Image via Wikipedia

Much has been written lately about annoying sales tactics and how many in the security field try to duck vendor calls.  Believe it or not, I get my share of annoying sales calls as well.  Whether it is the great conference that is being organized with all of the CIOs that I would ever want to speak to or the latest, greatest new product that is going to make my life easier and define the road to riches, I am swamped with spam telephone calls (on my cell phone no less) every day. 

One thing that I have come to see is that many of these unsolicited calls come in with an unknown caller ID. I don't mean no name for entity, but no number either.  Most of these people don't leave a voice mail either, they just keep calling until the get an answer.  My view is that if the caller has to go to the effort of hiding their name and number, than they have something to hide and are not being upfront.  I don't want to do business with anyone like that. I think this just puts two strikes against anyone calling.  Why are you hiding who you are?  Are you ashamed of what you are doing?

So here is my Shimel rule on sales calls. If your caller ID does not identify you, than I don't want to talk to you!

Image via Wikipedia

Much has been written lately about annoying sales tactics and how many in the security field try to duck vendor calls.  Believe it or not, I get my share of annoying sales calls as well.  Whether it is the great conference that is being organized with all of the CIOs that I would ever want to speak to or the latest, greatest new product that is going to make my life easier and define the road to riches, I am swamped with spam telephone calls (on my cell phone no less) every day. 

One thing that I have come to see is that many of these unsolicited calls come in with an unknown caller ID. I don't mean no name for entity, but no number either.  Most of these people don't leave a voice mail either, they just keep calling until the get an answer.  My view is that if the caller has to go to the effort of hiding their name and number, than they have something to hide and are not being upfront.  I don't want to do business with anyone like that. I think this just puts two strikes against anyone calling.  Why are you hiding who you are?  Are you ashamed of what you are doing?

So here is my Shimel rule on sales calls. If your caller ID does not identify you, than I don't want to talk to you!

I went to the salon today to ‘get my nails did’ and was greeted with quite a ruckus. The entire staff is Vietnamese- no big surprise there- but the owners and most employees speak English extremely well and so everyone is always chit-chatting throughout the salon.

The wife side of the husband-wife team was especially giddy as she shared a little gem of a story with me today… and I didn’t feel I’d be doing you justice to keep it to myself. 

They (the salon staff) all live in one of the larger cities here in NC. One of their friends (a middle-aged guy) was out shopping Monday and was sitting in his car in a parking lot during a coming- or going- to a store. A young girl (mid-20’s) came up to his car and motioned to ask for use of his cell phone.

Now, at this point in the story, I could have told you the rest…

He opened the window a bit and the young lady asked to borrow his phone for a moment to call a family member. Turns out she had some car troubles and needed a ride. Being the nice gentleman that he is, he lent her the phone and she took a couple of steps away to make the call. Only… she didn’t stop. Evidently she got about 4 cars down the row before our chivalrous guy got out of the car and gave chase.

When he got in reach, she pushed him down to the ground and - yep - ran back to his car, phone still in hand… and drove away.

He now has no car and no phone. So, ironically enough, he then had to approach a stranger and politely ask for the use of their cell to phone home and let the group know he was bamboozled. A few tears were shed, but his wife assured him it would be fine and he shouldn’t be scared. (No, I’m not making that up).

I was giggling right along with her (and the guy’s wife, who happened to be there).

Moments later I thought to myself, “I hope that doesn’t happen to me!” Almost in the same instant I realized… it probably wouldn’t. I’ve been a bit of a paranoid freak since I was little, thanks probably in most part to having two ex-military intelligence parents. For all my life I’ve been raised with ‘the security mindset’ as Schneier refers to it.

Always suspicious… always calculating… always aware… and certainly never underestimating a situation.

And so then I had to muse… WHAT WAS HE THINKING leaving the car running and unlocked to go after the siren with the cell? For the sake of politeness, I kept my question to my ‘inside voice’, but I do have to wonder why you’d sacrifice the security of a vehicle for a $50 cell phone.

The moral of the story…  There are two. 1) Involve someone with a ‘security mindset’ and 2) Your security is only as strong as your people. A sweet damsel in distress… social engineering at it’s finest…

# # #

TAP Portugal adds in-flight calling: OnAir's satellite-based call service is now in a trial on a single Airbus A319 in TAP's fleet. The six-month trial will determine how they move forward. TAP was originally slated to launch a trial nearly three years ago, but technical and regulatory issues have delayed in-flight mobile use in Europe. This isn't broadband, by the way: it's pricey per-minute calls, texts, and cell-based email.

Boingo offers free day pass for downloading connection software: The hotspot aggregator will give you 24 hours of use at a location in their network for downloading their lightweight connection software by 6-July-2008. The software identifies Boingo-partnered networks, and lets you sign in without any fuss.

