Category: Uncategorized

There is this new supposed trend call "Bring Your Own Device", or BYOD for short, meaning you use your own personal devices at work and for work. It's probably the nightmare of every company network administrator because how do you ensure data security and confidentiality on devices you don't really have under your control. Their nightmares are perhaps lessened a bit as companies introduce methods to encrypt data and control data remotely, i.e. company network administrators can remotely wipe devices or at least the company parts of it should it become necessary and are probably also aware of the device's location, etc. And this is the point where I stop liking BOYD.

I fully embrace the idea that a device I buy is mine, it's under my control and I can do with it what I want. This is why I don't have an iPhone, it's not mine when I buy it, it's still controlled by Apple. No thanks. And even the mere thought of a company I work for having access to a device I own counters this very notion of being mine and being in control.

Perhaps BYOD can evolve a bit so I might have a second look!? How about a virtual machine in a mobile device running an encrypted OS with company applications? The host device is mine, the host OS and applications are mine but the content of the virtual machine is managed by the company. If I don't like what the company is doing, I get rid of the VM container. If the company needs to delete the data, they delete the virtual container. Done. A clear separation of control. I am not sure however if it would work from a security perspective as the host OS or an application running in the host OS could still access the memory of the virtual machine and thus maliciously extract data. But if that could be prevented, well, perhaps it might be worth a second look.

In many many years a close friend's Windows 7 computer remained free of malware and we did a lot to  keep it that way. Updating Flash, Java, Windows, Firefox, Thunderbird, etc. as soon as fixes become available and using an anti virus program should have kept us save. But it didn't and it cost me a full night's sleep to fix it.

Things started to look strange when Google searches sometimes did not end up on the selected page in the search results but the browser was instead redirected to a completely different page. When looking at it I saw that Google showed the references to the page correctly but when clicking on the link there were suddenly a number of redirections to pretty strange URLs indicated at the bottom of the window before a final destination was selected . It wasn't a rouge browser plugin as the same process repeated itself when using Internet Explorer as well.  This looked like click fraud to me because the final pages were those of big and well known companies.  Then I noticed that Microsoft's Security Essential virus scanner was not running anymore and restarting it manually ended up in an error message. Now that made it pretty clear that something is really wrong.

So I shut down Windows and booted to a special Ubuntu virus scan CD. I always carry it with me hoping tat I would never have to use it. Now I'm glad I carried it along. During several hours of scanning over night it revealed a number of infected files with two viruses. After removing them and rebooting, things in the browser were back to normal. Microsoft Security Essentials still didn't work but reinstalling the package fixed this. Then I discovered that the malicious program had also deactivated the Microsoft Notification service so it wouldn't complain that the anti virus was not running.

How could this have happened? The bad thing is that without the virus scanner having detected it there is no way of telling. A drive by virus on a web page using an unknown weakness, something in an attached document of an email? Lets hope the updated virus definitions will catch it next time or a patch against it has been installed in the meantime because without knowing where it came from there is little that can be done to prevent it from happening again.

Another nail in the Windows coffin on that machine and one more reason to switch to Linux for my friend. After all, Windows 8 will be so different she needs to relearn the desktop anyway. It's time to change.

During the past couple of Thalys train trips from Cologne to Paris I just ignored the “we have Wi-Fi Internet access on board” announcements since it just didn't work anymore even though at the beginning they had a brilliant start. Whenever I tried there was just no connectivity at all except for the landing screen. But they keep insisting during their automated welcome messages that Internet access is available. O.k., I believe in the good and in things getting better so I tried again on my recent trip. Again, it didn't work. What a letdown!

Dear Thalys, just switch your Wi-Fi off and stop this ridiculous announcement as it's obviously not your intention to improve the situation. This way, your customers will at least not be disappointed by something they are promised. Just admit you've failed and move on.

P.S.: Note that this is not a technical issue, it worked great at the beginning. Also other train companies such as Deutsche Bahn show that working Internet access on high speed trains is possible.

When I was recently on vacation I visited friends and incidentally they all lived just outside of smaller towns on the countryside. They all had a DSL line at home but mobile network coverage was weak at best. Apart from being a nuisance for me they said themselves that they were not happy with the mobile network coverage in their house. And it was not like they were living in totally remote areas. Perfect places for femto cells!

So while femtos haven't really made a big inroad in most countries over the years so far, I still see the potential and the need, especially since people more and more use their mobile phones instead of fixed line devices for voice calls. Sure, Wi-Fi and SIP clients could also do the trick on their devices when they are at home but it's not seamless and doesn't work for their guests. Fortunately, Vodafone seems to expand their femto solution to more countries beyond the UK now so let's see, perhaps that might be a solution for such locations and perhaps a reason for the competition to wake up.

In  recent comment to a blog post, Sergey observed that the usage of the terms 3G and 4G is completely different in the US and Europe. While in the US, the term 4G is used instead of LTE, it's exactly the opposite in Europe, where the term 4G is not very prevalent and LTE is used in the mainstream press. Both parts of the world have reasons from a marketing point of view to do one thing or the other. And by the way, some even call UMTS networks 4G in the US. And to dazzle you even more, a well configured dual carrier UMTS network can easily compare with a 10 MHz LTE network, the prevalent bandwidth in the US, or even surpass. And to drive the point home, a 20 MHz LTE network in Europe easily beats a 10 MHz network in the US. There we go, the terms 3G, 4G are completely meaningless but unfortunately suggest that one thing is better than the other when even 4G can't be compared to another 4G network.

