Archive for the ‘Cellular’ Category

Wireless Case Studies: Cellular Repeater and DAS

Friday, February 7th, 2014

Gyver Networks recently designed and installed a cellular bi-directional amplifier (BDA) and distributed antenna system (DAS) for an internationally renowned preparatory and boarding school in Massachusetts.

BDA Challenge: Faculty, students, and visitors were unable to access any cellular voice or data services at one of this historic campus’ sports complexes; 3G and 4G cellular reception at the suburban Boston location were virtually nonexistent.

Of particular concern to the school was the fact that the safety of its student-athletes would be jeopardized in the event of a serious injury, with precious minutes lost as faculty were forced to scramble to find the nearest landline – or leave the building altogether in search of cellular signal – to contact first responders.

Additionally, since internal communications between management and facilities personnel around the campus took place via mobile phone, lack of cellular signal at the sports complex required staff to physically leave the site just to find adequate reception.

Resolution: Gyver Networks engineers performed a cellular site survey of selected carriers throughout the complex to acquire a precise snapshot of the RF environment. After selecting the optimal donor tower signal for each cell carrier, Gyver then engineered and installed a distributed antenna system (DAS) to retransmit the amplified signal put out by the bi-directional amplifier (BDA) inside the building.

The high-gain, dual-band BDA chosen for the system offered scalability across selected cellular and PCS bands, as well as the flexibility to reconfigure band settings on an as-needed basis, providing enhancement capabilities for all major carriers now and in the future.

Every objective set forth by the school’s IT department has been satisfied with the deployment of this cellular repeater and DAS: All areas of the athletic complex now enjoy full 3G and 4G voice and data connectivity; safety and liability concerns have been mitigated; and campus personnel are able to maintain mobile communications regardless of where they are in the complex.

The case for Wi-Fi in the Internet of Things

Tuesday, January 14th, 2014

Whether it’s the “connected home” or the “Internet of Things,” many everyday home appliances and devices will soon feature some form of Internet connectivity. What form should that connectivity take? We sat down with Edgar Figueroa, president and CEO of the Wi-Fi Alliance, to discuss his belief that Wi-Fi is the clear choice.

Options are plentiful when it comes to the Internet, but some are easily disregarded for most Internet of Things designs. Ethernet and other wired solutions require additional equipment or more cabling than what is typically found in even a modern home. Cellular connectivity is pointless for stationary home goods and still too power-hungry for wearable items. Proprietary and purpose-built solutions, like ZigBee, are either too closed off or require parallel paths to solutions that are already in our homes.

Bluetooth makes a pretty good case for itself, though inconsistent user experiences remain the norm for several reasons. The latest Bluetooth specifications provide very low power data transfers and have very low overhead for maintaining a connection. The result is that the power profile for the connection is low whether you’re transacting data or not. Connection speeds are modest compared to the alternatives. But the biggest detractor for Bluetooth is inconsistency. Bluetooth has always felt kludgy; it’s an incomplete solution that will suffice until it improves. It’s helpful that Bluetooth devices can often have their performance, reliability, and features improved upon through software updates, but the experience can still remain frustrating.

Then there’s Wi-Fi.

Figueroa wanted to highlight a few key points from a study the Alliance commissioned. “Of those polled, more than half already have a non-traditional device with a Wi-Fi radio,” he said. Here, “non-traditional” falls among a broad swath of products that includes appliances, thermostats, and lighting systems. Figueroa continued, “Ninety-one percent of those polled said they’d be more likely to buy a smart device if it came equipped with Wi-Fi.” Alliance’s point: everyone already has a Wi-Fi network in their home. Why choose anything else?

One key consideration the study seems to ignore is power draw, which is one of Bluetooth’s biggest assets. Wi-Fi connections are active and power-hungry, even when they aren’t transacting large amounts of data. A separate study looking at power consumption per bit of data transferred demonstrated that Wi-Fi trumps Bluetooth by orders of magnitude. Where Wi-Fi requires large amounts of constant power, Bluetooth requires almost no power to maintain a connection.

In response to a question on the preference for low-power interfaces, Figueroa said simply, “Why?” In his eyes, the connected home isn’t necessarily a battery-powered home. Devices that connect to our Wi-Fi networks traditionally have plugs, so why must they sip almost no power?

Bluetooth has its place in devices whose current draw must not exceed the capabilities of a watch battery. But even in small devices, Wi-Fi’s performance and ability to create ad hoc networks and Wi-Fi Direct connections can better the experience, even if it’s at the risk of increasing power draw and battery size.

In the end, the compelling case for Wi-Fi’s use in the mobile space has more to do with what we want from our experiences than whether one is more power-hungry. Simplicity in all things is preferred. Even after all these years, pairing Bluetooth is usually more complex than connecting a new device to your existing Wi-Fi network. Even in the car, where Bluetooth has had a long dominance, the ability to connect multiple devices over Wi-Fi’s wide interface may ultimately be preferred. Still, despite Figueroa’s confidence, it’s an increasingly green (and preferably bill-shrinking) world looking to adopt an Internet of Things lifestyle. Wi-Fi may ultimately need to complete its case by driving power down enough to reside in all our Internet of Things devices, from the biggest to the smallest.

Source:  arstechnica.com

New modulation scheme said to be ‘breakthrough’ in network performance

Friday, December 20th, 2013

A startup plans to demonstrate next month a new digital modulation scheme that promises to dramatically boost bandwidth, capacity, and range, with less power and less distortion, on both wireless and wired networks.

MagnaCom, a privately held company based in Israel, now has more than 70 global patent applications, and 15 issued patents in the U.S., for what it calls and has trademarked Wave Modulation (or WAM), which is designed to replace the long-dominant quadrature amplitude modulation (QAM) used in almost every wired or wireless product today on cellular, microwave radio, Wi-Fi, satellite and cable TV, and optical fiber networks. The company revealed today that it plans to demonstrate WAM at the Consumer Electronics Show, Jan. 7-10, in Las Vegas.

The vendor, which has released few specifics about WAM, promises extravagant benefits: up to 10 decibels of additional gain compared to the most advanced QAM schemes today; up to 50 percent less power; up to 400 percent more distance; up to 50 percent spectrum savings. WAM tolerates noise or interference better, has lower costs, is 100 percent backward compatible with existing QAM-based systems; and can simply be swapped in for QAM technology without additional changes to other components, the company says.

Modulation is a way of conveying data by changing some aspect of a carrier signal (sometimes called a carrier wave). A very imperfect analogy is covering a lamp with your hand to change the light beam into a series of long and short pulses, conveying information based on Morse code.

QAM, which is both an analog and a digital modulation scheme, “conveys two analog message signals, or two digital bit streams, by changing the amplitudes of two carrier waves,” as the Wikipedia entry explains. It’s used in Wi-Fi, microwave backhaul, optical fiber systems, digital cable television and many other communications systems. Without going into the technical details, you can make QAM more efficient or denser. For example, nearly all Wi-Fi radios today use 64-QAM. But 802.11ac radios can use 256-QAM. In practical terms, that change boosts the data rate by about 33 percent.

But there are tradeoffs. The denser the QAM scheme, the more vulnerable it is to electronic “noise.” And amplifying a denser QAM signal requires bigger, more powerful amplifiers: when they run at higher power, which is another drawback, they also introduce more distortion.

MagnaCom claims that WAM modulation delivers vastly greater performance and efficiencies than current QAM technology, while minimizing if not eliminating the drawbacks. But so far, it’s not saying how WAM actually does that.

