The Security of Versatile Web Gadgets

1898 days ago, 709 views
PowerPoint PPT Presentation
iPhones, BlackBerries, and so forth. I by and large think about a

Presentation Transcript

Slide 1

The Security of Mobile Internet Devices Northwest Academic Computing Consortium (NWACC) 2010 Network Security Workshop Joe St Sauver, Ph.D. Across the nation Internet2 Security Programs Manager Internet2 and the University of Oregon ( or security/This discussion has been set up in a nitty gritty configuration for simplicity of ordering and to protect availability for the crippled.

Slide 2

Acknowledgment and Disclaimer I'd get a kick out of the chance to start by saying thanks to Adrian Irish for the chance to impart a few considerations to you today. I'd likewise get a kick out of the chance to express gratitude toward NWACC for keeping on facilitating these security workshops. I know there are a great deal of subjects seeking NWACC consideration and support, so it's satisfying to see system and framework security keeping on being distinguished as a point of continuous intrigue. Since I wear an assortment of various "caps" every now and then, let me keep this discussion direct by offering the accompanying basic disclaimer: the assessments communicated in this discussion are exclusively those of the creator, and don't really mirror the supposition of whatever other element.

Slide 3

Format of This Session Rather than doing this session as only a straight address (as I here and there do), I concluded that I needed to attempt to have this be no less than somewhat more of an intelligent session. I know some of you are likely drained from all the before sessions held as a component of this workshop, and some of you may even feel prepared to head home, so let me say thank you for staying it out for the last session! In any case, what I'm wanting to do today is present a progression of themes, offer a few perceptions, and afterward energize you, the group of onlookers, to take an interest in a dialog of every issue raised. This is a touch of an investigation…

Slide 4

1. What Is A Mobile Device? Are Your Users Using Them?

Slide 5

iPhones, BlackBerries, and so on. I by and large think about a "portable Internet gadgets" as the sorts of things you may expect: iPhones, BlackBerry gadgets, Android telephones, Windows Mobile gadgets, and so on - stash measure gadgets that can get to the Internet by means of cell/3G/4G, WiFi, and so forth. In the event that you like, we can extend the definition to incorporate tablet PCs, for example, the iPad (perhaps you have enormous pockets?), and possibly incorporate traditional portable workstations, customary PDAs, and so on. We'll attempt to draw a hard line at anything that requires fiber availability or a bed jack to move. :- ) What about at your school? Do you have a formal meaning of what's viewed as a versatile Internet gadget, or is it just casually "comprehended?"

Slide 6

Are Students Using Them? Yes ECAR Study of Undergraduate Students and Information Technology 2009 ( ): About half of the respondents (51.2%) showed that they claim an Internet fit handheld device, and another 11.8% demonstrated that they plan to buy one in the following 12 months [...] Another study, by the Ball State Institute for Mobile Media Research, expresses that 99.8% of all understudies have a wireless and "advanced cells now represent 49% of versatile specialized gadgets on grounds," see,1370,7273-850-64351,00.html

Slide 7

Mobile Internet Devices at UO A neighborhood Eugene case: "Innovative Ubiquitous on Campus," Eugene Register Guard, Thursday, Sept 20, 2010, shop corridor cell.csp Reporter Bob Welch reviewed the grounds scene close to the UO Bookstore a month ago, and found that nowadays… [… ] w cap you primarily observe is gobs of understudies talking on telephones, messaging on telephones and cutting to who knows what inside their white-sprouted ears. Of a random test of 100 youngsters, 44 were either talking, Tweeting or messaging on telephones — or stopped into earphones. Here and there both. [article continues]

Slide 8

What About Faculty/Staff? Personnel/staff responsibility for web gadgets is more confused: - expenses of administration arrangements can be high ("It costs HOW much every month for your information plan???"), and - truly the IRS has treated them strangely (see,,id=167154,00.html ) albeit fortunately that issue is starting to get unraveled cordiality of good old Section 2043 of H.R. 5297 (the "Private company Jobs Act of 2010"), marked into law by the President on September 27th, 2010. (Updated charge direction from the IRS is normal) - there are an assortment of gadgets accessible, so which one(s) ought to the organization purchase and support? What are you doing at your school?

