What happens when everyone is running around with smartphones that are easy to use? The iPhone 3G is part of a leading trend: phones that have accessible, usable functions. Apple may be first and best, but the rest of the pack will eventually catch up. (If you'd like to refute me, launch the BlackBerry Web browser first, compare it with Safari on the iPhone, and now try to make a case for RIM surfing.)

The other advantage, of course, is that 3G laptop users that find themselves out of the HSPA coverage area offered by AT&T don't fall back to EDGE or GPRS as long as they can find an AT&T-included hotspots. No hotspot operator likes to guarantee a particular local network speed, but I know that Wayport--which has or will build nearly all of the 17,000 locations in question here--aims for T-1 speed (1.5 Mbps each way) and quality (guaranteed uptime), depending on availability.

Windows laptop users with AT&T's Communication Manager software (version 6.8) installed will be automatically logged onto hotspots--and, I would guess, logged off 3G whether the user wants that or not! I'll be curious about reports from the field.

A 5G/month ($60/month or greater) plan is requierd for free Wi-Fi service.

The Boy Genius Report quotes what appears to be an internal AT&T memo about today's launch that free Wi-Fi for smartphones is coming later in 2008. Boy Genius has a remarkably good track record for a rumor/leak site, so I'm inclined to believe their report.

The Eye-Fi Explore product relies on Skyhook Wireless's system of analyzing the signal strength of nearby Wi-Fi networks to extrapolate latitude and longitude. Eye-Fi ties that into their system to stamp images with locations. This deal also ties into Wayport's domestic network of 10,000 hotspots, most of which are McDonald's outlets, allowing free uploading via those systems. The purchase price covers one year of hotspot service. You can upgrade an existing Eye-Fi to the new feature for a fee. All three products work with Mac OS X Tiger and Leopard, and Windows XP/Vista.

Because Skyhook needs a live Web connection to look up the Wi-Fi environment, Eye-Fi can store the Wi-Fi snapshot when the picture is taken, and manage inserting the appropriate photo metadata (EXIF format) at upload for Flickr and other services that support geotagging.

Geotagging is a very popular idea, something that I'm quite taken with because it pairs the act of taking a photograph with the location at which the picture is taken, making a digital photograph seem a little less untied to reality. But until now, it's been generally quite involved to match a picture with coordinates. A handful of specialized cameras embed GPS chips, and there's software to facilitate other methods, but the cost and battery drain of GPS chips have apparently so far kept it from being a widely deployed feature, while the wonkiness of alternatives doesn't appeal to mainstream users.

Sony once sold this wacky GPS companion (which I just found out isn't available in either released model) that would track your location over time, and use that information to geotag images via a special software program that let you pair its stream of data with your photographs.

Eye-Fi and Skyhook are doing something almost the same, since the camera isn't capturing the GPS data, and the Eye-Fi isn't applying the information live, much of the time. But it's eminently more usable than the Sony system, because the Eye-Fi handles the assembly seamlessly for you.

Now there's just one thing to worry about. Think about this: McDonald's are everywhere, and nearly all of the U.S. locations have Wi-Fi. The Eye-Fi uploads whenever it can, as long as the camera is turned on. You're geotagging images without any effort. Okay, got it? So...you call in sick to work, and run off to take some photos. Your boss, using RSS to subscribe to your Flickr feed, not only sees your pictures as you wander the town, unknowningly promiscuously uploading them via quick-serve restaurants' networks, but also knows precisely where you are.

This makes me suggest that you might set your Flickr upload preferences to keep images private and your geotagging preferences the same. You can then expose the images you want for public consumption. The Panoptican is...us!

One of the things I have the… pleasure… of doing, is consulting with various manufacturers to see how they can make their products and interfaces more usable. Specifically, I try to help them understand what to add or change in order to allow customers to interpret and use the data that’s being delivered to them. How can they take all this stuff, make sense of it, and correlate it to events on the network.

A lot of times that means finding ways to map data sources to known devices on the network, and parsing out what’s expected vs unexpected, or anomalous. We do this for WAN and LAN-based data, and for sources within the network, the DMZ and externally. It’s a lot of work and still not as wizard-like as we might hope.

But, I think I’ve just found my new favourite toy- and it came via Splunk. When I saw it, I just had to have it. :)

I didn’t get far with the Splunk demo at RSA, but totally made up for it at Interop, by way of an extremely knowledgeable woman - Christina Noren, the VP of Product Management there at Splunk. Talk about someone who knows her stuff. I was really amazed with what this little log search engine can do. And, add to that the overview of visualization I got from Raffy Marty, Chief Security Strategist, and I was totally blown away. With Splunk, you can quickly gain insight into the events happening on your network, and the visualization tools give you a unique and easy-to-interpret representation of the data.

The two together build a foundation for some great security tools, and ways to visualize data and trends for everything from PCI compliance to Change Management to Phishing attacks… and more.

Why is this important? I’m always looking for new ways to present data to customers. We can throw all the gadgets we want to on the network, but ultimately someone (not someTHING) needs to know what’s going on- especially in a world now where people are being held personally responsible for security- or lack there of. There’s a lot of data and events, and we need a way to turn that information into something useable. 