“It could be a breakthrough, but the company has not revealed all that’s needed to assure the world of that,” says Will Straus, president of Forward Concepts, a market research firm that focuses on digital signal processing, cell phone chips, wireless communications and related markets. “Even if the technology proves in, it will take many years to displace QAM that’s already in all digital communications. That’s why only bounded applications — where WAM can be [installed] at both ends – will be the initial market.”

“There are some huge claims here,” says Earl Lum, founder of EJL Wireless, a market research firm that focuses on microwave backhaul, cellular base station, and related markets. “They’re not going into exactly how they’re doing this, so it’s really tough to say that this technology is really working.”

Lum, who originally worked as an RF design engineer before switching to wireless industry equities research on Wall Street, elaborated on two of those claims: WAM’s greater distance and its improved spectral efficiency.

“Usually as you go higher in modulation, the distance shrinks: it’s inversely proportional,” he explains. “So the 400 percent increase in distance is significant. If they can compensate and still get high spectral efficiency and keep the distance long, that’s what everyone is trying to have.”

The spectrum savings of up to 50 percent is important, too. “You might be able to double the amount of channels compared to what you have now,” Lum says. “If you can cram more channels into that same spectrum, you don’t have to buy more [spectrum] licenses. That’s significant in terms of how many bits-per-hertz you can realize. But, again, they haven’t specified how they do this.”

According to MagnaCom, WAM uses some kind of spectral compression to improve spectral efficiency. WAM can simply be substituted for existing QAM technology in any product design. Some of WAM’s features should result in simpler transmitter designs that are less expensive and use less power.

For the CES demonstration next month, MagnaCom has partnered with Altera Corp., which provides custom field programmable gate arrays, ASICs and other custom logic solutions.

Source:  networkworld.com

FCC postpones spectrum auction until mid 2015

Monday, December 9th, 2013

In a blog post on Friday, Federal Communications Commission Chairman Tom Wheeler said that he would postpone a June 2014 spectrum auction to mid-2015. In his post, Wheeler called for more extensive testing of “the operating systems and the software necessary to conduct the world’s first-of-a kind incentive auction.”

”Only when our software and systems are technically ready, user friendly, and thoroughly tested, will we start the auction,” wrote Wheeler. The chairman also said that he wanted to develop procedures for how the auction will be conducted, specifically after seeking public comment on those details in the second half of next year.

A separate auction for 10MHz of space will take place in January 2014. In 2012, Congress passed the Middle Class Tax Relief and Job Creation Act, which required the FCC to auction off 65MHz of spectrum by 2015. Revenue from the auction will go toward developing FirstNet, an LTE network for first responders. Two months ago, acting FCC chair Mignon Clyburn announced that the commission would start that sell-off by placing 10MHz on the auction block in January 2014. The other 55MHz would be auctioned off at a later date, before the end of 2015.

The forthcoming auction aims to pay TV broadcasters to give up lower frequencies, which will be bid on by wireless cell phone carriers like AT&T and Verizon, but also by smaller carriers who are eager to expand their spectrum property. Wheeler gave no hint as to whether he would push for restrictions on big carriers during the auction process, but he wrote, “I am mindful of the important national interest in making available additional spectrum for flexible use.”

Source:  arstechnica.com

HP: 90 percent of Apple iOS mobile apps show security vulnerabilities

Tuesday, November 19th, 2013

HP today said security testing it conducted on more than 2,000 Apple iOS mobile apps developed for commercial use by some 600 large companies in 50 countries showed that nine out of 10 had serious vulnerabilities.

Mike Armistead, HP vice president and general manager, said testing was done on apps from 22 iTunes App Store categories that are used for business-to-consumer or business-to-business purposes, such as banking or retailing. HP said 97 percent of these apps inappropriately accessed private information sources within a device, and 86 percent proved to be vulnerable to attacks such as SQL injection.

The Apple guidelines for developing iOS apps help developers but this doesn’t go far enough in terms of security, says Armistead. Mobile apps are being used to extend the corporate website to mobile devices, but companies in the process “are opening up their attack surfaces,” he says.

In its summary of the testing, HP said 86 percent of the apps tested lacked the means to protect themselves from common exploits, such as misuse of encrypted data, cross-site scripting and insecure transmission of data.

The same number did not have optimized security built in the early part of the development process, according to HP. Three quarters “did not use proper encryption techniques when storing data on mobile devices, which leaves unencrypted data accessible to an attacker.” A large number of the apps didn’t implement SSL/HTTPS correctly.To discover weaknesses in apps, developers need to involve practices such as app scanning for security, penetration testing and a secure coding development life-cycle approach, HP advises.

The need to develop mobile apps quickly for business purposes is one of the main contributing factors leading to weaknesses in these apps made available for public download, according to HP. And the weakness on the mobile side is impacting the server side as well.

“It is our earnest belief that the pace and cost of development in the mobile space has hampered security efforts,” HP says in its report, adding that “mobile application security is still in its infancy.”

Source:  infoworld.com

Researchers find way to increase range of wireless frequencies in smartphones

Friday, November 8th, 2013

Researchers have found a new way to tune the radio frequency in smartphones and other wireless devices that promises to reduce costs and improve performance of semiconductors used in defense, satellite and commercial communications.

Semiconductor Research Corp. (SRC) and Northeastern University in Boston presented the research findings at the 58th Magnetism and Magnetic Materials Conference in Denver this week.

Nian Sun, associate professor of electrical and computer engineering at Northeastern, said he’s been working on the process since 2006, when he received National Science Foundation grants for the research.

“In September, we had a breakthrough,” he said in a telephone interview. “We didn’t celebrate with champagne exactly, but we were happy.”

The research progressed through a series of about 20 stages over the past seven years. It wasn’t like the hundreds of failures that the Wright brothers faced in coming up with a working wing design, but there were gradual improvements at each stage, he said.

Today, state-of-the art radio frequency circuits in smartphones rely on tuning done with radio frequency (RF) varactors, a kind of capacitor. But the new process allows tuning in inductors as well, which could enhance a smartphone’s tunable frequency range from 50% to 200%, Sun said. Tuning is how a device finds an available frequency to complete a wireless transmission. It’s not very different from turning a dial on an FM radio receiver to bring in a signal.

Capacitors and inductors work in electronic circuits to move electrons; inductors change the direction of electrons in a circuit, while capacitors do not.

Most smartphones use 15 to 20 frequency channels to make connections, but the new inductors made possible by the research will potentially more than double the number of channels available on a smartphone or other device. The new inductors are a missing link long sought for in ways to upgrade the RF tunable frequency range in a tuned circuit.

“Researchers have been trying a while to make inductors tunable — to change the inductance value — and haven’t been very successful,” said Kwok Ng, senior director of device sciences at SRC. He said SRC has worked with Northeastern since 2011 on the project, investing up to $300,000 in the research work.

How it worked: Researchers at the Northeastern lab used a thin magnetic piezoelectric film deposit in an experimental inductor about a centimeter square, using microelectromechanical systems (MEMS) processes . Piezoelectricity is an electromechanical interaction between the mechanical and electric states in a crystalline material. A crystal can acquire a charge when subjected to AC voltage.

What the researchers found is they could apply the right amount of voltage on a layer of metal going around a core of piezoelectric film to change its permeability. As the film changes permeability, its electrons can move at different frequencies.

Ng said the research means future inductors can be used to improve radio signal performance, which could eliminate the number of modules needed in a smartphone, with the potential to reduce the cost of materials.