Slide 9

2. Which Mobile Devices Should You Support?

Slide 10

Starting With What We Know In the customary desktop/tablet world, our decisions for the question "What should we support?" are basic: - everybody underpins some kind of Microsoft Windows - the vast majority of us likewise bolster Mac OS X - a few of us even bolster other working frameworks, for example, Linux or *BSD or OpenVMS or [whatever] We have ability, particular apparatuses and systems, and documentation prepared to bolster this (generally little) number of stages – on the grounds that it's only a couple of stages. The world is somewhat more mind boggling in the portable web gadget space. What would it be advisable for us to bolster there?

Slide 11

One Approach: Software Quality? Generally as Secunia tracks vulnerabilities and patches for customary desktop and portable workstation phone, Secunia likewise tracks vulnerabilities for versatile Internet gadgets: - Blackberry Device Software 4.x: - iPhone OS (iOS) 4.x: - Microsoft Windows Mobile 6.x: - Palm Pre Web OS 1.x: [No Secunia page for Android currently] Is programming "quality" a choice criteria in selecting gadgets?

Slide 12

More Likely Strategy: Pick What's "Well known" If you don't have a superior technique, another alternative is to pick what's most prominent, and simply bolster those kind of gadgets. So what are the most prominent Internet cell phones? All things considered, it can shift…

Slide 13

Mobile Internet Devices, U.S. Piece of the overall industry Reportedly, U.S. piece of the overall industry data starting July 2010 (see ) resembles: - Research In Motion (e.g., Blackberry): 39.3% - Apple (iPhones): 23.8% - Google (Android): 17.0% - Microsoft (Windows Mobile) 11.8% - (Palm Pixi, Palm Pre, etc.) 4.9% - Other 3.2%

Slide 14

A Second Take On Smart Phone Market Share Worldwide advanced cell piece of the pie, 2Q10, Gartner: - Symbian 41.2% - Research In Motion (e.g., Blackberry): 18.2% - Google (Android): 17.2% - Apple (iPhones): 14.2% - Microsoft (Windows Mobile) 5.0% - Other 4.2%

Slide 15

But Note, When It Comes to Symbian…

Slide 16

Most Vendors Are Making Mobile Internet Devices in All Popular Form Factors Some gadget sorts are uncommonly well known (all in all) You're going to see a great deal of "touch screen gadgets" that (kind of) look or act like iPhones. You're going to see a ton of "uncovered QWERTY console gadgets" that (kind of) look or act like great BlackBerries. Slide open-organize gadgets are additionally very regular. See the accompanying cases…

Slide 17

Sample Apple iPhone 4

Slide 18

Sample Blackberry Devices

Slide 19

Sample Android Device

Slide 20

Sample Windows Mobile Device

Slide 21

Sample Symbian Devices items/gadgets/nokia-c6-00

Slide 22

What About "Open Source" Mobile Devices?

Slide 23

Why Not Just Support "Everything?" Device bolster expenses can murder you! Destinations need to purchase the gadgets themselves, and assemble documentation, and keep up network for that stable of gadgets, and this gets harder (and more costly!) as the quantity of cell phones you bolster increments. It's insane to attempt to keep "one of everything" close by when in any event a few items may once in a while get bought/utilized by your nearby clients. In different cases, while a few items may appear to be entirely comparative, one may in actuality be unequivocally superior to other "comparable" options. In case you're as of now supporting a "best of breed" item there's little indicate supporting a "likewise ran" contender. In still different cases, in any event some personnel/staff may just be permitted to buy gadgets recorded on a compulsory/selective contract.

Slide 24

Beware "Contract Lock-In" On Old, Crumby Devices on occasion it can be difficult to fathom how quick portable Internet gadgets are developing. We may have a three or even four year life cycle for desktops and portable PCs, yet cell phones are persistently being upgraded, and a great many people redesign their cell gadgets at regular intervals. On the off chance that you have a constrained rundown of "affirmed" portable Internet gadgets, arranged three or four years prior in view of what was accessible then, what's on the rundown today will be yesterday's advances (and regularly at yesterday's costs!) Be SURE to have a system by which clients can go along criticism or proposals with respect to gadgets they'd jump at the chance to have accessible and upheld!

Slide 25


Slide 26

Choice of Connectivity Not all telephones utilize a similar kind of availability. In the meantime your college is settling on which versatile web gadget working frameworks it will bolster, you ought to likewise