uncompiled.com

Verizon Wireless, the largest U.S. mobile-phone company, will start selling Apple Inc.’s iPhone next year, ending AT&T Inc.’s exclusive hold on the smartphone in the U.S., two people familiar with the plans said.

The device will be available to customers in January, according to the people, who declined to be named because the information isn’t public. Natalie Kerris, an Apple spokeswoman, and Jeffrey Nelson, a Verizon Wireless spokesman, declined to comment.

The iPhone, which has been the sole domain of rival AT&T in the U.S. since June 2007, will give Verizon a boost in its competition for smartphone customers, UBS AG analyst John Hodulik said in an interview. Verizon customers, who numbered 92.8 million at the end of the first quarter, may buy 3 million iPhones a quarter, he estimates.

“Apple is going to dramatically increase the number of devices it sells in the U.S. when exclusivity at AT&T ends,” said Hodulik, who is based in New York and rates Verizon shares “neutral.” “It’s hard to ignore the quality issues that AT&T has faced.”

Verizon Wireless, which is building a high-speed fourth- generation network, plans to unveil several devices that will run on the new technology in January at the Consumer Electronics Show, Chief Executive Officer Lowell McAdam has said.

IPhone Gains

Verizon Communications Inc., which co-owns the wireless company with Vodafone Group Plc, slid 9 cents to $28.62 in New York Stock Exchange composite trading at 4 p.m. AT&T fell 49 cents to $24.46. Apple, based in Cupertino, California, dropped $12.13 to $256.17 on the Nasdaq Stock Market.

Peter Thonis, a spokesman for Verizon Communications, and Mark Siegel, an AT&T spokesman, declined to comment. Tenille Kennedy, a spokeswoman for Research in Motion Ltd., didn’t return a call seeking comment.

The iPhone has helped AT&T add subscribers even as the U.S. mobile-phone market nears saturation. There are enough wireless devices for more than nine out of 10 people, according to the CTIA wireless industry association.

In the first three months of this year, about a third of AT&T’s iPhone activations came from customers who were new to the carrier. Without those 900,000 new subscribers, the company may have posted a loss in contract customers that quarter, analysts said.

Still, Dallas-based AT&T has battled customer complaints about its wireless service, especially in New York and San Francisco, and dedicated an extra $2 billion to upgrading its network this year.

BlackBerry, Android

For Apple, a partnership with Basking Ridge, New Jersey- based Verizon Wireless is a victory over rivals such as RIM and Motorola Inc., whose smartphones are currently promoted by the carrier.

“For Apple it means a larger addressable market,” said Andy Hargreaves, an analyst at Pacific Crest Securities in Portland, Oregon. “It’s also good news for Apple in that it will spread the load on the wireless data networks, which will be good for their customers.”

Motorola, which makes Droid phones that use Google Inc.’s Android operating system, fell 27 cents, or 3.8 percent, to $6.80 on the New York Stock Exchange. Google dropped $17.82, or 3.8 percent, to $454.26 on the Nasdaq. RIM, maker of the BlackBerry, declined $3.22, or 6.1 percent, to $49.75.

Apple has sold more than 50 million iPhones since the phone’s introduction in 2007. The latest version, iPhone 4, sold more than 1.7 million units in the first three days after its June 24 debut, a record for the product. Chief Executive Officer Steve Jobs said the company didn’t have enough supply to meet demand. Many stores, including retailer Best Buy Co., sold out.

A release at Verizon in the first quarter will help Apple’s sales in the U.S. grow to at least 15 million units next year from 11 million in 2010, Barclays Capital analysts said in a note today. The company’s suppliers have been ramping up production of components for a phone on Verizon’s CDMA network, according to the research report.

Source

McAfee has bought privately-held enterprise mobility management and security startup Trust Digital. The terms of the deal, announced Tuesday, were undisclosed.

The agreement will allow McAfee to offer a wider range of enterprise-targeted mobile security products for smartphone platforms, including iPhone OS, Android, Web OS, Windows Mobile and Symbian. Trust Digital’s technology will be integrated into McAfee’s ePolicy Orchestrator management console technology. This symbiosis will guard against such risks as malicious downloads of applications onto smartphone devices.

McAfee’s pitch is that its technology will make the roll-out of iPhone and Android smartphones in enterprises safer. It’s unclear how many of Trust Digital’s 40 workers will be offered jobs with McAfee.

Source

Palm Inc., creator of the Pre smartphone, is seeking bids for the company as early as this week, according to three people familiar with the situation.

