
Now Windows phone 6.5 was a big piece of crap, I know this, but what it had that most others do not is the ability to set policy on the phone from active directory. Exactly what you need to do in an enterprise. If you are running a Blackberry server you have some good controls around the phone, though I know fortune 500 companies who are dumping their BES servers for Blackberry Express Servers because it’s just too much money to maintain the BES server for an ever-dying space.
I guess I understand why Microsoft jumped after the consumer phone space, wanting to jump on iPhone bandwagon, but they left a huge space untapped. I saw a tweet today that only 6% of Chinese have cell phone, and what a space to get into. I guess there is a lot of potential there, but personally I find it easier to make money closer to home, and here in the States we need enterprise class phone. Top functioning iPhone, Windows Phone 7 class phones with a solid ability to set policies on them and restricting users from overwriting those policies.
I am not sure who will be first but I can’t wait. Whomever it is, they will produce billions in revenue, billions.
Perhaps what needs to be done is not rely on the phone development companies but third parties to develop controls for mobile phones, so a whole gamut of phones can be locked down by central policy. The company would need to build apps for the different phone types and be able to lock those apps down so they cannot be uninstalled by users, or if they are the needs to auto-wiped at the same time.
It’s not horrible that phone development companies are concentrating on the user experience, there are a lot of really great phones being produced. Someone needs to move on the security space around these phones as the continue to infiltrate deeper and deeper into corporate America.
A Software Application Idea
I work in a Windows world, so this idea is from a Windows Server view. Build an application which installs in active directory which allows you to register users phones with their user accounts. On the phones an application is installed which is used to force the policy on the phone. I wonder if there would be issues controller password, and other security aspects of a phone. Meaning, will the manufactures allow you access to those parts of the phone with their SDKs.
Load the application on the phone, register the phone with AD and allow the system to lock down the phones based on the policies you have set. As long as the application is found on the phone (plus verification through certificates) the phone may be used and send/receive email, etc.
If the application is removed from the phone, the phone is auto-whipped. This application can also provide encryption services for the phone. PGP verify emails on your phone anyone?
This can’t be an original idea, but I do like it. It is a great way to allow the phone development companies to concentrate on UX and someone else enterprise security. Hardware support for this would be useful too.
Tell me what you think of this idea, or if it already exists, point it out to me, I would love to check it out.
Like most Americans I have no idea what controls the prices of gasoline. There doesn’t seem to be any rhyme or reason to why the prices fluctuate. The local state government lifts taxes on gas for a short period to reduce the prices (Something Illinois did a few years back). Though for some reason the price per gallon doesn’t go down by the amount of the tax removed. Okay, perhaps the price of gasoline kept rising and offset this a bit. What is really disturbing is when the tax was put back on the gasoline the price rose more than the tax!
What I have been trying to understand is what happened in September of 2008. Starting in September 2008 until mid December 2008 the price of gasoline dropped by $2.70 (from $4.30 -> $1.65 ref.) No government “stimulus”, no action by other groups. Basically the economy was officially in the shit and gas prices plummeted, but why? I wish I have an answer, but I don’t.
Now, sixteen months later gasoline has been on a steady increase, rising as the “economy improves” (so they are saying). No reasoning, no rationalization, it just is. The true control of gasoline prices is so controlled. I believe it is used as a way to control our economy. If you think about it there is currency more important to the global economy than oil. NONE. If you come up with one, I would love to here it. Everything relies on oil and its prices have a heavy affect on the lucrativeness of all operations.
We saw this prior to September 2008 when gas was expensive and everyone was crying about it. I am not saying it wasn’t a real issue because it was. Nobody enjoyed paying $80+ to fill up their vehicles. But of course it hit everywhere. Carriers increased costs and added “surcharges” to offset the increased fuel costs. Airlines did the same. They needed to show their customers that their price is low, but there is an extra charge for gas. To me their price is high as I always conciser the bottom line, its irrelevant how they got to it.
So keep an eye on the general gasoline prices in your area and listen to the Markets reports. As the markets improve you will surely see the prices rise and rise. The will keep rising until the masses start crying again and everyone ends up paying for their ‘relief’ (the money has to come from some place, right?).
Maybe there is something to using gasoline prices as an economic measuring stick.
Take control of your social network, don’t let your social network take control of you!
From the news today:
MOSCOW (AP) – The crash of two satellites has generated an estimated tens of thousands of pieces of space junk that could circle Earth and threaten other satellites for the next 10000 years, space experts said Friday.
Images from Pixar’s Wall-e are not far off at all!
“in a cup!”
