Christian Dunn

In 2006 the source code to a number of popular Symantec software titles was stolen. This included applications such as Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and PC Anywhere.

Symantec had previously advised the risk from this theft was low as long as customers were using the latest versions of their software as updates to most of these applications has now overcome any risk.

This week however Symantec released an announcement indicating the problem was more serious than they were first aware and advising customers. The announcement came after a hacker called YamaTough released the source code to Norton Utilities and threatened to publish its anti-virus programs.

The application of real concern to Symantec now is PC Anywhere. As this is a remote access tool for users computers, losing the source code puts the network at risk as an understanding of how the software works would allow a hacker to hijack users computers. Even though the threat is a few years old, the underlying platform of PC Anywhere still has some common features. As a result Symantec has now advised all users to temporarily stop using the product until it releases an update to resolve the issue. This is a major step for a company, as rarely do vendors recommend totally disabling their products.

With fewer than 50,000 users of PC Anywhere, Symantec is not worried but this indicates the amount of trust we put in vendors to supply secure software and the risks a minor mistake or incident can lead to. At least they told us.

Well the news from the CES Conference this week indicates that there will be a new development release of Windows 8 on February 1 and a potential public release in October.

Presenting at it's last CES Microsoft indicated that Kinect (that crazy control with your body feature on the XBOX that makes you look like you are performing sign language at your TV) will be a feature of Windows 8 ensuring that you will soon see people on the train making strange hand signals at their laptop as they run applications.

Apparently Microsoft have been wooing developers and at release time there will be wide range of Kinect available applications ready to go.

Add that to the new all-in-one version of Windows that is meant to run on everything from Atom Netbooks to Laptops, Desktops and mobile phones and Microsoft could be on to a winner here.

I can't wait!

Do you user iCloud on your iPhone ?
Is that a work iPhone ?
Who owns your Apple ID ?

Services for mobile users has become a whole new area for businesses and IT to deal with. These days it is almost impossible to use an iPhone without an Apple ID, or an Android phone without a google account. But when that device is a work device, not a personal device, who owns that account, who pays for that account, who can backup that device to iCloud, what data is stored on it and do they lose that account when they leave? These questions need to be answered by every business using smartphones.

The reason? It took me 15 minutes to setup a new iPhone from my iCloud backup and bring across all applications, settings and data. What did I need? My Apple ID.

If you use a work phone do you have a personal or company Apple ID? Do you buy your own apps? Do you have any work related pictures or documents?

When you leave will the IT department disable your Apple ID? Do they know your Apple ID? If they don't what is there to stop you walking out the door with pictures, documents and contacts from your phone without needing your corporate accounts.

This is why in the age of the smartphone IT departments need to be quicker and more flexible than before. BYOD (Bring-Your-Own-Device) is rapidly growing in popularity but there are important management strategies required to implement this in your business to ensure you are not compromising your security or user privacy.

When it comes to the introduction of these technologies in the workplace IT needs to be seen as a leader, not as a stumbling block. This means strategies need to be put in to place now to prepare your business for the complexity of smartphone and tablet devices from a variety of platforms to ensure you are prepared when the boss asks you to let Jimmy use his personal phone at work.

By now you have probably heard about the major Telstra Bigpond outage that occurred this weekend.

On Friday a user searching for contact details for Bigpond stumbled across a (what should have been internal) website providing access to the details of all customers on bundled packages (i.e. phone/internet), including some account passwords.

After notifying Telstra access to the site was immediately shut down.

From Friday until Sunday up to 1 million customers have been unable to access Bigpond account details or emails and over 60000 users have had their account passwords reset.

Welcome to what I like to call "Cloud and present danger". These days as more companies move applications online or into the cloud, it is important to consider the ramifications that those decisions may have. Previously we would have used virtual private networks or dedicated internal networks to access critical customer portals and information. As cloud hosted applications have become the norm I have seen a shift in the industry to using secure web portals rather than VPN or private networks to provide information to other sites.

Why? It is easier to implement, it works from anywhere and it can be faster to activate new stores and provide access to staff or customers. Unfortunately it also means if there is any breakdown in security including lost passwords or failure of secure logins, or an inadvertant change in settings by an administrator this means there is no second level of protection so instantly all of your companies critical data is visible online. In this case it could have been as simple as a system administrator disabling password security to test a feature which has caused this massive breach.

I am constantly suprised companies haven't considered this, especially in the light of some major privacy breaches in the last year. Protecting your data behind a VPN or private network ensures that even if there is a fault that enables all your information to be visible or insecure, then that information is only insecure within your corporate network, not to the outside world.

This does not necessarily apply to all applications and services but there are definitely some critical considerations when you are dealing with the personal information of your customers that all too frequently seem to be disregarded. As we move more of our personal information online, including health, the benefits and risks are only going to make this a more pertinent issue.

