Gotta have that new cell phone?
The one that can e-mail, Web surf, instant message, store your dissertation, take pictures and play video games? The tres chic number you saw someone thumb dancing on at the airport?
Fine. Just keep in mind that the smarter your phone gets, the more computerlike it becomes.
And the geeks among us warn that the spam and viruses and spyware that today make your PC wheeze and your laptop hyperventilate could tomorrow suffocate your oh-so-snazzy phone.
Next target
“By 2006 there will be enough smart phones so that the viruses will be doing to them what they were doing to the Internet two or three years ago,” said John Pescatore, an analyst with the Gartner Inc. technology consulting firm.
“Smart phones,” he said, “are the next big target.”
The cell phone industry insists that as its phones get smarter, its efforts to fend off hackers are keeping pace both in software and hardware design.
“We’re staying ahead of the problem,” said Jennifer Bosshardt, a spokeswoman for Overland Park, Kan.-based Sprint Corp.
Unlike the computers atop so many desks and laps, the wide varieties of cell phones today do possess some natural immunity to viruses and digital pickpockets.
Smart cell phones have yet to settle into a mostly Microsoft world where virtually every smart handset – really a smallish computer – employs the same operating system. Instead, scores of proprietary Apple-style systems still compete for market share. None of the most popular cell phone operating systems in the world has more than a sliver of the 1.6 billion global market.
More computer-like
What’s more, no virus is likely to jinx a significant portion of the cell universe, even if someone could write the devious code before the target phone has become last year’s hot seller and this year’s has-been.
Still, computer scientists see trouble close ahead.
“A small handful of (malicious computer codes) have been written by attackers just to prove that it can be done,” said Oliver Friedrichs, the senior manager for security response at anti-virus firm Symantec. “These smart devices can be attacked just like your home computer.”
There’s already a virus that effectively freezes all the contacts, calendar and notebook functions on the Nokia model 7610 and replaces its icons with skull-and-bones logos. Mercifully, infected gadgets still can make and take phone calls – presumably about the new stupidity of the formerly smart phone.
In addition, a so-called Cabir worm attacks contraptions that use Bluetooth, a technology that allows short-range wireless connections with other digital doodads such as wireless headsets. Once swallowed by your phone or other accessory, Cabir looks endlessly for other Bluetooth accessories to infect. At a minimum, those searches drain batteries.
In fact, experts say Bluetooth and other such short-distance radio technologies present a huge opening for hackers.
Because those radio signals have a range of about 30 feet, some people worry that an electronic thief could hang out in a public place and crack into everything stored in your phone – addresses, credit card numbers, company records – without your knowledge.
“We’re seeing guys sitting in London (subway) stations seeing what they can pick up within a 30-foot radius of their laptops,” said John Pironti, a security consultant for global technology giant Unisys. “It’s like the way guys used to steal cell phone serial numbers. … It’s becoming a new problem.”
“As we move into the future we’re seeing standardization,” said Dan Wallach, a computer scientist at Rice University. “Most cell phones are too stupid to have these issues yet. … But as they’re becoming full-blown computers, the risk grows.”
And as particular systems become more common, they’ll pose at least more attractive and potentially more vulnerable targets to hackers.
“People with bad intentions will discover those things and will exploit them,” said Victor Kouznetsov, the senior vice president of mobile solutions at virus-fighting McAfee Inc.
At Sprint, the PCS Vision Smart Device Treo 650 comes trumpeted as the “third screen” of your life – after the computer and television.
There is little it can’t do. It has an MP3 player for your downloaded songs. Built-ins include a speakerphone, camera, a full-but-tiny keyboard and a full-color screen. It even lets you listen to books, newspapers and radio shows from a catalog of 23,000 audio choices or watch bits of some TV shows.
Sprint has set up a virtual store to equip it with games, special graphics and ring tones (Americans spend $300 million a year on ring tones alone; the world spends $1 billion annually).
The phone works with Bluetooth – making possible wireless hands-free headsets and the ability to swap information with a desktop computer without plugging in. Sprint armored it in ways often suggested by experts. For example the BlueTooth function is supposed to “authenticate” any device that wants to talk with the phone. So, if someone in a subway wanted to tap into the traveling database stored in your Treo, they’d get in only if they already showed up on an electronic guest list.
“Since we knew that we were going to be launching wireless Web in 1999, we have been working with our vendors on just this kind of thing,” said Bosshardt, the Sprint spokeswoman.
Sprint and other companies also offer – usually just to business customers, and at an extra charge – what people in the industry call a “poison pill.” If a phone packed with loads of personal or corporate secrets is stolen, the user tells Sprint about the theft. Sprint can then send a message to the phone zapping all that information.
Even smart phones that ward off viruses and thieves could still need to deal with the next generation of spam.
In Asia, where cell phones are often more common than on American college campuses, users complain about phone-to-phone spam text messages.
Mobile systems operators are reluctant to block such spam, for fear of cutting off money-making calls from people their customers might genuinely want to speak with. Meanwhile, systems to launch such guerrilla marketing sell for $20,000 to $40,000.
Someone who is the target for the message pays just for receiving the messages, and pays again if suckered into making a call by what looks like a legitimate greeting.
“It isn’t here yet,” said Kouznetsov. “But it’s coming.”
—
Experts warn that as cell phones can perform more functions and standardization sets in, they will be more vulnerable to hackers.
The wide and changing variety of smart phone operating systems makes them less attractive targets for mischief.
Tips for stopping cell hacking:
-Turn off BlueTooth – or other short-distance radio functions – when not in use.
-Set your phone to communicate only with devices you want it to. The default settings on some smart phones automatically allow them to swap data with a wide range of devices.
The smarter your phone gets, the more closely you should guard it, and the private data it carries, against theft. Don’t leave it on the dashboard.
-Think about investing in virus protection for your phone – if not now, certainly within a year.
-Consider a “poison pill” service that lets your cell carrier destroy all the information stored in a phone if it is reported stolen.
-Set up your phone to require the entry of a password if it sits idle for an hour for everything other than making or taking calls.
-Start treating text messages with the same wariness for spam in your e-mail.
—
(c) 2005, The Kansas City Star.
Visit The Star Web edition on the World Wide Web at http://www.kcstar.com/
Distributed by Knight Ridder/Tribune Information Services.
AP-NY-02-16-05 0629EST
Comments are no longer available on this story