Intel and Texas Instruments cooperated in the work, and the new inductor technology will be available for further industrial development by the middle of next year, followed by use in consumer applications by as earlier as late 2014.

Source:  networkworld.com

FCC crowdsources mobile broadband research with Android app

Friday, November 8th, 2013

Most smartphone users know data speeds can vary widely. But how do the different carriers stack up against each other? The Federal Communications Commission is hoping the public can help figure that out, using a new app it will preview next week.

The FCC on Friday said that the agenda for next Thursday’s open meeting, the first under new Chairman Tom Wheeler, will feature a presentation on a new Android smartphone app that will be used to crowdsource measurements of mobile broadband speeds. 

The FCC announced it would start measuring the performance of mobile networks last September. All four major wireless carriers, as well CTIA-The Wireless Association have already agreed to participate in the app, which is called “FCC Speed Test.” It works only on Android for now — no word on when an iPhone version might be available.

While the app has been in the works for a long time, its elevation to this month’s agenda reaffirms something Wheeler told the Journal this week. During that conversation, the Chairman repeatedly emphasized his desire to “make decisions based on facts.” Given the paucity of information on mobile broadband availability and prices, this type of data collection seems like the first step toward evaluating whether Americans are getting what they pay for from their carriers in terms of mobile data speeds.

The FCC unveiled its first survey of traditional land-based broadband providers in August 2011, which showed that most companies provide access that comes close to or exceeds advertised speeds. (Those results prompted at least one Internet service provider to increase its performance during peak hours.) Expanding the data collection effort to the mobile broadband is a natural step; smartphone sales outpace laptop sales and a significant portion of Americans (particularly minorities and low-income households) rely on a smartphone as their primary connection to the Internet.

Wheeler has said ensuring there is adequate competition in the broadband and wireless markets is among his top priorities. But first the FCC must know what level of service Americans are getting from their current providers. If mobile broadband speeds perform much as advertised, it would bolster the case of those who argue the wireless market is sufficiently competitive. But if any of the major carriers were to seriously under-perform, it would raise questions about the need for intervention from federal regulators.

Source:  wsj.com

FCC lays down spectrum rules for national first-responder network

Tuesday, October 29th, 2013

The agency will also start processing applications for equipment certification

The U.S. moved one step closer to having a unified public safety network on Monday when the Federal Communications Commission approved rules for using spectrum set aside for the system.

Also on Monday, the agency directed its Office of Engineering and Technology to start processing applications from vendors to have their equipment certified to operate in that spectrum.

The national network, which will operate in the prized 700MHz band, is intended to replace a patchwork of systems used by about 60,000 public safety agencies around the country. The First Responder Network Authority (FirstNet) would operate the system and deliver services on it to those agencies. The move is intended to enable better coordination among first responders and give them more bandwidth for transmitting video and other rich data types.

The rules approved by the FCC include power limits and other technical parameters for operating in the band. Locking them down should help prevent harmful interference with users in adjacent bands and drive the availability of equipment for FirstNet’s network, the agency said.

A national public safety network was recommended by a task force that reviewed the Sept. 11, 2001, terror attacks on the U.S. The Middle Class Tax Relief and Job Creation Act of 2012 called for auctions of other spectrum to cover the cost of the network, which was estimated last year at US$7 billion.

The public safety network is required to cover 95 percent of the U.S., including all 50 states, the District of Columbia and U.S. territories. It must reach 98 percent of the country’s population.

Source:  computerworld.com

AT&T announces plans to use 700Mhz channels for LTE Broadcast

Thursday, September 26th, 2013

Yesterday at Goldman Sachs’ Communacopia Conference in New York, AT&T CEO Randall Stephenson announced that his company would be allocating the 700Mhz Lower D and E blocks of spectrum that it acquired from Qualcomm in 2011 to build out its LTE Broadcast service. Fierce Wireless reported from the event and noted that this spectrum was destined for additional data capacity. In a recent FCC filing, AT&T put off deploying LTE in this spectrum due to administrative and technical delays caused by the 3G Partnership Project’s continued evaluation of carrier aggregation in LTE Advanced.

No timeline was given for deploying LTE Broadcast, but Stephenson stressed the importance of video to AT&T’s strategy over the next few years.

The aptly named LTE Broadcast is an adaptation of the LTE technology we know and love, but in just one direction. In the case of AT&T’s plans, either 6Mhz or 12Mhz will be available for data transmission, depending on the market. In 6Mhz markets there would be some bandwidth limitations, but plenty enough to distribute a live television event, like the Super Bowl or March Madness. Vitally, since the content is broadcast indiscriminately to any handsets capable of receiving it, there’s no upper limit to the number of recipients of the data. So, instead of having a wireless data network crumble under the weight of thousands of users watching March Madness on their phones and devices at one cell site, the data network remains intact, and everyone gets to watch the games.

Verizon Wireless has a similar proposal in the works, with vague hopes that they’ll be able to be in position to leverage their ongoing relationship with the NFL for the 2014 Super Bowl. Neither Verizon Wireless nor AT&T is hurting for spectrum right now, so it’s nice to see them putting it to good use.

Source:  arstechnica.com

NFL lagging on stadium Wi-Fi

Tuesday, September 3rd, 2013

http://i2.cdn.turner.com/cnn/dam/assets/130902121717-levis-stadium-horizontal-gallery.jpg

The consumption of NFL football, America’s most popular sport, is built on game-day traditions.

This week fans will dress head-to-toe in team colors and try out new tailgate recipes in parking lots before filing into 16 NFL stadiums to cheer on their team — which, thanks to the league’s parity, will likely still be in the playoff hunt come December.

But a game-day ritual of the digital age — tracking scores, highlights and social-media chatter on a mobile device — isn’t possible inside many NFL venues because the crush of fans with smartphones can overload cellular networks.

The improved home-viewing experience — high-def TV, watching multiple games at once, real-time fantasy-football updates and interaction via social media — has left some NFL stadiums scrambling to catch up. It’s one of the reasons why, before rebounding last year, the NFL lost attendance between 2008 and 2011, forcing the league to alter television-blackout rules.

In May 2012, NFL Commissioner Roger Goodell announced an initiative to outfit all 31 NFL stadiums with Wi-Fi. But with the start of the 2013 regular season just days away, less than half of the NFL’s venues are Wi-Fi enabled and no stadiums have launched new Wi-Fi systems this year.

Part of the reason for the delay is some stadium operators are waiting for the next generation of increased Wi-Fi speed before installing networks, said Paul Kapustka, editor in chief for Mobile Sports Report.

Another reason, Kapustka said, is that the cost of installing Wi-Fi will come out of the pockets of venue owners and operators who have traditionally not needed to invest in such costly projects. Instead, they receive public money to help build stadiums and television money for the right to broadcast games.

“Stadium owners and operators need to get their hands on the fact that they need to put in Wi-Fi like they need to put in plumbing,” Kapustka said.

Brian Lafemina, the NFL’s vice president of club business development, said the league is still searching for a telecommunications partner that can help tackle challenges of stadium location, design and tens of thousands of fans all trying to access the network at the same time.

“Yes, we are working on it as hard as we can,” he said. “But the technology just isn’t where it needs to be to deliver what we want to deliver.”

The league is unveiling a variety of technological enhancements at stadiums in 2013, including cameras in locker rooms, massive video boards that will show replays of every play, a “fantasy football lounge” with sleek technological amenities, the ability to listen to audio of other games from inside the stadium, team specific fantasy games and free access to the league’s NFL Red Zone cable channel for season ticket holders.

