Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Mobile Phones. Show all posts

eSIM Connections: Redefining Mobile Service and Flexibility

 


This eSIM management technology will have a significant impact on the IoT, as it represents an evolution from physical SIM cards to virtual SIM cards, which will have the greatest impact on its acceptance. Mobile network operators (MNOs), who are well-positioned to play a key role in facilitating the growth of the exploding IoT market, have established a solid and reliable management solution for embedded subscriber identity modules. 

Furthermore, MNOs can create new and convenient journeys for consumers using mobile devices. The mobile industry is facing a transformative period in the coming years, especially concerning eSIMs, which have been the subject of new research which sheds some light on how eSIMs will be transformed. An eSIM ecosystem offers the same security and protection that a removable SIM card provides. A public key infrastructure (PKI) governed by the GSMA provides secure authentication of entities of the ecosystem. 

The protocols are based on state-of-the-art cryptographic mechanisms and are guaranteed to protect the end user's privacy. There is a GSMA certification process required for manufacturers and providers of eSIM solutions to be admitted into the ecosystem. As a result of the switch from physical SIM cards to eSIM cards, CCS Insight believes that the consumer will have more powerful control over their subscriptions by interacting differently with their network providers. 

There are currently only 150 million people worldwide who use eSIMs, compared to 8.9 billion people who subscribe to mobile phones. This study says, however, that all of this is expected to change by the year 2023, despite a very small share of the global mobile market. The CCS Insight study predicts that, as digital-only network connections become increasingly popular, the number of phones with eSIMs will nearly double, from 27% in 2023 to 56% by 2028, as a result of this growing trend. There are more than 150 million eSIM customers in North America, which accounted for more than half of the adoption curve. 

According to the report, this is the result of Apple's decision to only provide eSIM-enabled devices since the iPhone 14 was introduced in September 2022. Around the world, approximately 800 operators are supporting eSIM devices. Kester Mann, CCS Insight Director of Consumer and Connectivity, made the point that removing that small piece of plastic from your phone will improve your digital customer journey, attract new customers, and have environmental benefits as a result of eliminating that little piece of plastic. In addition to praising the roaming benefits of eSIM cards, the report highlights the ability of customers to sign up for cheaper plans before travelling or while travelling using these devices. 

While this revolution has many advantages, it also has a lot of limitations, which can lead to a lack of education in this field. CCS Insights conducted a survey in which more than 5,000 people across the UK, the US, Germany, Spain and Australia were asked whether they had heard of the eSIM or not. Only four out of ten had heard of it. There is nothing better than being able to offer a convenient and fully digital user experience to consumers. As a result of this, extra target groups can now be acquired by completely new customer acquisition journeys. 

Furthermore, in addition to fostering the development of innovative devices and services, eSIM technology has also played a significant role in the development of more attractive contracts that cover multiple devices. IoT (Internet of Things) is considered one of the fastest-growing sectors of the IoT economy today, and it includes sensors, processors, systems, and platforms used by industries to improve their operational efficiency to compete more effectively. 

IoT devices, including sensor modules, logistics tracking systems, and manufacturing equipment, greatly benefit from mobile connectivity and predominantly utilize eSIMs. Embedded Subscriber Identity Modules (eSIMs) significantly simplify the deployment and lifecycle management of these sensors, enhancing efficiency and effectiveness. The management of eSIMs facilitates new, fully digital user journeys, allowing eSIM profiles to be seamlessly installed on devices with minimal user interaction. This convenience is particularly beneficial for activating consumer IoT devices that lack displays, but it also extends to any eSIM-enabled devices, such as smartphones or tablets. 

The GSMA eSIM Discovery Service enhances this frictionless customer experience both in-store and out-of-store, providing a streamlined and user-friendly process for eSIM activation and management. The integration of eSIM technology in IoT devices not only optimizes the rollout process but also ensures efficient lifecycle management. This advancement underscores the transformative impact of eSIMs in the mobile market, promoting a more connected and streamlined experience for users across various devices and applications. In conclusion, the adoption of eSIM technology is set to revolutionize the mobile industry and the IoT sector. 

