Windows Mobile 6: Too Much on Word Not Enough on Security
What is that old saying about tigers never changing their stripes? Earlier this week Bill Gates talked about the importance of trustworthy computing, so where is that enthusiasm for security in Windows Mobile 6?
Microsoft announced Windows Mobile 6 yesterday. With it comes a host of new features:
Moreover, it allows viewing, navigating, and editing documents in original Word, Outlook, Excel, and Powerpoint format, without affecting tables, images, or text. Other features include support for synchronisation with Vista via the new Windows Mobile Device Center, improved search, encryption of data stored on removable memory cards, .NET Compact Framework, SQL Server, and usability of the device as a modem for notebook PCs.
SQL Server on a phone? Remember how well the embedded version of SQL Server worked when SQL Slammer was let loose? Putting a database on a device with an unhardened operating system is practically begging to have your data stolen.
The big problem is that mobile device are targets of emerging threats and the devices should be hardened before loading them with another layer of vulnerable software. Security analysts are watching for a increase in threats to mobile devices, according to CNET:
While the number of threats to phones today is low, security experts and analysts agree that situation is likely to change with the advent of smart phones running common operating systems.
Microsoft’s response to these emerging threats is addresses some well known problems like of data storage encryption:
A report for J. Gold Associates late last year argued that the lack of encryption left MS users vulnerable to data loss and MS at a competitive disadvantage:
A new research report contends that by failing to offer onboard encryption for e-mail files stored on Windows Mobile devices, Microsoft may be putting itself at a competitive disadvantage and leaving users vulnerable to data loss.
But where is the full scale commitment to trustworthy computing we see with Vista. The jury is still out on Vista security, but at least there is some effort. Where is that effort for mobile devices?
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
Comments
Thanks, this brings up many of the same questions I have been wanting to here. We are slowly moving some of our POS customers to mobile-POS solutions. Why buy an expensive wireless credit card swipe system when your customers device, like their phone can do it all. I am hearing about mobile wireless technology like "Near Field Communications" (Something like waving your "fast pay" key chain device at the gas pumps to pay for the gas). Soon we will be able wave the phone near a point-of-sale terminal that supports the technology, and it automatically pays for the item.
Its not like a home PC... mobile device are, well, made to be mobile. If they get your wallet and your mobile device...Security will soon be a very big issue.
What will the next generation of these cyber-pick-pockets be called! Criminals that only need to stand next to us for a moment to grab our cash, will surely get a name!
Posted by: BobG | February 14, 2007 4:28 PM