The company is working with Goldman Sachs Group Inc. and Frank Quattrone’s Qatalyst Partners to find a buyer, said the people, who declined to be identified because a sale hasn’t been announced. Taiwan’s HTC Corp. and China’s Lenovo Group Ltd. have looked at the company and may make offers, said the people.

Palm, which helped pioneer the market for personal digital assistants, would offer suitors the WebOS software that competes against mobile operating systems from iPhone maker Apple Inc. and Google Inc. For Elevation Partners LP, the firm that owns about 30 percent of Palm, a sale may end the volatility of an investment in a stock that surged more than 10-fold since December 2008 before erasing most of the gain.

“Palm still has quite a good brand in the U.S. market, and some strong technology, so you can do something with it,” said Frank He, a technology analyst at BOC International Holdings Ltd. in Hong Kong. “The shares have gone down a lot and the company may become attractive to anyone looking for a turnaround play.”

The Sunnyvale, California-based device maker surged 32 percent last week on the Nasdaq Stock Market on renewed speculation of a takeover bid. Before the rally, the stock had plunged more than 60 percent this year, dragged down by disappointing sales of the Pre and Pixi phones.

Missing Estimates

Palm rose 11 percent to $5.16 on April 9 in Nasdaq Stock Market trading. The shares jumped as much as 9.4 percent in Europe today, trading 9 percent higher to the equivalent of $5.67 at 10:52 a.m. in Frankfurt.

Chief Financial Officer Doug Jeffries last month forecast sales in the quarter ending in May will be less than $150 million, compared with the $300 million average of analysts’ estimates compiled by Bloomberg at the time.

Palm, which has a market value of $870.8 million, ranked sixth in the North American smartphone market during the three months ended Dec. 31 with a 4.3 percent share, according to Gartner Inc. Research in Motion Ltd., maker of the BlackBerry, led with 44 percent, followed by Apple’s 24 percent, according to the Stamford, Connecticut-based research company.

Chief Executive Officer Jon Rubinstein, who developed Palm’s latest operating system, was counting on the Pre and Pixi smartphones to attract customers. The company has patents from mobile hardware to software and power-saving technologies.

Lenovo, Dell

Lynn Fox, a Palm spokeswoman, declined to comment. Qatalyst’s Sally Palmer and Goldman Sach’s Andrea Rachman didn’t immediately respond to requests for comment. Chen Hui-Ming, the chief financial officer of HTC, declined to confirm or deny the company’s interest in Palm.

Wong Wai Ming, Lenovo’s chief financial officer, also declined to comment on the company’s acquisition plans. In January, Lenovo paid $200 million to purchase Lenovo Mobile Communication Technology Ltd., letting it re-enter the market for handsets. The company had sold the mobile-phone unit in 2008 to focus on personal computers.

Palm shares have been buoyed in the past on speculation the company would be bought by Nokia Oyj. The Finnish company today declined to say if it might be interested.

“We never speculate or comment on market rumors,” said Arja Suominen, a Nokia spokeswoman.

Dell Inc. looked at Palm, though it decided against an offer, according to two of the people familiar with the matter. Jess Blackburn, a spokesman for the Round Rock, Texas-based computer maker, didn’t respond to a call for comment.

Burning Cash

Unlisted Huawei Technologies Co. and ZTE Corp., China’s two biggest makers of phone equipment, may be more likely bidders for Palm than HTC or Lenovo, said Lu Chia-lin, a technology analyst at Macquarie Group Ltd. in Taipei.

Chinese companies “have been quite eager to expand their international markets,” said Lu.

Palm may burn $80 million every three months for the next five quarters as competition in the smartphone market intensifies, Berenberg Bank analysts including Adnaan Ahmad wrote in a March 25 report. The company held $592 million in cash and short-term investments at the end of its fiscal third- quarter, according to the report.

Ross Gan, a spokesman at Huawei, said the company is always open to opportunities, though he declined to comment on speculation about mergers and acquisitions as a matter of policy. Margrete Ma, a ZTE spokeswoman, couldn’t immediately be reached for comment.

Market Pioneer

After Palm introduced the Pre at the Consumer Electronics Show in January 2009, the stock jumped 80 percent in two days to $5.96. By September, the shares had climbed as high as $17.46.

The stock then dropped 79 percent over the next six months as Palm’s sales growth was outpaced by marketing costs, and the company lost market share to Apple and phones equipped with Google’s Android. Palm has posted 11 straight quarterly losses.

Founded in 1992, Palm helped pioneer the market for handheld organizers with its PalmPilot devices. The company was acquired by U.S. Robotics, which was in turn purchased by 3Com Corp. 3Com spun off Palm in 2000.