Go forth and play… You can download Splunk (yes, for free) at Splunk.com. Check out the blogs and SplunkBase to get more cool tools and plug-ins. In a couple of months, Raffy’s new book Applied Security Visualization will be released and includes more in-depth information on using visualization in your environment. I strongly suggest you read it. Need more reasons to check it out? They have the BEST t-shirts ever…

Expect to see more from me on this topic, and some tips and tricks for Splunk…

# # #

Given that my colleagues serving eBusiness, channel, and product marketing professionals are also officially skeptical about the prospects of mBanking and mPayments, I expected him to trot out one of the usual rationales for this, including:

• When it was first tried several years ago, mobiles simply didn't support a usable (Web) interface. Screen real estate was lacking, mobile Net browsers were beyond clunky, data plans were prohibitively expensive: all of the annoyances of online banking in an even less usable format.

• The lack of a broad use-case across the entire range of transaction values. To minimize risk, there are often limits to what can be done on the mobile: caps on transaction amounts, no payee setup, etc. But this can put the squeeze on many mobile banking systems: Consumers then need to use the online channel anyway for large transactions, and small everyday transactions (like micropayments) are easily handled by debit cards (contact and contactless), NFC chips, and even good old-fashioned cash.

• Problems with compatibility between Java-based OTP generating apps and "Java-enabled" phones that hinder OTP generation on the mobile.

• The difficulty of switching back and forth between mobile phone apps to copy an OTP received, say, via SMS and the mobile browser.

Instead, Skinner thinks it's primarily due to "th[e] psychology of a mobile device being insecure." In other words, you're using something small, in public, that's easily grabbed or shoulder-surfed. He admits that mobile banking is often more secure than online banking, but it just doesn't feel that way. And a recent survey of Americans gives reason to think that he might be right.

The online channel is a fatter target at the moment, but fraudsters will eventually follow the ever-widening trail of breadcrumbs to mobile, so from a security standpoint, there's little reason to privilege either the Internet or mobile channel as more secure in the long term.

But from a consumer adoption standpoint, if this feeling is indeed widespread, it causes problems. I suspect, though, that if this is a common view and not just an artifact of how survey questions are framed, it's also one that will shift on its own in a few years. If the benefit is clear and the system convenient, people will use it and not worry too much about the security (much to our professional chagrin). Note that the survey cited above mirrors those done on online banking several years ago, and look at what a failure online banking has been since!

In fact, I found the article to be rather upsetting. Not because of the article’s thesis that strong authentication through a national ID program would not necessarily pose a threat to privacy; but rather, because of their naive (and irresponsible) handling of the realities of the biometric authentication challenge. They gloss over the real security challenges with creating a national biometric infrastructure. Here are the two quotes that are most misleading:

• “Confusing privacy with anonymity has delayed implementation of robust, virtually tamper-proof biometric authentication to replace paper-based forms of ID that neither assure privacy nor reliably prove identity.”
• “This emerging technology makes it virtually impossible to assume someone else’s unique identity.”

The problem that the authors are glossing over is that no such technology exists today, and it is unlikely to ever exist. Now, to be fair, I am assuming that a critical success factor for any national biometric program, as described, would be that the authentication devices have to be available, and usable, anyplace paper-based IDs can be used today. This of course implies that the authenticator must be an inexpensive, commodity device, easy to purchase, maintain, and operate. Such a device would have to be even more ubiquitous than the electronic credit card machine.

The problem is that the authenticator itself may be in the possession of the attacker (Perhaps after you authenticate your legitimate purchase the clerk desires to use your identity herself…). In the history of security controls, when the attacker has unsupervised at-will physical access, the attacker wins. Here are a few examples:

• Defeated copy protection on DVDs ( more & more info)
• Cold Boot Crypto Attack on hard disk encryption (more info)
• MiFare RFID Cards (more info)
• Skimming devices attached to ATM machines to steal card and PIN data (more info)

Of course, all of these systems worked in the lab. But when a security system is widely deployed, it has to withstand an enormous amount of scrutiny, and minor flaws will be exploited. And of course, the greater the financial gain, the greater the time and energy attackers invest in trying to defeat the system. The authors of the article ignore these issues, idealistically assuming biometrics will just work.

Now, of course there are lots of examples where biometrics work very effectively. But I would propose that biometric authentication is most useful when the authentication device is physically secure and the authentication itself is supervised. The MiFare example above also demonstrates two other issues:

• The system chose not to implement a reviewed and standard cryptographic algorithm - always a bad idea
• MiFare was able to sell 1 billion cards and authenticators before the system failed

The cost of investing in a national biometric authentication program, and then having the security fail, is enormous. Can you imagine deploying a biometric authentication infrastructure to every bank, police car, restaurant, shop, etc. and then having video on YouTube of it being defeated ?

- Erik

BTW, Maybe the attacker doesn’t even need to tamper with the device -> ftp://ftp.ccc.de/pub/video/Fingerabdruck_Hack/fingerabdruck.mpg

Art of Information Security would love your feedback !

What do the Cold Boot Crypto Attack, DVD Players, and MiFare tell us about the Future of Biometrics?