Real Phone Hacking

Interesting glimpse into the real world of phone hacking–not the amateurish stuff we’ve been absored by in the UK–by Sharmine Narwani: In Lebanon, The Plot Thickens « Mideast Shuffle.

First off, there’s the indictment just released by the Special Tribunal for Lebanon which, in the words of Narwani,

appears to be built on a simple premise: the “co-location” of cellular phones — traceable to the accused four — that coincide heavily with Hariri’s whereabouts and crucial parts of the murder plot in the six weeks prior to his death.

Indeed, the case relies heavily on Call Data Record (CDR) analysis. Which sounds kind of sophisticated. Or is it? Narwani contends that this could have been manufactured. Indeed, she says,

there isn’t a literate soul in Lebanon who does not know that the country’s telecommunications networks are highly infiltrated — whether by competing domestic political operatives or by foreign entities.

There is plenty of evidence to support this. The ITU recently issued two resolutions [PDF] basically calling on Israel to stop conducting “piracy, interference and disruption, and sedition”.

And Lebanon has arrested at least two men accused of helping Israel infiltrate the country’s cellular networks. What’s interesting about this from a data war point of view is that one of those arrested has confessed, according to Narwani, to lobbying for the cellular operator he worked for not to install more secure hardware, made by Huawei, which would have presumably made eavesdropping harder. (A Chinese company the good guy? Go figure.)

If this were the case–if Lebanon’s cellular networks were so deeply penetrated–then it’s evidence of the kind of cyberwar we’re not really equipped to understand, let alone deal with: namely data manipulation.

Narwani asks whether it could be possible that the tribunal has actually been hoodwinked by a clever setup: that all the cellular data was faked, when

a conspiring “entity” had to obtain the deepest access into Lebanese telecommunications networks at one or — more likely — several points along the data logging trail of a mobile phone call. They would have to be able to intercept data and alter or forge it, and then, importantly, remove all traces of the intervention.

After all, she says,

the fact is that Hezbollah is an early adherent to the concept of cyberwarfare. The resistance group have built their own nationwide fiber optics network to block enemy eavesdropping, and have demonstrated their own ability to intercept covert Israeli data communications. To imagine that they then used traceable mobile phones to execute the murder of the century is a real stretch.

Who knows? But Darwani asserts that

Nobody doubts Israel’s capacity to carry out this telecom sleight of hand — technology warfare is an entrenched part of the nation’s military strategies. This task would lie somewhere between the relatively facile telephone hacking of the News of the World reporters and the infinitely more complex Stuxnet attack on Iran’s nuclear facilities, in which Israel is a prime suspect.

In other words, there’s something going on here that is probably a lot more sophisticated than a tribunal can get behind. I’m no Mideast expert, but if only half of this is true it’s clear that cellphones are the weakest link in a communications chain. And that if this kind of thing is going on Lebanon, one has to assume that it’s going on in a lot of places.

How Not to Disintermediate

image

With traditional media on the rocks, there are lots of opportunities for companies and organisations to  disintermediate: to project themselves directly to the public. Indeed, in some ways, this is the future.

But here’s how not to do it: to put a guy from the PR department in front of one of the senior folks and let him babble. The result is always awkward half sentences linked rehearsed (and usually quite obviously, and badly) lines from some media training session that ooze jargonish phrases that a real journalist would never let pass.

Things like these (with their translations alongside) from the Nokia Booklet 3G interview with John Hwang, its designer.

“nokia’s all about connecting people” = we make mobile phones

“further strengthening our device portfolio” = we’ve got a lot of different models. You’re confused? Try working here.

“mobile heritage” (repeated by the interviewer, as if it’s a phrase we all use in our daily lives: “honey, could you look in the drawer at our device portfolio and see if there’s something there from our mobile heritage we could lend the kids for sleepover?”) = we have to acknowledge we mainly make mobile phones, but we’re trying to make it sound like that’s our past. Just like our “tree-felling heritage”

“connected services” = the Internet

“all day performance” = the battery won’t give out on ya

“mobile design language” = we design mobile phones. Well we used to. Now we want to be thought of as computer manufacturers

“launched from our mobility statement” = I have no idea what this means.