Rubinstein joined the company after leading development of Apple’s best-selling iPod media player. He was recruited to Palm by Fred Anderson, Apple’s former finance chief and a co-founder of Elevation Partners.

The Pre was Palm’s first phone based on WebOS. It went on sale in June 2009, followed by the smaller, cheaper Pixi in November. The phones let users send e-mail, surf the Web, stream video and run multiple applications at the same time.

Both devices were sold in the U.S. exclusively by Sprint Nextel Corp., the country’s third-largest carrier, until Verizon Wireless began offering enhanced versions in January.

Source

German encryption firm SecurStar has strenuously denied being behind an apparently independent test of voice encryption products that found many of its rivals could be hacked using a $100 phone-tapping program.

In a blog on the subject, Fabio Pietrosanti, founder and CTO of Swiss encryption startup Khamsa, alleges that a supposedly independent test of 15 encryption products was in fact a marketing exercise designed to publicise one of only three products to pass the hacking test, SecurStar’s PhoneCrypt.

The tests by an anonymous researcher, ‘Notrax’, found that all but three programs and hardware products looked at could be bypassed by installing a simple wiretapping Trojan called FlexiSPY to record voice output without the programs giving the user any indication that security had been compromised.

Khamsa’s own GSM security software was not part of the test but the encryption technology it uses, ZRTP, came in for criticism. The moving force behind that system and its implementation in a program called Zfone is encryption pioneer and inventor of Pretty Good Privacy, Phil Zimmermann, who is also listed as being on Khamsa’s scientific board.

According to Pietrosanti, the unnamed ‘Notrax’ was subsequently traced to an IP address connected to SecurStar after the individual followed a link embedded in a blog Pietrosanti had posted.

“The SecurStar GmbH PBX is open on the internet, it contains all the names of their employee and confirm us that the author of http:/infosecurityguard.com [the domain used to post the original test] is that company and is the anonymous hacker called Notrax,” says Pietrosanti.

He adds that SecuStar also appeared to be logging Google keywords related to the topic so as to have some idea of how the tests were being discussed.

When contacted, SecurStar denied any involvement with the tests. “We do not have anything to do with these tests and I have no idea about him [Notrax],” said SecurStar CEO, Wilfried Hafner in a call to Techworld.

According to Hafner, that Notrax used a SecurStar IP address was because the individual concerned had probably used the company’s anonymity service that hides real IPs behind his company’s.

“We have two million people using this product. Or he may have been an old customer of ours,” said Hafner.

As far as they go, the tests do appear to find a legitimate weakness in the programs under test even if a connection to one of the companies involved would represent a huge conflict of interest and discredit them in the eyes of the security community. Pietrosanti is certainly correct to say that researchers are normally keen to be identified with their testing, something ‘Notrax’ has avoided doing so far.

Source

There are several flaws in the way that the iPhone handles digital certificates which could lead to an attacker being able to create his own trusted certificate and entice users into downloading malicious files onto their iPhones. The attack is the end result of a number of different problems with the way that the iPhone handles over-the-air provisioning, trusted root certificates and configuration files. But the result of the attack is that a remote hacker may be able to change some settings on the iPhone and force all of the user’s Web traffic to run through any server he chose and also to change the root certificate on the phone, enabling him to man-in-the-middle SSL traffic from the iPhone.

The chain of vulnerabilities and the attack was outlined in an anonymous blog post on the iPhone flaws on Friday. Charlie Miller, an Apple security researcher at Independent Security Evaluators, said that the attack works, although it would not lead to remote code execution on the iPhone.

“It definitely works. I downloaded the file and ran it and it worked,” Miller said. “The only thing is that it warns you that the file will change your phone, but it also says that the certificate is from Apple and it’s been verified.”

The problems start with the fact that the iPhone signs its own credentials using a certificate signed by Apple when it is requesting a configuration file from a remote server during the provisioning process. The only way to establish the validity of the Apple certificate is to verify each of the certificates that leads to the Apple root certificate authority, and that can only be done by getting the data from a jailbroken iPhone.

Source

A survey reveals that in the last year, 4500 memory sticks have been forgotten in people’s pockets as they take their clothes to be washed at the local dry cleaners. From 6th April onwards if data is lost and it causes a major security breach, this could now cost a company up to £500,000 with new powers given to the Information Commissioner’s office (ICO) to fine companies who have not sufficiently protected customers details under the Data Protection Act.

However, when compared with the same study twelve months ago, the number of these devices languishing forgotten in people’s pockets has halved, and yet it’s still a staggering number of possible data breaches and a potential money spinner for the ICO.