Lafemina emphasized the league’s role as a storyteller and said it is striving to use technology to provide fans in stadiums with unique content.

“The most important people in that stadium are the 70,000 paying customers,” he said.

Jonathan Kraft, president of the New England Patriots and co-chair of the NFL’s digital media committee, told CNN Money in January that he hopes to have all stadiums equipped with Wi-Fi for the start of the 2015 season.

The Patriots helped lead the way last year by offering fans free Wi-Fi throughout Gillette Stadium in Foxboro, Massachusetts. The network was built by New Hampshire-based Enterasys Networks.

“We certainly encourage that any club would invest the way they have,” said Lafemina.

Eleven other stadiums currently have Wi-Fi capability: MetLife Stadium in northern New Jersey, the Georgia Dome in Atlanta, Lucas Oil Stadium in Indianapolis, Raymond James Stadium in Tampa, the Mercedes-Benz Superdome in New Orleans, Bank of America Stadium in Charlotte, Sun Life Stadium in Miami, AT&T Stadium in suburban Dallas, University of Phoenix Stadium in suburban Phoenix, Ford Field in Detroit and Soldier Field in Chicago.

The 20 other stadiums have Wi-Fi in certain areas, but mostly operate on wireless service provided by Verizon and/or AT&T. Many of these venues have installed distributed antenna systems (DAS) to increase wireless connectivity while they seek answers to the challenges of enabling stadiums with Wi-Fi.

DAS connects cellular antennas to a common source, allowing wireless access in large buildings like stadiums.

Mobile Sports Report published its inaugural State of the Stadium Technology Survey this year, based on responses from more than 50 NFL, MLB, NBA, NHL, university, pro soccer, pro golf and car racing sites. The survey concluded DAS is currently more popular at venues because it boosts connectivity to mobile devices while dividing costs between carriers and the facility.

Cleveland Browns fans will benefit from a new DAS tower, installed by Verizon, and an upgraded AT&T tower this year at FirstEnergy Stadium, Browns President Alec Scheiner said the improved technology will serve as a test case for whether to install Wi-Fi in the future.

“If you are a consumer or a fan, you really just care about being able to get on your mobile device, and that’s what we’re trying to tackle,” he said during a July press conference.

Kapustka said DAS is a quick fix and is not a long-term strategy, especially when it comes to fans watching TV replays on their mobile devices.

“The video angle is the big thing for Wi-Fi,” he said. “Cellular just simply won’t be able to handle the bandwidth.”

He also pointed out that it is not in the best business interest of cellphone carriers to install Wi-Fi, as it would take customers off their networks.

Also complicating Kraft’s 2015 goal is the lack of league consensus about who will build Wi-Fi networks in all of its stadiums, and when.

By contrast, Major League Baseball named wireless-tech company Qualcomm its official technology partner in April, launching a two-year study to solve mobile-connectivity issues in its 30 stadiums. Kapustka said MLB was in a position to strike the overarching deal with Qualcomm because team owners made the league responsible for digital properties during the 1990s.

The NFL has a variety of rights deals, including Direct TV and Verizon, which make it more difficult for the league to agree on a single Wi-Fi plan, he said.

“My opinion is they (the NFL) will eventually have something more like MLB,” Kapustka said. “MLB has shown it is a great way to make money.”

Source:  CNN

Intel plans to ratchet up mobile platform performance with 14-nanometre silicon

Friday, August 23rd, 2013

Semiconductor giant Intel is to start producing mobile and embedded systems using its latest manufacturing process technology in a bid to muscle in on a market that it had previously ignored.

The company is planning to launch a number of platforms this year and next intended to ratchet up the performance of its offerings, according to sources quoted in the Far Eastern trade journal Digitimes.

By the end of 2013, a new smartphone system-on-a-chip (SoC) produced using 22-nanometre process technology, codenamed “Merrifield”, will be introduced, followed by “Moorefield” in the first half of 2014. “Morganfield”, which will be produced on forthcoming 14-nanometre process manufacturing technology, will be available from the first quarter of 2015.

Merrifield ought to offer a performance boost of about 50 per cent combined with much improved battery life compared to Intel’s current top-end smartphone platform, called Clover Trail+.

More immediately, Intel will be releasing “Bay Trail-T” microprocessors intended for Windows 8 and Android tablet computers. The Bay Trail-T architecture will offer a battery life of about eight hours in use, but weeks when it is idling, according to Digitimes sources.

The Bay Trail-T may be unveiled at the Intel Developer Forum in September, when Intel will also be unveiling “Bay Trail” on which the T-version is based. Bay Trail will be produced on the 22-nanometre Silvermont architecture.

Digitimes was quoting sources among Taiwan-based manufacturers.

Intel’s current Intel Atom microprocessors for mobile phones – such as the Motorola Raxr-I and the Prestigio MultiPhone – are based on 32-nanometre technology, a generation behind the manufacturing process technology that it is using to produce its latest desktop and laptop microprocessors.

However, the roadmap suggests that Intel is planning to produce its high-end smartphone and tablet computer microprocessors and SoC platforms using the same manufacturing technology as desktop and server products in a bid to gain an edge on ARM-based rivals from Samsung, Qualcomm, TSMC and other producers.

Manufacturers of ARM-based microprocessors, which currently dominate the high-performance market for mobile and embedded microprocessors, trail in terms of the manufacturing technology that they can build their systems with, compared to Intel.

Intel, though, has been turning its attention to mobile and embedded as laptop, PC and server sales have stalled.

Source:  computing.com

AT&T uses small cells to improve service in Disney parks

Tuesday, July 23rd, 2013

AT&T will soon show off how small cell technology can improve network capacity and coverage in Walt Disney theme parks.

If you’re a Disney theme park fan and you happen to be an AT&T wireless customer, here’s some good news: Your wireless coverage within the company’s two main resorts is going to get a heck of a lot better.

AT&T and Disney Parks are announcing an agreement Tuesday that will make AT&T the official wireless provider for Walt Disney World Resort and Disneyland Resort.

What does this mean? As part of the deal, AT&T will be improving service within the Walt Disney World and Disneyland Resorts by adding small technology that will chop up AT&T’s existing licensed wireless spectrum and reuse it in smaller chunks to better cover the resort and add more capacity in high-volume areas. The company will also add free Wi-Fi hotspots, which AT&T customers visiting the resorts will also be able to use to offload data traffic.

Specifically, AT&T will add more than 25 distributed antenna systems in an effort to add capacity. It will also add more than 350 small cells, which extend the availability of the network. AT&T is adding 10 new cell sites across the Walt Disney World resort to boost coverage and capacity. And it will add nearly 50 repeaters to help improve coverage of the network.

Chris Hill, AT&T’s senior vice president for advanced solutions, said that AT&T’s efforts to improve coverage in an around Disney resorts is part of a bigger effort the company is making to add capacity and improve coverage in highly trafficked areas. He said that even though AT&T had decent network coverage already within the Disney parks, customers often experienced issues in some buildings or in remote reaches of the resorts.

“The macro cell sites can only cover so much,” he said. “So you need to go to small cells to really get everywhere you need to be and to provide the capacity you need in areas with a high density of people.”

Hill said the idea of creating smaller cell sites that reuse existing licensed spectrum is a big trend among all wireless carriers right now. And he said, AT&T is deploying this small cell technology in several cities as well as other areas where large numbers of people gather, such as stadiums and arenas.