(And the PR guy keeps saying “we” and then correcting himself to say “nokia”.)

If you’re going to do this kind of thing, do it right. PR guys should not be afraid of asking questions real journalists would ask, including tough ones. (Interestingly, the only tough question here is one the interviewee asks himself.)

The Third Screen Talks to the Second

image

Nokia has finally woken up to the potential of connecting its phones to a computer. I’ve written elsewhere about the PC Suite, but its latest version has made some great strides in allowing you to use the computer to manage and monitor your cellphone.

The vision is a simple, and yet elusive, one. We work on our computers when we’re stationary. And on our phone when we’re mobile. But as far as we’re concerned we’re still doing the same thing: working. We can synchronize our data between those two devices, but operating both in real time is more problematic: there are tools to allow us to access our computer data from a phone, but sending and receiving SMS messages, for example, is still considered a phone activity, not a computer one.

It’s a technical barrier, not a lifestyle one.

Nokia, the biggest cellphone manufacturer in the world, has been slow to wake up to this weak link, but they’ve now seemed to see it. We should be able to send and receive SMS messages just like we can send and receive email messsages. It shouldn’t make any difference to us how people communicate with us; the medium shouldn’t matter.

But anyone thumbing out SMS messages in the office when they’d rather be typing them knows it does.

The PC Suite, once just a way to synchronize data between phone and computer, has now started to move into this space. Now it’s not a suite, so much as a Communication Centre. It’s become the interface for your phone (or phones; Bluetooth lets you connect more than one device simultaneously) when you’re at your desk.

The real improvement, therefore, is in the way the desktop software (Windows only) works with messages and contacts on the phone. Previously it was clunky and slow; it felt like the computer was downloading all your messages and contacts each time you wanted to do something. It was often faster just to tap the message out on the phone.

Now it’s fast and easy to use. Your computer will also let you know when a new message arrived, something the old software didn’t. The software is also good-looking and remarkably rich in features. Indeed, I’d argue that you don’t really need Outlook for your contacts with this kind of software working so well. (And yes, it handles non-Western alphabets well too.)

Some weaknesses: there’s still no way to add a phone number to existing contacts—as opposed to creating a new one. And when I first ran the software it ate up nearly all my processing power, which wasn’t pretty (it’s since settled down.)

Intriguingly, there’s a Firefox extension for synchronising bookmarks between your computer and phone browsers.

This is the closest I’ve seen to making the phone an appendage to your computer, where it seamlessly integrates in terms of data and functionality. Some steps to go, but kudos to Nokia for pushing the envelope. Hopefully soon enough we won’t notice or care what medium—SMS, email, chat–we’re using, because it will all be one simple interface. That day just came closer.

It’s Your Mother Calling

A few people have asked for the transcript of yesterday’s commentary on the BBC’s World Business Daily about getting your  mother’s voice to be your ringtone. It follows below, and here’s the (still active) link to the actual program from whence it came. Thanks for listening, and to the crew at Business Daily for their excellent impression of my mother’s voice. It sounds scarily like her. 

audio Listen to Wednesday’s Edition

Updated at 08:32 GMT on Wednesday

The growing spectre of inflation – as elections approach in Russia, how long can the government hold down rising food prices?

and mobile phone RING TONES – what would really grab your attention – how about the voice of your mother – telling you off?

Ringtones

Ringtones on cellphones have long since graduated from beeps into full fledged polyphonic symphonies. And it’s long driven me nuts.

I was on a bus the other day and the guy in front had his handset volume set so loud that when his phone rang he was so disconcerted he couldn’t turn it off. The mindless ditty he had chosen as his preferred form of alert blasted through the bus as he fumbled with the off switch. At least he bothered fumbling. Some people I notice love their ringtone so much they spend a few contented moments listening to it before picking up. This is a variation on the older theme where people stare at their ringing phone apparently mulling whether it’s worth answering. Songs as ringtones are like someone suddenly turning on a radio full-blast and then just as suddendly turning it off. At best you’re relieved your morning reverie is possible again, at worst you’re annoyed you can’t remember what song the snippet of music belonged to, and are stuck the whole day humming a snatch of a best forgotten ditty.

