Date: 19 Oct 2009 08:54:19 +0000
From: Itamar Engelsman <address truncated>
Subject: Psion sightings
> Thanks for the answers but what I meant was Psion's you see on someone elses desk (not family members) or used by someone else.
Regards, Itamar <
During a break at a Royal Aeronautical Society conference recently I saw a journalist using a 5mx to take notes when interviewing/talking to one of the speakers.
Hugh Dibley London
Using 5mx with one spare/on maintenance for Agenda/Data/Word/Sheet/Jotter for shopping lists etc/Spell/French-English dictionary/Phrase/Route/Street/Recording lectures-meetings, etc can get away with recording even if discouraged as people don't recognise a 5mx as a recorder! Quality is adequate even for music.
Dear All,
I came across this article in last week's New Scientist, which I thought people might find interesting. It discusses the potential security/privacy problems which can occur when a mobile phone is lost or an old one is given away. The full article can be found here:
http://www.newscientist.com/article/mg20427301.100-the-pocket-spy-will-your-smartphone-rat-you-out.html?full=true
THERE are certain things you do not want to share with strangers. In my
case it was a stream of highly personal text messages from my husband,
sent during the early days of our relationship. Etched on my phone's SIM
card but invisible on my current handset and thus forgotten here
they now are, displayed in all their brazen glory on a stranger's
computer screen.
I've just walked into a windowless room on an industrial estate in
Tamworth, UK, where three cellphone analysts in blue shirts sit at their
terminals, scrutinising the contents of my phone and smirking. "If it's
any consolation, we would have found them even if you had deleted them,"
says one.
Worse, it seems embarrassing text messages aren't the only thing I have
to worry about: "Is this a photo of your office?" another asks (the
answer is yes). "And did you enjoy your pizza on Monday night? And why
did you divert from your normal route to work to visit this address in
Camberwell, London, on Saturday?"
I'm at DiskLabs, a company that handles cellphone forensic analysis for
UK police forces, but also for private companies and individuals
snooping on suspect employees or wayward spouses. Armed with four
cellphones, which I have begged, borrowed and bought off friends and
strangers, I'm curious to know just how much personal information can be
gleaned from our used handsets and SIM cards.
A decade ago, our phones' memories could just about handle text messages
and a contacts book. These days, the latest smartphones incorporate GPS,
Wi-Fi connectivity and motion sensors. They automatically download your
emails and appointments from your office computer, and come with the
ability to track other individuals in your immediate vicinity. And
there's a lot more to come. Among other things, you could be using the
next generation of phones to keep tabs on your health, store cash and
make small transactions something that's already happening in east
Asia (see "Future phones").
Gone phishing
These changes could well be exploited in much the same way that email
and the internet can be used to "phish" for personal information such as
bank details. Indeed, some phone-related scams are already emerging,
including one that uses reprogrammed cellphones to intercept passwords
for other people's online bank accounts. "Mobile phones are becoming a
bigger part of our lives," says Andy Jones, head of information security
research at British Telecommunications. "We trust and rely on them more.
And as we rely on them more, the potential for fraud has got to increase."
So just how secure is the data we store on our phones? If we are
starting to use them as combined diaries and wallets, what happens if we
lose them or they are stolen? And what if we simply trade in our phones
for recycling?
According to the UK government's Design and Technology Alliance Against
Crime (DTAAC), 80 per cent of us carry information on our handsets that
could be used to commit fraud and about 16 per cent of us keep our
bank details on our phones. I thought my Nokia N96 would hold few
surprises, though, since I had only been using it for a few weeks when I
submitted it to DiskLabs. Yet their analysts proved me wrong.
Aside from the text messages stored on my SIM card, the most detailed
personal information that could be gleaned from my handset came from an
application called Sports Tracker. It allows users to measure their
athletic performance over time and I had been using it to measure how
fast I could cycle to work across London. It records distance travelled,
fastest speed at different points along the route, changes in altitude,
and roughly how many calories I burn off. But when DiskLabs uploaded
this data to their computer and ran it through Google Maps and Street
View, they were able to pull up images of the front of my office and my
home with the house number clearly displayed. Sports Tracker also
recorded what time I normally leave the house in the morning and when I
return from work. "If I wanted more information, then I could just stalk
you," says Neil Buck, a senior analyst at DiskLabs.
I had deliberately chosen to turn Sports Tracker on, and many people
might not stop to consider how such programs could be used against them.
In February, Google launched Latitude, networking software for
smartphones that shares your location with friends. It can be turned
off, but campaign group Privacy International is concerned by Latitude's
complex settings and says it is possible the program could broadcast
your location to others without your knowledge. "Latitude could be a
gift to stalkers, prying employers, jealous partners and obsessive
friends," the organisation warns.
It is possible your phone could broadcast your location to others
without your knowledge
A phone-based calendar could also leave you vulnerable. Police in the UK
have already identified burglaries that were committed after the thief
stole a phone and then targeted the individual's home because their
calendar said they were away on holiday, says Joe McGeehan, head of
Toshiba's research lab in Europe and leader of DTAAC's Design Out Crime
project, which recently set UK designers the challenge of trying to make
cellphones less attractive to people like hackers and identity thieves.
"It's largely opportunistic, but if you've got all your personal
information on there, like bank details, social security details and
credit card information, then you're really asking for someone to
'become' you, or rob you, or invade your corporate life," McGeehan says.
Code cracker
When Buck looked at my colleague's iPhone, he found two 4-digit numbers
stored in his address book under the names "M" and "V". A search through
his text messages revealed a few from Virgin informing him that a new
credit card, ending in a specific number, had just been mailed to him.