“We are deploying this technology widely across metro areas to increase density of our coverage,” he said. “And it’s not just us. There’s a big wave of small cell deployments where tens of thousands of these access points are being deployed all over the place.”

Cooperation with Disney is a key element in this deployment since the small cell technology requires that AT&T place access points on the Disney property. The footprint of the access points is very small. They typically look like large access points used for Wi-Fi. Hill said they can be easily disguised to fit in with the surroundings.

Unfortunately, wireless customers with service from other carriers won’t see the same level of improved service. The network upgrade and the small cell deployments will only work for AT&T wireless customers. AT&T has no plans to allow other major carriers to use the network for roaming.

Also as part of the deal, AT&T will take over responsibility for Disney’s corporate wireless services, providing services to some 25,000 Disney employees. And the companies have struck various marketing and branding agreements. As part of that aspect of the deal, AT&T will become an official sponsor of Disney-created soccer and runDisney events at the ESPN Wide World of Sports Complex. In addition, Disney will join AT&T in its “It Can Wait” public service campaign, which educates the public about the dangers of texting while driving.

Source:  CNET

Crypto flaw makes millions of smartphones susceptible to hijacking

Tuesday, July 23rd, 2013

New attack targets weakness in at least 500 million smartphone SIM cards.

Millions of smartphones could be remotely commandeered in attacks that allow hackers to clone the secret encryption credentials used to secure payment data and identify individual handsets on carrier networks.

The vulnerabilities reside in at least 500 million subscriber identity module (SIM) cards, which are the tiny computers that store some of a smartphone’s most crucial cryptographic secrets. Karsten Nohl, chief scientist at Security Research Labs in Berlin, told Ars that the defects allow attackers to obtain the encryption key that safeguards the user credentials. Hackers who possess the credentials—including the unique International Mobile Subscriber Identity and the corresponding encryption authentication key—can then create a duplicate SIM that can be used to send and receive text messages, make phone calls to and from the targeted phone, and possibly retrieve mobile payment credentials. The vulnerabilities can be exploited remotely by sending a text message to the phone number of a targeted phone.

“We broke a significant number of SIM cards, and pretty thoroughly at that,” Nohl wrote in an e-mail. “We can remotely infect the card, send SMS from it, redirect calls, exfiltrate call encryption keys, and even hack deeper into the card to steal payment credentials or completely clone the card. All remotely, just based on a phone number.”

Nohl declined to identify the specific manufacturers or SIM models that contain the exploitable weaknesses. The vulnerabilities are in the SIM itself and can be exploited regardless of the particular smartphone they manage.

The cloning technique identified by the research team from Security Research Labs exploits a constellation of vulnerabilities commonly found on many SIMs. One involves the automatic responses some cards generate when they receive invalid commands from a mobile carrier. Another stems from the use of a single Data Encryption Standard key to encrypt and authenticate messages sent between the mobile carrier and individual handsets. A third flaw involves the failure to perform security checks before a SIM installs and runs Java applications.

The flaws allow an attacker to send an invalid command that carriers often issue to handsets to instruct them to install over-the-air (OTA) updates. A targeted phone will respond with an error message that’s signed with the 1970s-era DES cipher. The attacker can then use the response message to retrieve the phone’s 56-bit DES key. Using a pre-computed rainbow table like the one released in 2009 to crack cell phone encryption keys, an attacker can obtain the DES key in about two minutes. From there, the attacker can use the key to send a valid OTA command that installs a Java app that extracts the SIM’s IMSI and authentication key. The secret information is tantamount to the user ID and password used to authenticate a smartphone to a carrier network and associate a particular handset to a specific phone number.

Armed with this data, an attacker can create a fully functional SIM clone that could allow a second phone under the control of the attacker to connect to the network. People who exploit the weaknesses might also be able to run unauthorized apps on the SIM that redirect SMS and voicemail messages or make unauthorized purchases against a victim’s mobile wallet. It doesn’t appear that attackers could steal contacts, e-mails, or other sensitive information, since SIMs don’t have access to data stored on the phone, Nohl said.

Nohl plans to further describe the attack at next week’s Black Hat security conference in Las Vegas. He estimated that there are about seven billion SIMs in circulation. That suggests the majority of SIMs aren’t vulnerable to the attack. Right now, there isn’t enough information available for users to know if their particular smartphones are susceptible to this technique. This article will be updated if carriers or SIM manufacturers provide specific details about vulnerable cards or mitigation steps that can be followed. In the meantime, Security Research Labs has published this post that gives additional information about the exploit.

Source:  arstechnica.com

Mobile malware, mainly aimed at Android devices, jumps 614% in a year

Friday, July 12th, 2013

The threat to corporate data continues to grow as Android devices come under attack

The number of mobile malware apps has jumped 614% in the last year, according to studies conducted by McAfee and Juniper Networks.

The Juniper study — its third annual Mobile Threats Report — showed that the majority of attacks are directed at Android devices, as the Android market continues to grow. Malware aimed specifically at Android devices has increased at a staggering rate since 2010, growing from 24% of all mobile malware that year to 92% by March 2013.

According to data from Juniper’s Mobile Threat Center (MTC) research facility, the number of malicious mobile apps jumped 614% in the last year to 276,259, which demonstrates “an exponentially higher cyber criminal interest in exploiting mobile devices.”

“Malware writers are increasingly behaving like profit-motivated businesses when designing new attacks and malware distribution strategies,” Juniper said in a statement. “Attackers are maximizing their return on investment by focusing 92% of all MTC detected threats at Android, which has a commanding share of the global smartphone market.

In addition to malicious apps, Juniper Networks found several legitimate free applications that could allow corporate data to leak out. The study found that free mobile apps sampled by the MTC are three times more likely to track location and 2.5 times more likely to access user address books than their paid counterparts. Free applications requesting/gaining access to account information nearly doubled from 5.9% in October 2012 to 10.5% in May 2013.

McAfee’s study found that a type of SMS malware known as a Fake Installer can be used to charge a typical premium rate of $4 per message once installed on a mobile device. A “free” Fake Installer app can cost up to $28 since each one can tell a consumer’s device to send or receive up to seven messages from a premium rate SMS number.

Seventy-three percent of all known malware involves Fake Installers, according to the report.

“These threats trick people into sending SMS messages to premium-rate numbers set up by attackers,” the report states. “Based on research by the MTC, each successful attack instance can yield approximately $10 in immediate profit. The MTC also found that more sophisticated attackers are developing intricate botnets and targeted attacks capable of disrupting and accessing high-value data on corporate networks.”

Juniper’s report identified more than 500 third-party Android application stores worldwide, most with very low levels of accountability or oversight, that are known to host mobile malware — preying on unsuspecting mobile users as well as those with jail-broken iOS mobile devices. Of the malicious third-party stores identified by the MTC, 60% originate from either China or Russia.

According to market research firm ComScore, Android now has a 52.4% market share worldwide, up 0.7% from February. As Samsung has been taking market share from Apple, Android use is expected to continue to grow, according to ComScore.

According to market analyst firm Canalys, Android representedalmost 60% of the mobile devices shipped in 2012. Apple accounted for 19.3% of devices shipped last year, while Microsoft had 18.1%.

Source:  computerworld.com

Google: Critical Android security flaw won’t harm most users

Tuesday, July 9th, 2013

A security flaw could affect 99 percent of Android devices, a researcher claims, but the reality is that most Android users have very little to worry about.