With its streamlined deployment, enhanced lifecycle management, and fully digital user journeys, eSIMs are paving the way for a more flexible and efficient mobile experience. As consumer awareness and adoption grow, supported by the robust infrastructure and security provided by MNOs and the GSMA, eSIMs will play a crucial role in shaping the future of mobile connectivity. This evolution promises not only to enhance user convenience but also to drive the development of innovative devices and services, ultimately transforming the digital landscape.

Fortifying iPhone Security: Stolen Device Protection & Essential Tips Amid Rising Theft Concerns

 

Numerous iPhones, often regarded as some of the best in the market, are pilfered daily on a global scale. Apple aims to address this issue with the upcoming release of iOS 17.3, introducing a feature called Stolen Device Protection.However, this security measure won't be automatically activated; users will need to manually enable it through the Settings app by accessing Face ID & Passcode.

Once activated, Stolen Device Protection will significantly impede thieves from altering the Apple ID password, disabling Find My, or adding a new face to Face ID. The prevalence of iPhone theft, as highlighted in a recent report by The Wall Street Journal, has prompted Apple's swift action to enhance security measures.

The tactics employed by iPhone thieves, such as Aaron Johnson in the U.S., often involve old-fashioned methods. Johnson, and others like him, observed users entering their passcodes and then proceeded to steal, wipe, and resell the stolen smartphones.

A key takeaway from Johnson's approach emphasizes never handing an unlocked phone to anyone. His strategy targeted unsuspecting individuals, primarily young men in social settings, by creating plausible scenarios to gain access to their phones. Victims, often in compromised states, willingly provided their passcodes, unknowingly enabling theft.

To safeguard against such tactics, it's crucial to avoid handing over an unlocked phone to anyone, regardless of the circumstances. Additionally, relying on facial recognition alone might not suffice; utilizing a strong, complex passcode and being vigilant of surroundings during passcode entry can add an extra layer of security.

Another precautionary measure involves individually locking sensitive apps, a feature less straightforward on iPhones compared to many Android devices. While iOS lacks native app-locking functionalities, utilizing Guided Access under Settings > Accessibility allows users to lock specific apps with a different passcode from the device's unlock code.

The visibility of certain iPhone models, particularly those with distinct features like the three-camera setup on the Pro Max versions, makes them more susceptible to theft. Until the implementation of Stolen Device Protection, users must exercise caution when using their iPhones in public settings to mitigate the risk of becoming targets.

While Apple continues to enhance security measures with each iOS update, staying vigilant and implementing precautionary measures remain vital to safeguard against potential theft.

This Brute-force Fingerprint Attack has the Potential to Compromise Your Android Phone

 

Based on a research paper from cybersecurity researchers at Tencent Labs and Zhejiang University, there is a means to "brute-force" fingerprints on Android smartphones, and with physical access to the smartphone and enough time, a hacker would be able to unlock the device. 

According to the report, two zero-day vulnerabilities known as Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL) exist in Android devices (as well as those powered by Apple's iOS and Huawei's HarmonyOS). The researchers were able to accomplish two things by exploiting these flaws: make Android enable an infinite number of fingerprint scanning attempts; and leverage databases obtained in academic datasets, biometric data dumps, and other comparable sources.

The attackers needed a few things to pull off the attacks: physical access to an Android-powered smartphone, enough time, and $15 in hardware.

The attack was dubbed "BrutePrint" by the researchers, who claim that it would take between 2.9 and 13.9 hours to break into an endpoint with only one fingerprint set up. They claimed that devices with numerous fingerprint recordings are substantially easier to break into, with the average time for "brute printing" ranging from 0.66 hours to 2.78 hours.

