iPhone Tries VoIP

Truphone is showing how to use the iPhone's built-in Wi-fi for Internet telephony.
Brad Reed, Network World

The British are bringing VOIP to your iPhone.

In a demonstration at this year's DEMOfall07, British VOIP provider Truphone showed conventioneers how to use the iPhone's built-in Wi-Fi capability to make calls over Truphone's VOIP network. Truphone representatives demonstrated how a call can be initiated from a handset and then routed to Truphone's server via Wi-Fi.

Truphone spokesman Tim Donnelly Smith emphasized that the event at DEMOfall07 was only a demonstration and was not intended to be a commercial launch. He also said that the program is a native application that is installed through third-party application installers, and does not require cracking the iPhone's SIM card. This is significant in the wake of Apple's declaration earlier this week that "many of the unauthorized iPhone unlocking programs available on the Internet" could render the device "permanently inoperable when a future Apple-supplied iPhone software update is installed." Several iPhone users have reported that installing Apple's iPhone 1.1.1 update rendered their unlocked iPhones useless.

"This program doesn't do anything that Steve Jobs says not to do," said Smith. "Apple is fairly neutral on third-party applications and they won't deliberately try to break them."

In addition to its demonstration of iPhone over VOIP, Truphone demonstrated an application that allows people to call each other through the social networking site Facebook. Essentially, the application would let Facebook users embed a "call me" button into their Facebook profiles that would let friends call them without revealing their actual number over the Internet.

Smith said that the application would allow Facebook users to contact friends who use both VOIP and PSTN networks. He also said that this application is still in development and is not nearly as far along as the iPhone VOIP application.

Truphone bills itself as a "mobile operator for the Internet era" that offers "free mobile calls to other Truphone users or very cheap calls to anyone else." Its services work anyplace where there's WiFi or 3G, and it is available for use on various Nokia phones.


SOURCE:pcworld.com

Read More!

iPods Raise Security Concerns

Corporations weigh the threat of viruses or data theft via the portable players.
Network World staff

The recent buzz about security threats posed by iPods to corporations has reinforced the need for IT managers to treat these devices like any other removable media that employees with malicious intent can use to extract sensitive data.

Following the suggestion recently made by a security company that iPods be banned from the workplace until proper protection is in place, and the emergence of a proof-of-concept iPod virus, it would seem that iPods pose a particularly high risk to corporations that let employees wander into work with these devices strung to their ears. Those same devices that entertain workers during their commute can be used to copy personal or financial data, intellectual property and other sensitive information from corporate PCs, often without a trace. The idea of stealing corporate data with an iPod has gained so much attention lately that it's even been given its own term -- slurping.

"If you see someone walking in the door [of a company] with an iPod they don't look like a threat, but to me I see the ability to download reams of files, and it might just look like they're downloading music," says Jim Hereford, CEO of NextSentry, which issued the suggested iPod ban and makes software that prevents employees from unauthorized copying of corporate data. "We're not saying companies shouldn't allow iPods, but they better have endpoint security on their desktops."

Endpoint security technology, available from NextSentry as well as handfuls of other companies in the monitoring, content-ware and data loss prevention spaces, is designed to solve the problem by blocking information that's been deemed sensitive from being copied onto removable media, e-mailed or printed. This way, employees can use their iPods in an office setting -- particularly important as corporations begin to look at the video devices as not just entertainment but potential training tools -- but won't be able to copy data onto the iPod unless authorized to do so.

But others say iPods pose no more risk of corporate data theft than a cell phone that can snap a photo of a computer screen or a thumb drive that slides into a shirt pocket. The issue is that organizations need to realize that iPods should be treated accordingly.

"Devices such as iPods and other MP3 players are basically storage devices; some can store substantial amounts of data and are innocuous enough that their presence is almost unnoticed in our daily lives," says Tom Scocca, investigator and global security consultant for a large provider of microprocessor manufacturing technology. "Controls targeted at these devices should be based not on the type of device, but on the risk that companies are willing to accept by allowing any type of external storage device into the environment."

iPods stand out from most other types of removable media because their intended use -- to play music and videos -- is entertainment, whereas a thumb drive, for example, is clearly designed to copy files.

"If you're listening to [an audio] book or music, that's not seen as a threat," says Benjamin Powell, a network operations manager who formerly worked as a security analyst at a financial services firm. But organizations need to lay out clear policies regarding the type of corporate information that can and cannot be copied onto iPods, and even back it up with software that implements those policies, he says.

Software that secures the endpoint is one option, says Scocca, but requires a lot of upfront work to ensure that the policies set regarding what can and cannot be copied don't interfere with an employee's ability to do their job. Instead, educating employees is the most effective thing companies can do, he says.

"We have to rely on our trusted employees," agrees David Jordan, CISO at Virginia's Arlington County. "The user is a very powerful antitheft tool; we keep them aware. Every day when they log on they agree to abide by our policies."

However, Jordan adds that if an employee comes in with malicious intent, "there's not much we're able to do about that except prosecute, and we have had people go to jail for breaking the rules."

Apple officials did not respond to inquiries asking if the company plans to add security features to iPods.


SOURCE:pcworld.com

Read More!