If you are one of the affected Telstra customers your services should be restored this evening, but expect some changes in light of this latest breach.

If you are a company owner considering moving your business critical applications into the cloud, think security. Your customers will thank you later.

If you haven't been following the news iiNet and AFACT are back in court again over the rights of the recording studios to report to an internet provider that a user is sharing illegal content and enforce action to be taken against the user.

ZDNet has been giving a great day by day rundown of the latest court action:

http://www.zdnet.com.au/high-court-day-1-iinets-control-over-choice-339327119.htm
If a user shares illegal media with a torrent application on their home internet connection and this is detected by the copyright protection groups such as AFACT and they report this should you be punished? Can your internet activity be filtered? This is where it all began. Does iiNet have the ability to control your actions with Torrent applications and sharing illegal media? Whose responsibility is it anyway? Should they be responsible for passing on to you threats or fines for sharing illegal media, even by accident? How could they prove it was you? Is iiNet responsible for providing you internet access or are they responsible for what you do with that internet access?

http://www.zdnet.com.au/high-court-day-2-iinet-says-afact-lawsuit-inevitable-339327224.htm
"No matter what kind of warning notice scheme iiNet put in place to stop users breaching copyright, if it didn't include an account termination threat, it wouldn't have been enough to prevent the Australian Federation Against Copyright Theft (AFACT) from launching legal action" That pretty much sums up iiNet's case. At first they were told they should have sent a warning letter, so they agreed with that option, then AFACT wanted a notice of termination if illegal media not removed in days, then the ability to throttle connections or terminate your connection. Really? If iiNet had to do that, wouldn't you just use Telstra or TPG? So iiNet would end up losing customers.

http://www.zdnet.com.au/high-court-day-3-afacts-final-pitch-339327285.htm
While iiNet responded that it would cost them to police these actions, AFACT believes it is in iiNet's interest to stop user from using programs like BitTorrent because they are heavy bandwidth hogs and would save iiNet money. While iiNet believe they have no control over what you do on the internet, with programs like BitTorrent, AFACT believe that once you have been detected sharing copyrighted material and iiNet is notified that any further breaches are the responsibility of iiNet so they will have to take actions to stop you sharing.  Judgement in the case is expected in early 2012.

In the ongoing battle between Apple and Samsung there have been a number of big turns of event.

Samsung is now moving up the ladder as one of the largest mobile device suppliers in the industry.

This survey from the US indicates that in the smartphone hardware market Samsung now have 25% of the market. No surprise that Android is now on 45% of smartphones too.  Read more: http://www.bgr.com/2011/12/02/android-steals-blackberry-share-samsung-top-vendor-in-new-comscore-report/

Samsung released this great youtube ad at the time of the iPhone 4S launch which makes me laugh, especially as I have an iPhone and a Galaxy S II.

The Samsung Galaxy Tab may be available in Australian Stores shortly after Apple lost it's bid to keep an injunction on Samsung selling it's Apple competitor. Apple are planning to appeal to the High Court although they may not have much luck, and Samsung are planning to have the Galaxy in stores as soon as stock is available. Read more here: http://www.thegalaxytab.com/2011/12/01/australians-eager-to-buy-new-galaxy-tablets/

Siri-ously?

Siri for the iphone 4S looks handy and useful just like Voice Control, Vlingo and Pocket Blonde on my Android Galaxy S II but will you use it?
Personally I feel like a bit of a dick talking to my phone. I suppose I could work more in the car while driving but it does prompt you to check it's actions, a smart move so you don't accidentally send your boss a 2am drunk message, but a limiting factor as you have to take your eyes off the road. Your thoughts?

3GS owners finally have a reason to rejoice. If like me your iPhone running iOS 5 responded like a 386 running windows 98 and single finger typing was actually too fast then your prayers are answered. iOS 5.0.1 was distributed over the air to iOS 5 users over the weekend. You will see an alert from your settings app. This alert allows you to install the update anywhere as long as you have sufficient battery life and a decent signal to download the update. From up to 1 minute for my email or messages to open to almost instantaneous, was a massive difference. This patch was designed to resolve the battery drain issue for 4S users which was apparently caused by apps not turning off devices correctly. It appears to have made a big performance boost for all users. 3GS and 4 owners should update immediately. It's nice to have my phone back...well one of them.

It's official, mobile Flash is dead.

Adobe has announced that it plans to stop development of Adobe Flash for mobile devices and cut 750 staff.

Adobe will try to redirect developers to it's Adobe Air platform although HTML5 will be the direct replacement for flash on mobile devices.

The bad news is for all the website owners who now need to arrange to redesign their sites not to include Flash.