The survey was carried out in the UK to gauge the frequency and ease with which mobile devices, such as memory sticks, are lost or forgotten in strange places such as dry cleaners and should warn people across the globe to demonstrate prudence when downloading information to carry around with them as it does frequently get lost.

Sean Glynn from Credant Technologies said “This survey is just one illustration of the stark truth that device losses are happening everywhere, everyday, worldwide. Organizations want to leverage the business benefits of mobile computing and provide their employees the flexibility to work wherever and whenever they want to. However, this must be balanced with the requirement of protecting the organizations data, especially to avoid penalties – such as that promised by the ICO, brand damage or even embarrassing press headlines. If sensitive or valuable data is being carried then people should protect it with encryption to prevent unauthorized access at any point – as it could easily end up in the wrong hands.”

Source

Cryptographers have moved closer to their goal of eavesdropping on cellphone conversations after cracking the secret code used to prevent the interception of radio signals as they travel between handsets and mobile operators’ base stations.

The code is designed to prevent the interception of phone calls by forcing mobile phones and base stations to rapidly change radio frequencies over a spectrum of 80 channels. Without knowing the precise sequence, would-be eavesdroppers can assemble only tiny fragments of a conversation.

At a hacker conference in Berlin that runs through Wednesday, the cryptographers said they’ve cracked the algorithm that determines the random channel hopping and have devised a practical means to capture entire calls using equipment that costs about $4,000. At the heart of the crack is open-source software for computer-controlled radios that makes the frequency changes at precisely the same time, and in the same order, that the cellphone and base station do.

“We now know this is possible,” said Karsten Nohl, a 28-year-old cryptographer and one of the members of an open-source project out to prove that GSM, the technical standard used by about 80 percent of the mobile market, can’t be counted on to keep calls private. The attack “is practical, and there are real vulnerabilities that people are exploiting.”

A spokeswoman for the GSM Association, which represents 800 operators in 219 countries, said officials hadn’t yet seen the research.

“GSM networks use encryption technology to make it difficult for criminals to intercept and eavesdrop on calls,” she wrote in an email. “Reports of an imminent GSM eavesdropping capability are common.”

Source

The formidable combination of Matt Galligan (Founder, Socialthing!) and Joe Stump (Former Lead-Architect, Digg) came out on-top yesterday at ‘Under the Radar‘. The duo’s new company SimpleGeo won both the judges & audience awards for the location category at the event. ‘Under the Radar’ helps to give up-and-coming technology innovators a stage to show what they’ve been up to.

TechCrunch gave their insight on the company’s offerings:

SimpleGeo is akin to an ‘Amazon Web Services’ for location: developers looking to integrate location based services (LBS) can plug into some simple APIs and SimpleGeo will do most of the legwork for them. The startup originated as a gaming company, but after spending four months building out their location platform, Stump and Galligan realized they had stumbled across an opportunity: location is soon going to become an expected feature in many applications, and there’s no reason developers should have to reinvent the wheel every time they want to include the feature. SimpleGeo is looking to do it for them.

The team of Galligan and Stump stands to bring a level playing-field to many smaller developers. By utilizing their infrastructure, SDK, and services, developers who were previously too intimidated to get into location-based development now have an opportunity to see their ideas through.

Source

Hackers can steal data off jailbroken iPhones by leveraging the same vulnerability that currently is being used to spread a mischievous worm.

The new exploit, spotted by researchers at Intego, a Mac security firm, allows attackers to siphon data off victim devices, including music, text messages, email, contacts and other personal information.

Peter James, an Intego spokesman, told SCMagazineUS.com on Wednesday that public attack code is circulating across various internet forums, but researchers are unsure if there have been any in-the-wild exploits.

An Apple spokesperson did not respond to a request for comment.

Source

Sophos reports that some Apple iPhone owners in Australia have seen their smartphones get infected by a worm that has changed their wallpaper to an image of 1980s pop musician Rick Astley.

The worm, which could have spread to other countries, is capable of breaking into jailbroken iPhones if their owners have not changed the default password after installing SSH. Once in place, the worm appears to attempt to find other iPhones on the mobile phone network that are similarly vulnerable, and installs itself again.

On each installation, the worm – written by a hacker calling themselves “ikee” – changes the lock background wallpaper to an image of Rick Astley with the message:

ikee is never going to give you up

Graham Cluley comments on his popular blog at Sophos:

What’s clear is that if you have jailbroken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, “alpine”. In fact, it would be a good idea if you didn’t use a dictionary word at all. The worm will not affect users who have not jailbroken their iPhones or who have not installed SSH.

Source