A decade ago, I appeared on the 361 Podcast to give my advice about mobile security. This was the era of the iPhone 5 and Android KitKat. BlackBerry was trying to have (yet another) resurgence and Nokia was desperately trying to keep Windows Phone alive. What advice did I give then, and is it still relevant? Stay Sceptical In at number five is just stay sceptical. I mean, quite often, lots of mobile viruses and mobile scams spread by text message, by email, by Twitter. And these are all…
Continue reading →
It is tempting to think that users are to blame for their own misfortune. If only they'd had a stronger password! If only they didn't re-use credentials! If only they had perfect OpSec! If only...! Yes, users should probably take better care of their digital credentials and bury them in a digital vault. But there are some things which are simply impossible for a user to protect against. Take, for example, a SIM-swap attack. You probably have your phone-number tied to all sorts of important…
Continue reading →
Android's user-hostile interface never fails to disappoint! I was struggling to get a new eSIM working. I could make and receive calls / texts, but data just wasn't connecting. I tried rebooting, flipping to aeroplane mode, changing bearer, manually selecting the network. Nothing! Then, I remembered my ancient GSM knowledge. All mobile networks need an APN - Access Point Name - in order to connect to data services. Tucked at the bottom of the SIM settings screen is the "Access point names"…
Continue reading →
After railing against eSIM-only phones for over a decade, I've finally succumbed. It appears impossible to buy a modern phone without them. Thankfully, most seem to be dual-SIM. So I can have a regular SIM card and an eSIM. I find dual-SIM phones handy. I have a disposable number which I give out to people who don't need my main number. And when I go abroad, it's useful to have a local SIM. When I'm at home, I like my 2nd SIM to be used as a backup in case I'm somewhere with no signal on my…
Continue reading →
Last night I received a call from my bank. They'd detected an unusual transaction and wanted to make sure that it was legitimate. Had I recently purchased £10,000 worth of crypto in the Maldives? What?!!? No! ARGH! I started to panic. All my apes money gone! No. Wait. The other thing. I knew it was a scam from the moment "James from your bank's fraud team" started his patter. You see, I have multiple phone numbers. And "James" called me on a number which isn't tied to my bank. So I strung …
Continue reading →
While farting around online, I stumbled across this 2008 Time Capsule from Stephen Fry. In it, he discusses the state of mobile phones - diving into the problems with BlackBerry's and Apple's latest offerings. BlackBerry had released the Storm and Apple's 2nd iPhone was now 3G capable. It's quite the glimpse into what we thought the future would be like. Halfway through, he says: When the first generation [of iPhone] came out I offered the view, based on my experience of releases and…
Continue reading →
I'm not sure how many people know this, but I thought I'd share something I learned a few years ago when I worked for a mobile phone seller. Most modern smartphones are too expensive for people to purchase outright. At the most extreme end, the iPhone 14 Pro Max costs £1,200. So a typical customer elects to pay £50 per month for 24 months. The customer gets a new phone for a reasonable monthly figure. The phone seller gets a regular monthly payment which helps with their financial f…
Continue reading →
I want to detect if a web browser is running on a device which is capable of placing a telephone call. Is that possible? I'm going to go with a cautious "no - not quite". Although there are several proxies which get you part of the way there. Here's a link to a telephone number "call me!" - the HTML is: <a href="tel:+441234815259">call me!</a> You can use tel: in just the same way you'd use http: or mailto:. It tells the User Agent to open the correct program to deal …
Continue reading →
How I miss the days when phone manufacturers were innovative. Nowadays everything is just a boring black rectangle. Tawanda Nyahuye👨💻@towernterHow to end a frontend developer's career pic.x.com/aysi0pghh5❤️ 5,760💬 162♻️ 006:19 - Fri 06 May 2022 I imagine that this (concept) device would probably just put the browser only on one row / column. Probably sensible, but utterly BORING! Let's imagine a few bonkers devices. Here's a daft concept phone with a punch-hole camera cutting out its screen…
Continue reading →
Here's another idea which I tried to launch, back when I worked for a phone company. Disposable phone numbers. The pitch was simple. "As a woman on a dating site, I don't want to give my phone number out to strange blokes in case they don't like it when I eventually reject them." The idea was that we'd partner with a dating service and, for the low price of £X per month, give users a temporary phone number. Calls and texts to that number would be routed to the user's regular phone number. At …
Continue reading →
Apparently, Apple plans to make a port-less iPhone which only uses wireless charging. This is something I predicted 7 years ago! Qi - the wireless charging standard - is excellent. Put your phone down on a mat, or in a cradle, and it starts charging. Lovely! But there's a problem. You can't pick up your phone while it's charging. How many times have you lain on the sofa, cord tethered twixt phone and wall, while you watch cat videos and charge? After a year of use, I'm convinced Magnetic…
Continue reading →
Here's an idea that can't possibly work. People used to pay-per-minute for telephone calls. Some numbers were "zero-rated". That is, if you called them you wouldn't be charged. At first it was calls to the emergency services which were free. Businesses and other organisations realised that it was good customer service to provide a free-to-call number. Generally speaking, this means that the called-party pays the phone company for incoming call rather than the caller paying. Thus 0800 numbers…
Continue reading →
· CyberSecurity mobile podcast security · 6 comments · 1,750 words · read ~291 times.