There has to be a better way for ringtones to be less intrusive and yet audible enough to the user so they actually hear it. My solution is simple. I read somewhere that the US Air Force in the 1950s was experimenting with early versions of synethesized voices delivering cockpit warnings. What they found was that a pilot was much more likely to hear an important instruction if the voice used was the pilot’s mother. You can just imagine a disembodied voice saying “Pull up, you silly boy!” just as she might have said “Pull up your socks, you silly boy!” Who wouldn’t pull up under such conditions?

So this is what I propose. When I buy my phone, I hand it over to my mother and have her call out my name at a reasonable volume. That recording becomes my ringtone. Trust me, I’m always going to recognise her voice, across the room, across town, across continents. Mothers’ voices have that kind of quality.

Why would this work so well on phones? Well I may hear my mother’s voice in the middle of a crowded and noisy rave, but everyone else? Unless they’re called Jeremy, it won’t register. If they are called Jeremy, it’s unlikely the voice is going to have quite the same impact. I will know my phone’s ringing. No one else is disturbed, because people are yelling out other people’s names all the time.

This is easy enough to do, by the way: Most phones let you record something and turn it into a ringtone. There are even websites that let you upload sound files and turn them into ringtones. But even better would be to set up a service that let mothers send recordings of themselves to the phones of their offsprings — without them knowing. I’d love to see the son’s expression when he hears his mother’s voice calling him from his pocket. I suspect he’d pick up pretty darn quick.

BBC World Service | Business Daily

Wikiscam

Just because something has the word Wiki, community and/or .org in its name, doesn’t mean it isn’t a scam. I just received an email from someone called Navin Mirania about Wikimmunity which on first glance sounds like a worthy project: a website designed around local community content. But on closer examination it has the word ‘spam’ written all over it: 

How are you?  My name is Navin from Wikimmunity.org. I recently tried to contact you by phone regarding your blog/web site Endangered Spaces to see if there was any opportunity for us to work together.  Wikimmunity.org, the local community source, is looking for writers to write about local organizations, groups, attractions, people, places, and more.

We pay a modest fee for writing about places and things that you already know about in and around your local area.  Your idea/topic list is unending. Let me know if we can set up a time for us to discuss further. We’d like to help you to generate additional revenue from your blog.  In the mean time, visit  https://www.wikimmunity.org/affiliate/scripts/signup.php to register.  I’ve also included some other links that you might be interested in visiting below. Thanks and I look forward to hearing from
you NAME HERE

Navin calls himself a “Content Distribution Specialist” which is a new one on me. I guess it sounds better than “spammer who forgot to set the autofiller in his distribution list software”.

And what of the website itself? Well, it looks and feels like Wikipedia, until you realize there’s no information about who’s behind it, and until you start reading some of the entries. Which are, it has to be said, unconsciously amusing. Try this one, for example, about Walmart:

walmart has a lot of people’s needs at great prices. they have snacks, electronics, drinks, furniture, sports stuff, music, and many more. they have video games and acsessories and many more. If you want the newest things for a great price go to walmart. They have so much sales and and items you know it is goinig to be a good store all around prices. if you wann visit their online store [1]. they are one of the best stores to go to. they have toys, fishing equipment, tires, and even t.v. so for this holiday that is coming up you must go to walmart for their awesome prices

Copy I’m sure Walmart would be proud of. Or this one on Barnes & Noble:

Alot of people should be Familiar with this store. In case you don’t know this is a book store. in this store you can get all kinds of books in this place. they have fiction, non-fiction, realistic fiction, and many more. They also have new releases of books all the time. They also have cd’s. the music they have is rock, classic rock, country, rap, and others. this is a good store to get both books and music. They also have drum books. They have Jimi Hendrix cd’s!!!

Well, blow me down. Jimi Hendrix CDs?