The experiment was carried out on ten "popular smartphone models" as well as two iOS devices. It's currently unknown which models were affected, however, they claimed to have achieved infinite tries on Android and HarmonyOS devices. 

However, they only managed to gain an extra 10 attempts on iPhone SE and iPhone 7 models, which was insufficient to successfully carry out the attack. As a result, while iOS may be exposed to these weaknesses, the present approach of breaking into the device by brute force will not work. 

While this form of attack may not be appealing to the average hacker, the researchers believe it may be utilized by state-sponsored actors and law enforcement organizations. 

Research Says, Mobile Phones are Listening to Your Conversations

 

You're not alone if you've felt paranoid after your phone displayed an advertisement for a random item you just discussed. If you've recently been discussing it with a friend, seeing an advertisement for the same product can leave you feeling uncomfortable. 

And, while social media platforms have long denied spying on their users, recent studies indicate that businesses are employing a sneaky type of data monitoring system that takes advantage of the devices' microphone systems. According to NordVPN research, businesses are using ultrasonic cross-device tracking to listen to background noise and serve up personalized ads, while charging the company for the privilege.

As per NordVPN, the cross-device tracking method involves apps using ultrasonic "audio beacons" that cannot be heard by the human ear to "link all the devices you own to track your behavior and location." These high-pitched signals can be concealed in TV commercials or online videos.

When your device's microphone picks them up, advertisers can identify what you've been watching or talking about. Different apps on your phone can hear for these beacons to keep track of what you're doing, which is why some apps request access to your microphone.

According to NordVPN's research, nearly half of Brits (45%) claim to have seen an ad for something show up on their phones shortly after talking about it or watching it on TV, without ever searching for it online. Meanwhile, 62% of consumers said they had no idea how to avoid this, and 1 in 8 said the advertisements 'scared' them.

NordVPN’s Adrianus Warmenhoven said: "While it’s impossible to stop the ultrasonic beacons working, you can reduce the chance of your smartphone listening for them by simply restricting unnecessary permissions you have granted the apps on your device."

According to NordVPN, turning off microphone access for apps that don't require it may help. To change the permissions that apps have, go to the Settings menu on your phone and look for a 'Privacy' option. You should be able to see which apps have access to your microphone here and limit it as needed. You can also use a secure browser, such as Brave, Tor, or DuckDuckGo, or get a VPN, which encrypts all of your online activity.

Government Issues High-risk Warning for iPhone Users

 

Apple iPhones are known for their strength and security features. The Cupertino-based tech behemoth releases security updates for its devices on a regular basis. Although Apple recommends that people install the most recent builds of iOS on their iPhones in order to have a more protected and feature-rich operating system, older iPhone models are incapable to deploy the most recent updates due to hardware limitations. 

Some users prefer to run older versions of iOS for simplicity of use, but it's important to note that older iOS versions are easier to exploit. One such flaw has been discovered in Apple's iOS, and the Indian government has issued a warning to iPhone users.

According to the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology, a vulnerability in iOS has been disclosed that could permit an attacker to implement arbitrary code on the targeted device. Apple iOS versions prior to 12.5.7 are vulnerable for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).

This vulnerability exists in Apple IOS due to a type of confusion flaw in the WebKit component, according to CERT-In. An attacker could utilize this vulnerability by luring the victim to a maliciously crafted website. An attacker who successfully exploits this vulnerability may be able to execute arbitrary code on the targeted system. 

The security flaw is actively being exploited against iOS versions prior to iOS 15.1. To avoid being duped, install the new iOS 12.5.7 patch, which Apple released earlier this week.

Report States Many Phones To Soon Get Satellite Connectivity

 

A new partnership between satellite phone company Iridium and chip giant Qualcomm will bring satellite connectivity to premium Android smartphones later this year. It implies that handsets can communicate with passing satellites to send and receive messages even in areas with no mobile coverage.