So perhaps we have to go back to the roots? Perhaps everything based on UMTS should be called UMTS and everything based on LTE should be called LTE, at least by engineers who know what they are talking about!? And if you really want to compare performance, the terms won't help much just like the terms 3G and 4G. But at least they don't have this bias in them intrinsically that suggests one is better than the other. Well, and if one really discusses performance, then one has to to pull out lots of parameters such as bandwidth used, modulation and coding schemes available, cell site density, backhaul capacity, etc., etc., irrespective of the technology used.

Recently, Techcrunch and Gigaom reported a couple of very interesting technical details on the amount of data and number crunching over at Facebook. Here are some:

• Current amount of data stored: 100 petabytes. That is 100.000 terabytes! Imagine the physical amount of space required to store such an amount of data…

• 500 terabytes (i.e. 0.5 petabytes) of data added each day, including 300 million new pictures.

• 105 terabytes of data analyzed every 30 minutes.

Anyone's got a link to original material on this, I'd like to hear/see it from them first hand!?

If 0.5 petabytes are added per day that's 182.5 petabytes per year if user behavior stays the same even without adding new users. Makes one wonder how long they can keep up with the amount of data they have to store as cost for it will rise as well. I wonder if the storage and power costs per TB of data is decreasing as fast their data store is increasing. Kind of a life and death question if you don't want to throw away data at some point unless you can increase your revenue at the same time with storing more and more data.

 

Many years ago when I first ventured into mobile I got myself a SIM card reader with a serial interface because I found a neat program called "SimSpy" that could read lots of fields on the SIM card and interpret their contents. Time has moved on, serial interfaces on computers became a thing of the past and my serial SIM card reader would not work any longer without a USB adapter. In other words, I pretty much forgot about it. But recently, I had the need for a SIM card reader again so I bought a new one straight with a USB interface for 16 Euros as the description mentioned that it supported a number of, let's say, 'traditional' API standards. For details see the (German) description on Amazon. And indeed, the included driver installed flawlessly even in a virtual machine running Windows XP and the latest version of SimSpy had no problems finding the card reader and reading the SIM cards I inserted (see picture on the left, with a couple of sensitive fields blanked out…). Very neat indeed!

They
are installed on pretty much on every bridge over major roads these days: Traffic
jam sensors. Recently, I got to see one close up and found it quite
interesting that they are totally autonomous, no network cable (of
course) but also no power cable. Have a look at the picture on the left.
According to the website of the company that has deployed those
sensors, data is sent over the GSM network when necessary, i.e. only
when the traffic flow changes. No mention whether SMS or GPRS is used
for the data exchange.

Then I wondered how much power the sensor
draws and if the solar panel could supply enough power for a round the
clock operation? The module has a size of about a quarter of a square
meter so how much power could it deliver per day? From experience with a
solar panel that had a size of about 4 square meters that could deliver about 500 watts under best conditions this module could perhaps deliver around 30 watts under the best conditions. Now the sun is not always shining so perhaps the module delivers 100 Wh per day. Is that enough?

That depends on how much power the device draws. The radio module itself is probably pretty efficient. Idle mode power consumption of embedded modules is typically less than 10 mW. So letting it run around the clock would result in a power consumption of the radio module of around 0.24 Wh per day plus the increased power consumption for communication. I assume the device only communicates rarely so this value should not increase much. And then there's the application processor board and the sensors themselves. As their main job is to count and analyze impulses it gets when cars move under the sensor I can imagine that its power consumption is equally low. But even if it takes a full watt, the solar panel and a battery to store energy for nighttime should be way sufficient to drive the device. And a full watt is already quite a lot, even a Raspberry Pi Model A under full load is specified to take only 1.5 Watts.

With all that is going on at the moment in the UK with the Orange/T-Mobile merger, LTE in 1800 MHz, upcoming auctions for 800 and 2600 MHz spectrum in 2012, potential sale of 1800 MHz spectrum of EE to H3G, etc. it's a bit difficult to keep track of who actually has spectrum where and how much. Is your head spinning? Mine does.

But here's an interesting document released by Ofcom that shows who has what kind of spectrum in 2012 that sheds some light on the current situation. The details are on page 8. Quite insightful.

It looks like even though SMS messages can't be sent free of charge, SMS spam and fraud seem to be on the increase and I suspect a significant part of the population may be vulnerable to be tricked into calling premium numbers that way.

When I recently talked to a somewhat elderly person I was told a story about an SMS the person had received which looked like it was sent by a popular parcel service company. The message said that they had tried to deliver a parcel but found nobody at home to receive it. The message then requested the person to dial the number in the SMS message (or click on it) to call the parcel service to arrange for another delivery. The number, of course was a premium number but not all people recognize such numbers, especially in countries that don't use 0900 or other well known codes for such numbers.

In this particular case, no damage was done because when the person tried to call the number it was already deactivated. It looks like the fraud was discovered and shut down.

What is really bad about the whole thing is that even after I explained that the SMS message was a scam to trick people into calling premium numbers, the person still insisted that the message has come from the parcel delivery service. I am not sure my explanation has sunk in 🙁 And the person I was talking to was not dumb, just not born in the mobile age…