Technorati Tags: , ,

Time to Give the Telephone Back to the Cellphone?

Was interviewing a guy intimately involved in the mobile phone industry the other day, and we were comparing the various features of our sophisticated smartphones, when he suddenly leaned over and said, “Off the record, but this is my favorite phone.” And he showed me this:


Nokia 1100, photo Mobile Phones UK

The Nokia 1100, according to Wikipedia, is the world’s best selling handset, having shifted 200 million units. It seems to cost about $20, often less, and has a battery life of about 400 hours. And, crucially for my friend, sports two important features: It makes and receives calls and SMS. Beyond that, in the words of Bryan Ferry, there’s nothing. (Well, actually there’s WAP, but who uses that?)

The point about the Nokia 1100 is that it’s a phone. It doesn’t pretend to be anything else (except a flashlight, if you press and hold the “c” key down (presumably “c” stands for torCh or flasChlight or “come into the light where I can see you, Mildred”.) It’s designed for conditions in developing countries — dustproof keyboard, non-slip sides — but for many of us that could describe an ordinary day in the office (dusty, slippery, in need of illumination).

“For email,” he said, “I use this,” waving a Nokia BlackBerry clone. “For phoning and SMS, I use my 1100.”

Clearly my interviewee friend is not alone. A glance at Mobile Phones UK’s page on the model, the phone has a sizeable fanclub, with comments from Romania, Pakistan, Iran, the Philippines, Argentina, UK, Zaire and Tanzania. (Typical comment: “I needed a simple, sharp looking, long life phone. I got it. I love it!”) Of course, there are some who aren’t happy, but with 200 million units out there, that’s not surprising.

I guess my worry is, and has been for a while: As phones get more sophisticated, when do they stop being phones? And if it takes you longer to make or receive a call (or an SMS) than it used to, at what point do we need to split the phone/SMS functionality from our smartphone and give it back to the likes of the 1100?

The Gadget Gap

image

This week’s WSJ.com column (subscription only, I’m afraid) is about what I call The Hole — the absence of decent devices in terms of size, weight and functionality between the smartphone and the notebook. To me it’s not just about cramming everything you can into a smaller device, it’s about making something that people enjoying having with them when they’re away from their computer:  

The recent excitement about the iPhone illustrates, among other things, that we have a more emotional relationship with our gadgets than some manufacturers allow for. It’s all about an experience — the physical feel of the device, the elegance of its interface, the interaction with it. The more connected we become, the more important this will become, because those devices serve as conduits to the worlds and communities we inhabit online. The lesson? Filling the Hole means taking the lessons we’ve learned with cellphones, iPods and iPhones and applying them to devices that are a little larger, not the other way around: trying to cram our workshop tools into something smaller.

I’m a bit slow off the mark posting this, so I’ve already received some interesting mail from readers. One points me to the the Pepper Computer (pictured above), saying they covert the device because they:

Typically watch TV with the family in the evening. There are many times I want to check out email or want to follow up on something I see while watching the news, etc. Instead of lugging out the laptop plopping it on the coffee table and making it look like I’m not paying attention to the family, I thought it would be cool to just pick up a small web device and do it right there on the spot. Plus you have the convenience of it being a remote control. No remote clutter and it serves a valuable purpose earning a coveted space on the coffee table. (With high end remotes costing $500+, the Pepper Pad seems even more reasonable!)

Another, Daniel Gentleman of Tabletblog.com, points to the power of instant-on in such gadgets as Nokia’s N800:

This is why people still use the awful browsers and email clients on smartphones. They’re simply ready to work as soon as you pick them up. This feature is often overlooked yet critical in that gadget gap.

Very true, and something I’d omitted to mention in my piece.

Cyberwar, Or Just a Taste?

Some interesting detail on the Estonian Cyberwar. This ain’t just any old attack. According to Jose Nazario, who works at ARBOR SERT, the attacks peaked a week ago, but aren’t over:

As for how long the attacks have lasted, quite a number of them last under an hour. However, when you think about how many attacks have occurred for some of the targets, this translates into a very long-lived attack. The longest attacks themselves were over 10 and a half hours long sustained, dealing a truly crushing blow to the endpoints.