Bluebox, a mobile security firm, billed the exploit as a “Master Key” that could “turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user.” In a blog post last week, Bluebox CTO Jeff Forristal wrote that nearly any Android phone released in the last four years is vulnerable.

Bluebox’s claims led to a fair number of scary-sounding headlines, but as Google points out, most Android users are already safe from this security flaw.

Speaking to ZDNet, Google spokeswoman Gina Scigliano said that all apps submitted to the Google Play Store get scanned for the exploit. So far, no apps have even tried to take advantage of the exploit, and they’d be shut out from the store if they did.

If the attack can’t come from apps in the Google Play Store, how could it possibly get onto Android phones? As Forristal explained to Computerworld last week, the exploit could come from third-party app stores, e-mailed attachments, website downloads and direct transfer via USB.

But as any Android enthusiast knows, Android phones can’t install apps through those methods unless the user provides explicit permission through the phone’s settings menu. The option to install apps from outside sources is disabled by default. Even if the option is enabled, phones running Android 4.2 or higher have yet another layer of protection through app verification, which checks non-Google Play apps for malicious code. This verification is enabled by default.

In other words, to actually be vulnerable to this “Master Key,” you must enable the installation of apps from outside Google Play, disable Android’s built-in scanning and somehow stumble upon an app that takes advantage of the exploit. At that point, you must still knowingly go through the installation process yourself. When you consider how many people might go through all those steps, it’s a lot less than 99 percent of users.

Still, just to be safe, Google has released a patch for the vulnerability, which phone makers can apply in future software updates. Scigliano said Samsung is already pushing the fix to devices, along with other unspecified OEMs. The popular CyanogenMod enthusiast build has also been patched to protect against the peril.

Android’s fragmentation problem does mean that many users won’t get this patch in a timely manner, if at all, but it doesn’t mean that unpatched users are at risk.

None of this invalidates the work that Bluebox has done. Malicious apps have snuck into Google’s app store before, so the fact that a security firm uncovered the exploit first and disclosed it to Google is a good thing. But there’s a big difference between a potential security issue and one that actually affects huge swaths of users. Frightening headlines aside, this flaw is an example of the former.

Source:  techhive.com

BYOD blues: What to do when employees leave

Tuesday, July 2nd, 2013
The bring your own device (BYOD) trend is gaining steam, thanks to the cost benefits and increased productivity that can come from allowing employees to provision their own technology. Mobile workers are more likely to put in more hours, so if your employees want to buy their own equipment and do more work on their own time, it’s a win for the company.At least, a BYOD-practicing workforce seems like a win right until you have to let one of your BYOD workers go and there’s no easy way to ask if you can please see their iPad for a moment because you want to check if there’s anything on their personal device that doesn’t belong to them.

As more workplaces embrace BYOD practices, they’ll increasingly confront the question of how to balance the benefits of a self-provisioned workforce against the risks of company assets walking out the door when workers are let go. What can IT departments currently do to minimize risk when BYOD-practicing employees are laid off? What practices and policies can they put in place to make future departures as smooth as possible?

BYOD layoffs: What you can do now

It’s a fact that some data always walks with the employees: email addresses of business contacts, or knowledge of the organization’s key business practices and initiatives. In the old days, people slipped files into their briefcases. Digital files just mean that copying and moving information can be done quickly.

Skip through the denial and anger stages and just accept that some data is inherently more vulnerable than others, and it’s that vulnerable data, such as emails, that will be walking out the door.”There’s no definitive way to get on to a [departing] employee’s personal devices and undo what’s been done,” says Joshua Weiss, CEO of mobile application development firm TeliApp. “And if your workers have been using off-the-shelf solutions like Dropbox, it’s virtually impossible with some sort of exit interview.”

Rick Veague, CTO of IFS Technologies, says that you can sift structured communications data into three distinct categories: email, files that could contain company information, and mobile data. Once you’ve sifted out the data, you can figure out whether your soon-to-be-ex employee is really in danger of walking out with the company’s assets on an iPad.

“Mobile data is a big problem, so it’s time to start compartmentalizing risks. This way, you can find a balance between the benefits of a [BYOD] workforce and the risks,” Veague says.

And how can your IT department manage the risks without cutting into the perceived BYOD benefits? By planning ahead for the next employee departure.

BYOD layoffs: Plan for the future

If your company is in the happy position of not having to lay anyone off in the near future, then you have time to get a game plan together. Here is a rundown of policies and practices you should consider implementing to make the unfortunate event go more smoothly, while mitigating company risk.

Have a written BYOD policy: This is a simple idea in theory, but not an easy one in practice. TeliApp’s Weiss says that it took his company three months to come up with their current policy. “It started off as a simple paragraph and turned into what felt like a three-page demand letter,” he says.

Why did it take so long? TeliApp treated it like a software development project. After that one paragraph, Weiss and his management team began compiling what-if scenarios and incorporating them into the policy — what Weiss calls the policy’s “alpha testing.” Once the team discovered they hadn’t thought of everything, they expanded the BYOD policy to include the real-life situations that arose. After this beta period, the policy was set.

For managers looking to establish a BYOD policy, here are some of the issues to consider:

  • Defining “acceptable business use” for the device, such as which activities are determined to directly or indirectly benefit the business.
  • Defining the limits of “acceptable personal use” on company time, such as whether employees will be able to play Angry Birds or load their Kindle’s ebook collection.
  • Defining which apps are allowed or which are not.
  • Defining which company resources (email, calendars, and so on) may be accessed via a personal device.
  • Defining which behaviors won’t be tolerated under the rubric of doing business, such as using the device to harass others on company time, or texting and checking email while driving.
  • Listing which devices IT will allow to access their networks (it helps to be as specific as possible with models, operating systems, and versions).
  • Determining when devices are presented to IT for proper configuration of employment-specific applications and accounts on the device.
  • Outlining the reimbursement policies for costs, such as the purchase of devices and/or software, the worker’s mobile coverage, and roaming charges.
  • Listing security requirements for devices that must be met before personal devices are allowed to connect to company networks.
  • Listing the what-ifs, including what to do if a device is lost or stolen, what to expect after five failed logins to the device or to a specific application, and what liabilities and risks the employee assumes for physical maintenance of the device.

Consider other employee policies

Most companies have established noncompete, confidentiality, and nondisclosure agreements. With these legal protections in place, Weiss says, your employees are already constrained from walking off with a company’s intellectual property and using it for their personal gain.

Monitor where your data is going

This is where IT can shine. By setting up shared company file servers and as well as protocols for who can access files and how, IT can monitor people accessing any locally hosted files.

Weiss says that TeliApp runs on the understanding that anything on the company server is company property, and so users don’t copy files to their desktops. If someone does copy a file, the action is immediately logged and remedied. “Everyone understands the policy after their first well-meaning screw-up,” Weiss says.

Try to keep data off local devices

When choosing applications and services, make sure a lot of data can’t be downloaded and saved to local devices. One of the keys to minimizing risk in a BYOD workplace is restricting user access to networks and central repositories. You’ll want to find tools that can sync all user data to a central account that an administrator controls access to. You’ll also want to find ways to place intermediary technologies between the company network and employee devices. It will ultimately reduce IT’s workload and add a layer of security to the company’s networks.

“If you mobile-enable users and they have access to your enterprise data in an unrestricted fashion, you have to actively manage that device, which is difficult to do,” Veague says.

