Click here for case studies, whitepapers and other useful vendor content Newsletter Subscription
3. Communications are encrypted from end to end.
BlackBerry and Sidekick users may have heard that their communications are encrypted "end to end," but e-mail and other communications are encrypted only from the phone to the phone company or service provider's servers. Beyond that point, e-mail, instant messages, and file transfers may be transmitted unencrypted over the public Internet by default.
This is less of a concern for closed organizations where everyone involved uses the same services, but vendors, partners, consultants, and others outside the organization often use their own e-mail addresses and smart phones on other carriers. There's no guarantee of message encryption in these cases, and the risk is no better or worse than any other Internet e-mail.
4. The connection's secure unless I use Wi-Fi in a cafe.
Some might be concerned about the cellular connection itself. The GPRS and EDGE data protocols used by T-Mobile and Cingular are based on GSM, and GSM authentication algorithms such as A5 have been broken in ways that allow a motivated eavesdropper to reconstruct voice and data conversations with only a few thousand dollars of equipment. CDMA and associated algorithms are mildly more secure (PDF format ), but many carriers choose not to implement all of the security controls available because of performance and handset compatibility.
Using a VPN can mitigate this problem for sensitive data, and make sure essential services are encrypted at the application level using SSL or similar protocols. While it might seem redundant, using a voice over IP client through a smart phone's VPN data connection is one way to ensure that voice calls are private. Direct SIP-compliant VoIP clients are best for this; closed-protocol solutions such as Skype Mobile may try to route across a public connection even if a VPN is available. It also may relay connections between NAT 'ed endpoints through random clients on the Internet, so it's not a good candidate in this scenario.
It's also worth noting that "VoIP with AEC," one of the features of Windows Mobile 5, is not encryption. AEC refers to "Acoustic Echo Canceling," not the NIST Advanced Encryption Standard ("AES ") described in FIPS 197.
ARN Member Login
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Weekly Tech News Update: 7th October, 2008This week we're coming to you from the Ceatec show in Japan. It's a showcase for gadgets and gizmos galore from all of Japan's biggest electronics companies and this week we're going to be showing you the best of what the show has to offer.
Brian's bloopersIt takes a long time to produce an episode of Channel Watch. Maybe you'll understand why after watching this...
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
Frost & Sullivan Gears up for Annual IT Industry Gala Awards Event 07 October, 2008 08:29:00
Dataweave Establishes Melbourne Office and Announces Two Senior Appointments 07 October, 2008 07:51:00
Multimedia Technology & EVERKI sign exclusive distribution agreement. 06 October, 2008 14:34:00
ONCE A YEAR OPPORTUNITY TO SPEAK TO THE VENDORS! 06 October, 2008 13:48:00
What Do End Users Want in Managed Print Services? IDC Finds Out 02 October, 2008 11:37:00
Understanding Email Marketing: A Guide for SMBs
Email marketing is often viewed as a marketers silver bullet. If used effectively, email campaigns will provide strong results for a limited spend each and every time. Download this white paper to discover how email marketing can work for you and your business.
Subscribe to ARN