Qualcomm chips are found in many Android-powered smartphones. Apple announced a satellite feature for the iPhone 14 in September 2022. The service is currently only available for sending and receiving basic text messages in an emergency.

Bullitt, a British smartphone maker, was the first to launch its own satellite service, beating Apple to the punch. It is also intended for emergency use and will initially be available in select areas.

Iridium was the first satellite phone system, launching its first satellite into orbit in 1997. In 2019, it completed a refresh of its 75-spacecraft network.

The satellites cover the entire globe and fly in low orbit, approximately 485 miles (780 kilometres) above the Earth, and groups of them can communicate with one another, passing data between them.

Qualcomm stated that the new feature, dubbed Snapdragon Satellite, will initially be included only in its premium chips and is unlikely to appear in low-cost devices.

However, it will ultimately be rolled out to tablets, laptops, and even vehicles, and will also become a service that is not limited to emergency communication - though there will most probably be a fee for this.

Satellite connectivity is widely regarded as the next frontier for mobile phones because it addresses the issue of "not-spots," or areas with no existing coverage. These are more common in rural or remote areas.

It has already been used to provide broadband coverage by services like Elon Musk's Starlink. Satellite broadband is faster and more reliable than cable or fiber connections but is more expensive.

But since countries such as India and China prohibit the use of satellite phones, the use of the feature will be subject to local government regulations.

This Unofficial WhatsApp Android App Caught Stealing Users’ Accounts

 

Kaspersky researchers discovered 'YoWhatsApp,' an unofficial WhatsApp Android app that steals access keys for users' accounts. Mod apps are promoted as unofficial versions of genuine apps that include features that the official version does not. 

YoWhatsApp is a fully functional messenger that supports extra features such as customising the interface and blocking access to specific chats. The tainted WhatsApp app requests the same permissions as the original messenger app, such as SMS access.

“To use the WhatsApp mod, users need to log in to their account of the legitimate app. However, along with all the new features, users also receive the Triada Trojan. Having infected the victim, attackers download and run malicious payloads on their device, as well as get hold of the keys to their account on the official WhatsApp app.” reported Kaspersky. 

“Along with the permissions needed for WhatsApp to work properly, this gives them the ability to steal accounts and get money from victims by signing them up for paid subscriptions that they are unaware of.”

This mod instals the Triada Trojan, which is capable of delivering other malicious payloads, issuing paid subscriptions, and even stealing WhatsApp accounts. More than 3,600 users have been targeted in the last two months, according to Kaspersky. The official Snaptube app promoted the YoWhatsApp Android app.

The malicious app was also discovered in the popular Vidmate mobile app, which is designed to save and watch YouTube videos. Unlike Snaptube, the malicious build was uploaded to Vidmate's internal store. YoWhatsApp v2.22.11.75 steals WhatsApp keys, enabling threat actors to take over users' accounts, according to Kaspersky researchers.

In 2021, Kaspersky discovered another modified version of WhatsApp for Android that offered additional features but was used to deliver the Triada Trojan. FMWhatsApp 16.80.0 is the modified version.

The experts also discovered the advertisement for a software development kit (SDK), which included a malicious payload downloader. The FMWhatsapp was created to collect unique device identifiers (Device IDs, Subscriber IDs, MAC addresses) as well as the name of the app package in which they are deployed.

To be protected, the researchers advise:
  • Only install applications from official stores and reliable resources
  • Remembering to check which permissions you give installed applications – some of them can be very dangerous
  • Installing a reliable mobile antivirus on your smartphone, such as Kaspersky Internet Security for Android. It will detect and prevent possible threats.
Kaspersky concluded, “Cybercriminals are increasingly using the power of legitimate software to distribute malicious apps. This means that users who choose popular apps and official installation sources may still fall victim to them. In particular, malware like Triada can steal an IM account, and for example, use it to send unsolicited messages, including malicious spam. The user’s money is also at risk, as the malware can easily set up paid subscriptions for the victim.”