One example of a cloud-based service that can minimize risk to the BYOD workplace: YouMail. The voicemail service stores all its customers’ voicemails and call history in the cloud, so an employer who has YouMail as its voicemail standard will retain contact information and voicemail content even after an individual user leaves. The downside? In the current business-class offerings, users can still access their old accounts. However, in a forthcoming enterprise product, which is still in private beta, but aiming for customer deployment by the end of the summer, an administrator will be able to activate and deactivate individual user accounts.

You’ll also want tools that let an administrator remotely wipe or delete an account. This way, former workers can maintain their device, yet they will no longer have access to their old accounts in certain apps.

Find applications that minimize the amount of data that’s downloaded to any mobile device, Veague suggests, and follow this rule of thumb: “If you can’t access the app, you can’t access the data.” If this rule is followed, then all an IT admin has to do when an employee leaves is shut off the individual user account; the data remains safe.

Do sweeps regularly

One of the downsides of a self-provisioning workforce is that not every worker is going to be as assiduous about application updates, security measures, and backups as a dedicated IT professional is. So have IT step in and do regular security check-ups on any devices that are allowed to access company networks. Because security requirements will be written into any BYOD policy, users will know that their devices are going to be scanned and updated regularly.

Hire carefully

This last step may be out of IT’s hands, but it is often the first step in avoiding any problems. Weiss says, “You have to know who you’re hiring — it all comes down to that. If you don’t think a person’s trustworthy, regardless of what their credentials are, then don’t hire them.”

With these steps in place, the risks of letting employees provision their own hardware are managed in a way that lets IT professionals still maintain their primary responsibilities to a company without being perceived as an obstacle for mobile-mad employees to work around. And being seen as business-friendly while also protecting the business? That’s the real win-win when you think about employees’ departures as you’re bringing both them and their devices on board.

Source:  pcworld.com

‘Containerization’ is no BYOD panacea: Gartner

Tuesday, June 25th, 2013

Gartner notes it’s an important IT application development question

Companies adopting BYOD policies are struggling with the thorny problem of how they might separate corporate and personal data on an employee’s device.

One technology approach to this challenge involves separating out the corporate mobile apps and the data associated with these into “containers” on the mobile device, creating a clear division as to what is subject to corporate security policies such as wiping. But one Gartner analyst delving into the “containerization” subject recently noted the current array of technology choices each have advantages and disadvantages.

“BYOD means my phone, my tablet, my pictures, my music — it’s all about the user,” said analyst Eric Maiwald at the recent Gartner Security and Risk Management Summit.

But if IT security managers want to place controls on the user device to separate out and manage corporate e-mail, applications and data, it’s possible to enforce security such as authentication, encryption, data leakage, cut-and-paste restrictions and selective content wiping through various types of container technologies.

However, the ability of containers to detect “jailbreaking” of Apple iOS devices, which strips out Apple’s security model completely, remains “nearly zero,” Maiwald added. “If you have a rooted device, a container will not protect you.”

There are many choices for container technology. The secure “container” can be embedded in the operating system itself, such as Samsung’s Knox smartphone or the Blackberry 10, Maiwald noted. And the mobile-device management (MDM) vendors such as AirWatch, MobileIron and WatchDocs also have taken a stab at containers, though Gartner sees some of what the MDM vendors are doing as more akin to “tags” available to do things like tag a mailbox and message as corporate.

Companies that include, Enterproid, Excitor, Fixmo, Good Technology, LRW Technologies, NitroDesk, VMware and Citrix also have approaches to containerization that get attention from Gartner as possible ways to containerize corporate apps.

But selecting a container vendor is not necessarily simple because what you are doing is making an important IT decision about enterprise development of apps, says Maiwald. “Container vendors provide mechanisms for linking a customized app to the container,” he said. It typically means choosing an API as part of your corporate mobile-device strategy.

For example, Citrix’s containerization software is called XenMobile, and Kurt Roemer, Citrix chief security strategist, says to make use of it, apps have to be developed using the Citrix API and SDK for this. However, there are several app developers that already do that through what Citrix calls its Worx-enabled program for XenMobile. These include Adobe, Cisco, Evernote, Egnyte and Concur, to name a few. The Citrix containerization approach, which includes an app-specific VPN, will let IT managers do many kinds of tasks, such as automating SharePoint links to mobile devices for specific apps or easily control provisioning of corporate apps on BYOD mobile devices, Roemer says.

Source:  networkworld.com

LTE Advanced is coming, but smartphone users may not care

Thursday, June 20th, 2013

Faster network speeds are better, right?

LTE Advanced is coming soon to the Samsung Galaxy S4 smartphone, offering double the downlink speeds of LTE (Long Term Evolution).

But U.S. carriers still have to upgrade LTE networks to operate with LTE Advanced, and their plans to do so are vague.

Even if U.S. networks were completely LTE Advanced-ready, some analysts question whether buyers would pay much more to upgrade their smartphones for a model with the LTE Advanced speed advantage. There’s unlikely to be the same scramble for LTE Advanced as there was for LTE-ready smartphones such as the iPhone 5, which provide 10Mbps or more on LTE downlinks on average, boosting previous speeds by three times or more over 3G, analysts said.

One analyst is especially skeptical of LTE Advanced’s value. LTE Advanced in a smartphone or tablet “is not important to the user, especially in the U.S. where carriers have been marketing LTE or 4G for years now,” said Carolina Milanesi, an analyst at Gartner. “The novelty has worn off. To tell customers that LTE will be even faster … is nice, but not life changing.”

Jack Gold, an analyst at J. Gold Associates, said consumers don’t understand what LTE Advanced is. “Will users actually see that much improvement? Will they notice anything all that different in their user experience? For most, probably not,” Gold said Tuesday. “Carriers [and manufacturers] are really trying to find advantage to keep the market excited about their networks. Will users buy into it? Remains to be seen.”

JK Shin, co-CEO of Samsung Electronics, said Monday that the Galaxy S4 with LTE Advanced capabilities will go on sale in South Korea in June and with wireless carriers in other countries later on. He said that a three-minute download of a movie using existing LTE technology would take just over a minute to download over LTE Advanced.

Of the four largest U.S. wireless carriers polled on Monday, T-Mobile USA said it was planning on LTE Advanced network support, although it has not announced a schedule.

Verizon said it plans three network improvements that will support LTE Advanced, some of which will be ready and “invisible” to customers later this year.

Sprint said it has already deployed some elements of LTE Advanced, but didn’t elaborate on a schedule or other details. The carrier said LTE Advanced will give customers greater speed, capacity and improvements in video quality, and will help lower Sprint’s costs to keep unlimited data plans.

AT&T is also expected to move to LTE Advanced, but didn’t respond immediately to questions about timing.

The upgrade cost to deliver LTE Advanced is expected to be minor compared to the many billions of dollars it cost to upgrade networks to LTE with new antennas and switches.

Analysts said that while Samsung will introduce the GS4 in South Korea on LTE Advanced networks, the value of LTE Advanced could be far less exciting in the U.S. Smartphones are getting wide acceptance in the U.S., where a majority of Americans own the devices, according to a Pew Research Center survey. Smartphone makers and carriers face the challenge of marketing new features, such as faster network speeds, to lure buyers into trading in their old devices for new ones.

“We are getting to the point where selling innovation is hard,” Milanesi said. “That innovation today is about user experience, convenience and incremental benefits — not transformational ones.”