Buck guessed that "M" and "V" were PIN codes for the Virgin credit card
and a Mastercard and he proved to be correct on both counts.
"Out of context, an individual piece of information such as an SMS is
almost meaningless," says Jones. "But when you have a large volume of
information a person's diary for the year, his emails, the plans he's
building and you start to put them together, you can make some
interesting discoveries."
In this way the DiskLabs team also identified my colleague's wife's
name, her passport number and its expiry date, and that she banks with
Barclays. Ironically, Barclays had contacted her regarding fraud on her
card and she had texted this to her husband. Buck's team also discovered
my colleague's email address, his Facebook contacts, and their email
addresses.
This kind of personal data is valuable and can fetch a high price
online. It's ideal for so-called 419 scams, for instance, in which you
receive an email asking for help in exporting cash from a foreign
country via your bank account, in exchange for a share of the profits.
"What they need to launch a successful 419 scam is personal
information," says Jones.
A growing awareness of identity theft means that many people now destroy
or wipe computer hard drives before throwing them away, but the same
thing isn't yet happening with cellphones, says Jones. At the same time,
we are recycling ever greater numbers of handsets. According to market
analysts ABI Research, by 2012 over 100 million cellphones will be
recycled for reuse each year.
As part of a study to find better ways to protect cellphone data, Jones
recently acquired 135 cellphones and 26 BlackBerry devices from
volunteers, cellphone recycling companies and online auctioneers eBay.
Around half of the devices couldn't be accessed because they were
faulty. In our own smartphone experiment, we were unable to retrieve any
data from a BlackBerry, or the Samsung E590.
However, Jones's team found 10 phones that contained enough personal
data to identify previous users, and 12 had enough information for their
owner's employer to be identified even though just three of the phones
contained SIM cards.
Of the 26 BlackBerrys, four contained information from which the owner
could be identified and seven contained enough to identify the owner's
employer. "The big surprise was the amount we got off the BlackBerry
devices, which we had expected to be much more secure," says Jones.
While BlackBerry users have the option of encrypting their data or
sending a message to purge data from their phones should it be sold or
stolen, many had not done this. "Security is only any good if you turn
the damned thing on," says Jones.
Security is only any good if you turn the damned thing on
His team managed to trace one BlackBerry back to a senior sales director
of a Japanese corporation. They recovered his call history, 249 address
book entries, his diary, 90 email addresses and 291 emails. This enabled
them to determine the structure of his organisation and responsibilities
of individuals working within it; the organisation's business plans for
the next period; its main customers and the state of its relationships
with them; travel and accommodation arrangements of the individual; his
family details including children, their occupations and movements,
marital status, addresses, domestic arrangements, appointments and
addresses for medical and dental care; his bank account numbers and sort
codes, and his car registration index. Two further BlackBerrys
"contained details of a personal nature about the owner and other
individuals that would have caused embarrassment or distress if it had
become publicly known", says Jones.
Although his team used specialist forensic software to retrieve data
from the phones, much of it could be obtained directly from the handsets
themselves, or by using simple software of the kind that is sold with a
phone. "This was not designed to be a sophisticated attack, it used
simple techniques that anyone would have access to," Jones says.
That's bad news, considering that around 20 millions handsets were lost
or stolen worldwide in 2008, according to UK data-security specialists
Recipero. So how can people go about making their phones more secure?
Turning on the security settings is an important first step, says
McGeehan, as this may dissuade potential thieves from going to the
effort of trying to crack the codes. Then make sure you delete anything
you want to keep secret, while bearing in mind that it is often possible
to recover it (see "Phone security Q & A"). "I work on the basis that
anything I put on there I've got to be prepared for people to see," says
McGeehan.
As for me, I've taken to deleting potentially incriminating messages as
soon as they arrive in my inbox and reproving the sender in return. I
have also passed my old handset to my husband for safekeeping. If those
brazen messages must fall into someone else's hands, I'd rather they
were the hands of the Don Juan who composed them than a smirking IT geek
in a distant windowless room.
Future phones
By next year about 1 in 3 new smartphones will have accelerometers.
Pressure sensors and gyroscopes will follow, and soon your handset may
keep tabs on your health and pay your bills too.
For example, Nokia is experimenting with adding biosensors capable of
monitoring heart and breathing rates, as well as glucose and oxygen
levels in the blood. "Your phone could act as a wellness diary, and
start to integrate data with the primary health records kept by your
doctor," says Marc Bailey, a researcher at the Nokia Research Centre in
Cambridge, UK.
Meanwhile mobile commerce, or M-commerce, in which phones are used to
transfer money or pay for shopping, is already expanding rapidly.
Cellphone users in Japan can buy train or airline tickets with their
handset, while people in Afghanistan, the Philippines and east Africa
can use their handsets to transfer money to each other. "M-commerce is
coming, and the expectation is that it will become prevalent in the UK
and other European countries within four years," says Joe McGeehan, head
of Toshiba's research lab in Europe.
Though these developments should bring many benefits, security is
expected to become a problem. "As soon as you put money on anything,
criminals become more interested in it," says McGeehan.
To counter this, manufacturers are developing more secure ways of
encrypting data on handsets. According to Nokia, users will be able to
alter security settings depending on how much data they want available
at any one time. Phones with built-in fingerprint scanners are already
on the market, and Sharp has experimented with face recognition on
handsets, though hackers have recently shown that face recognition is
easily defeated with just a photograph.
Meanwhile, Apple is thought to be considering adding biometric security
measures, such as a fingerprint scanner, to future iPhones. However
effective these security features are, though, they will only work when
turned on.
Cheers, Ian.