AT&T launches downtown St. Louis network: The company found that it couldn't complete its city-wide proposal due to light pole issues. They've built out a square mile in the downtown, instead. The service is $8 per day and $16 per week, or free for up to 20 hours per month when ads are viewed. AT&T DSL, fiber, and remote business customers get free use of the network.

Ted Morgan, the head of Skyhook, explained in an interview that while GPS is certainly the gold standard, and while it works well in stand-alone devices designed for continuous use and navigation, it's not the right choice by itself for mobile devices. It can take 5 or 10 minutes for a GPS-only device to get an accurate fix on the satellites it needs to give you accurate information. (Various shortcuts can provide less accurate information more quickly.)

"This notion of 'tell a user or consumer to stand outside for 30 seconds before they can search for the nearest pharmacy' is pretty silly," Morgan said. He noted that with all the radios now found in newer mobile devices, using several of them produces a fast and much more accurate result. The iPhone 3G, for instance, sports quad-band 2G, tri-band 3G, Bluetooth, Wi-Fi, and GPS chips.

Morgan said that A-GPS (assisted GPS) already combines cell tower information with GPS. A cell phone can be told approximately where it is, and thus instead of cycling through 24 satellites, start with the two that are most directly overhead. This can reduce the time to gain a location to as little as 20 seconds, Morgan said, although any kind of movement usually lengthens the time to 30 to 60 seconds.

Skyhook's system takes advantage of this aspect of A-GPS. They let a GPS system grab onto two satellites quickly to correct data from their Wi-Fi Position System (WPS). Morgan said that this reduces the WPS error by 35 to 40 percent through "weak fixes."

Within cities' concrete canyons, "you can only get a true GPS fix about 70 percent of the time outdoor, but you get two satellites all the time," Morgan said. "In the entire footprint, we're able to use this hybrid technology, even though GPS is only available 70 percent of the time." Outside of metro areas, cell towers can still be used to improve GPS startup times.

Skyhook has continued to expand its European coverage for WPS; they cover about 8,000 cities in the US and Canada, which is roughly 70 percent of the population; "it looks exactly like a cellular coverage map," Morgan said, and includes "any town with five streets in it."

In Europe, their current big push, partly because of their inclusion in the iPhone, they cover 70 percent of population in the current countries--the UK, France, and Germany--but they're now at 50 percent of the population of the rest of Western Europe. They're working assiduously in Japan, Korea, Hong Kong, and Australia as well, and looking into China and India. India has very little Wi-Fi, so they may rely more on cell towers there.

The company also announced a partnership with wireless chip maker CSR today, which is a major providers of Wi-Fi and Bluetooth chips to computer and handset makers. Nearly a year and a half ago, Skyhook partnered with SiRF, the dominant worldwide chip supplier for stand-alone GPS gear, that's also making a push into mobile devices. Skyhook obviously needs a win with a cell chip maker, like Infineon, Broadcom, or Qualcomm, given the XPS technology, to score a place in tens of millions of cell phones beyond the iPhone.

Skyhook's technology most recently appeared in a soon-to-ship model of the Eye-Fi--the Explore. The $130 Secure Digital card with Wi-Fi built in allows you to take pictures with any camera, and have the Wi-Fi signal space recorded for later lookup when you upload photos. The pictures are geotagged with that information. The card can optionally be used with Wayport's 10,000 strong Wi-Fi network in the U.S for $15 extra per month. David Pogue of The New York Times recently wrote up the Eye-Fi Explore.

Alltel launches domestic US hotspot service: Alltel is reselling Boingo's offering at $20 per month or $4 per day with no commitment. That's 25,000 US hotspots. The No. 5 cell operator, which is in the process of being acquired by Verizon, also runs a EVDO network available nationally as part of a Verizon partnership (Alltel covers a ton of areas Verizon doesn't), which costs $60 per month. Combine Wi-Fi and 3G and pay $70 per month.

Beijing's Wi-Fi network launches with a limp; no 3G at Olympics, either: The Wall Street Journal says the WiCity project that will cover the Olympic venue with Wi-Fi (about 100 sq km) got off to a rough start at its launch, with reports from their bureau and others of poor signal strength; no answer on the customer-support hotline; and broken links on the Web site. The blog entry also notes that visitors who expect 3G over their cell will be bitterly disappointed, as anyone in the industry knows: China didn't adopt either worldwide 3G standard. They claim that their own TD-SCDMA 3G technology will be up and running in time, but that won't really help visitors much, now will it? I'm surprised no waivers were granted to run temporary cell installations for EVDO and HSPA just for the games. Wouldn't have been that big a deal.