There’s some older stuff here, from F-Secure, which shows that it’s not (just) a government initiative. And Dr Mils Hills, who works at the Civil Contingencies Secretariat of the UK’s Cabinet Office (a department of government responsible for supporting the prime minister and cabinet), feels that cyberwar may be too strong a term for something that he prefers to label ‘cyber anti-social behaviour’.

Indeed, what surprises him is that such a technologically advanced state — which uses electronic voting, ID cards and laptop-centric cabinet meetings — could so easily be hobbled by such a primitive form of attack, and what implications that holds:

What IS amazing is that a country so advanced in e-government and on-line commercial services has been so easily disrupted. What more sophisticated and painful things might also have already been done? What else does this indicate about e-security across (i) the accession countries to the EU; (ii) NATO and, of course, the EU itself?

Definitely true that this is probably just a little blip on the screen of what is possible, and what governments are capable of doing.

(Definition of Cyberwar from Wikipedia here.)

 

Seasons’ PR Greetings

It’s that time of year: Lots of Christmas greetings messages from PR folk. I don’t want to sound like Scrooge, but I’m never quite clear why they bother with these things.

Nokia sent me a link to a flash message with lots of phones doing stuff and thanks for “my continued support for Nokia”. A nice sentiment, though I’ve never thought of what I do in those terms, and I suppose I’d much rather have an answer to my now six-week old request for Nokia to do something about the piles of angry comments left on my blog from customers in India. Some of them are poignant, like messages from the afterlife or some terribly tragedy being played out online.

Yesterday I got one from Veena Meksol, who from her IP address is writing from Bangalore, and writes “sir, pl give me nokia service centre in bangalore, my hand set is just 5 months old but from 2 days i am not able here,” and then the message ceases. Heaven knows what happened to Veena, but I’d happily sacrifice a Flash-based Christmas card or six if Nokia could track her down end her agony.

 My problem is that I can’t really distinguish between a PR greetings card and spam, especially when spammers’ subject fields look remarkably similar . Is there any difference? And what is the correct protocol when you receive one? PR turnover is so high, most of the names mean nothing to me, which is presumably why some of them attach photos to them. They’re all extraordinarily good-looking, I have to say:

 I’m just not sure I’ve actually met any of them, or even communicated with them. The problem then is that I feel guilty. I don’t want to be one of those hacks that treats flacks like, well, flacks. On the other hand, who sends Christmas cards with pictures of themselves looking, well, great, if not to lure the recipient into some sort of trap?

Anyway, I knew the season had hit a fresh low when I got a box from the PR of a certain company which contained a card (thanks, guys!) and, buried amid the packaging, a small box of chocolates from Norman Love. The mouthwatering blurb that accompanied the chocs was impressive — “Norman Love Confections welcomes you to your first step in a delectable journey into the world of fine, handsome chocolates,” it began. All this may well have been true — including the assertion that each of the six chocolates was “an edible work of art” — but the effect was somewhat spoiled by the fact that the chocolates had not weathered the 10,000 km trip from Silicon Valley to Indonesia that well.

Frankly, they looked as if someone had sat on them, half eaten each of them, spat them out, sat on them again and then sprinkled the contents of their computer keyboard over them before putting them carefully back in the box and retying the ribbon. Maybe that’s the message the PR company intended to convey? If so, I’m surprisingly cool with that.

Thwarting the VoIP Eavesdroppers

Interesting piece in Intelligence Online (subscription only) which mentions the growth of both software to intercept VoIP traffic, and services to thwart it. Companies mentioned: Amteus [company website] which “has developed secure software for Voice over IP (VoIP) communications but also for e-mail and file swaps.” Amteus basically works by establishing a peer to peer connection and encrypts with a one time key. On the other side of the fence, the article says, are companies “like Israeli firms Nice Systems and Verint as well as France’s Aqsacom, are already marketing solutions to break into and record telephone conversations on the Internet.” [all corporate websites]

An interesting world