Such incremental benefits are hard to sell in a store because the features take longer for salespeople to demonstrate, she added. The sales rep might be showing the improvements on “a phone that otherwise will look like all the rest — or even worse — like the previous generation,” Milanesi said.

Gartner and other analyst firms noticed a new trend that started in the fourth quarter of 2012: U.S. smartphone owners were keeping their devices longer, holding them beyond a two-year contract rather than upgrading before the end of the two-year period to get access to newer hardware, software or network speeds.

“Some users might hang onto their smartphones and get a tablet instead,” Milanesi added.

As a result of both lower perceived innovation in new smartphones and the hype to buy tablets, smartphone lifetimes are lengthening, Milanesi said. “That means for a market like the U.S. where we have a replacement market, [sales] growth will decrease,” she said.

At Verizon, LTE Advanced is viewed as an improvement that will be invisible to customers, Verizon spokesman Tom Pica said. Verizon already has rolled out LTE to more than 400 cities, and LTE Advanced will mean customers “continue to find the consistent reliability and high speeds they have come to expect” from Verizon, he said.

Later in 2013, Verizon will deploy small cells and AWS (Advanced Wireless Services) spectrum as part of LTE Advanced capabilities. A third step, involving advanced MIMO (multiple input, multiple output) antennas for devices and cell sites, is in the plans, but no schedule has been announced.

AWS uses two spectrum bands in the 1700MHz and 2100MHz channels to increase network capacity for heavy data users but not necessarily speed. Verizon already sells seven devices that support AWS, including the GS4, the Nokia Lumia 928 and the BlackBerry Q10. Small cells can increase network capacity and network reach.

Source:  computerworld.com

New attack cracks iPhone autogenerated hotspot passwords in seconds

Thursday, June 20th, 2013

Default password pool so small scientists need just 24 seconds to guess them all.

If you use your iPhone’s mobile hotspot feature on a current device, make sure you override the automatic password it offers to secure your connections. Otherwise, a team of researchers can crack it in less than half a minute by exploiting recently discovered weaknesses.

http://cdn.arstechnica.net/wp-content/uploads/2013/06/base-iphone-passwords-640x583.jpgIt turns out Apple’s iOS versions 6 and earlier pick from such a small pool of passwords by default that the researchers—who are from the computer science department of the Friedrich-Alexander University in Erlangen, Germany—need just 24 seconds to run through all the possible combinations. The time required assumes they’re using four AMD Radeon HD 7970 graphics cards to cycle through an optimized list of possible password candidates. It also doesn’t include the amount of time it takes to capture the four-way handshake that’s negotiated each time a wireless enabled device successfully connects to a WPA2, or Wi-Fi Protected Access 2, device. More often than not, though, the capture can be completed in under a minute. With possession of the underlying hash, an attacker is then free to perform an unlimited number of “offline” password guesses until the right one is tried.

The research has important security implications for anyone who uses their iPhone’s hotspot feature to share the device’s mobile Internet connectivity with other Wi-Fi-enabled gadgets. Adversaries who are within range of the network can exploit the weakness to quickly determine the default pre-shared key that’s supposed to prevent unauthorized people from joining. From there, attackers can leach off the connection, or worse, monitor or even spoof e-mail and other network data as it passes between connected devices and the iPhone acting as the access point.

“Taking our optimizations into consideration, we are now able to show that it is possible for an attacker to reveal a default password of an arbitrary iOS hotspot user within seconds,” the scientists wrote in a recently published research paper. “For that to happen, an attacker only needs to capture a WPA2 authentication handshake and to crack the pre-shared key using our optimized dictionary.”

By reverse engineering key parts of iOS powering iPhones, the researchers discovered that default hotspot passwords always contained a four- to six-letter word followed by a randomly generated four-digit number. All the words were contained in an open-source Scrabble word list available online. By using a single AMD Radeon HD 6990 GPU to append every possible four-digit number to each of the words, the researchers needed only 49 minutes to cycle through all possible combinations. Then they stumbled on a discovery that allowed them to drastically reduce the amount of time required.

The hotspot feature, they found, uses an observable series of programming calls to pick four- to six-letter words from an English-language dictionary included with iOS. By cataloging the default passwords issued after about 250,000 invocations, they determined that only 1,842 different words are selected. The discovery allowed them to drastically reduce the number of guesses needed to correctly find the correct password. As a result, the required search space—that is, the total number of password candidates needed to guess a default password—is a little less than 18.5 million.

They were able to further reduce the time required after noticing that certain words on the reduced list are much more likely than others to be chosen. For instance, “suave,” “subbed,” “headed,” and seven other top-10 words were 10 times more likely to be selected as the base for a default password than others. The optimized list in the attack orders words by their relative frequency, so those most likely to be used are guessed first. Given a four-GPU system is able to generate about 390,000 guesses each second, it takes about 24 seconds to arrive at the correct guess.

Among the many security features included in the WPA standard is its use of the relatively slow PBKDF2 function to generate hashes. As a result, the number of guesses that the researchers’ four-GPU system is capable of generating each second is measured in the hundreds of thousands, rather than in the millions or billions. The paper—titled “Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots”—demonstrates that slow hashing alone isn’t enough to stave off effective password cracks.

Also crucial is a selection of passwords that will require attackers to devote large amounts of time or computing resources to exhaust the required search space. Had Apple engineers designed a system that picked long default passwords with upper- and lower-case letters, numbers, and special characters, it could take centuries for crackers to cycle through every possibility. Alas, passwords such as “3(M$j;]fL[ZU%<1T” aren’t easy for most people to use in practical settings. Still, a Wi-Fi password that’s randomly generated—say “MPuUjxRpz0” or even “arNEsISIon” will require considerably more time and resources to crack than the default passwords currently offered by iOS.

Readers who use their iPhone’s hotspot feature should override the default password offering and replace it with something that’s harder to guess. They should also take advantage of the hotspot feature’s ability to monitor how many people are connected to the Wi-Fi network. Those who use hotspot features on other mobile platforms would also do well to carefully monitor the passwords protecting their connections. By default, passwords offered by Microsoft’s Windows Phone 8 consist of only an eight-digit number, according to the researchers, and depending on the carrier, some Android handsets may also generate default passwords that are easy to crack.

Source:  arstechnica.com

Obama wants government to free up more wireless spectrum

Friday, June 14th, 2013

President Barack Obama is directing federal agencies to look for ways to eventually share more of their radio airwaves with the private sector as the growing use of smartphones and tablets ratchets up the demand for spectrum, according to a memo released on Friday.

With blocks of spectrum reserved by dozens of government agencies for national defense, law enforcement, weather forecasting and other purposes, wireless carriers and Internet providers are urging that more spectrum be opened up for commercial use.

The call comes as airwaves are becoming congested with the increase in gadgets and services that are heavily reliant on the ability to transport greater amounts of data.

“Although existing efforts will almost double the amount of spectrum available for wireless broadband, we must make available even more spectrum and create new avenues for wireless innovation,” Obama said in his presidential memo.  “One means of doing so is by allowing and encouraging shared access to spectrum that is currently allocated exclusively for Federal use.”

The memorandum, welcomed and lauded by the telecommunications industry, directs federal agencies to study how exactly they use the airwaves and how to make it easier to share them with the private sector.

The directive also sets up a Spectrum Policy Team that in six months will have to recommend incentives to encourage government agencies to share or give up their spectrum – something industry experts see as a critical step in opening more of the federally used airwaves to the private sector.

“Our traditional three-step process for reallocating federal spectrum — clearing federal users, relocating them and then auctioning the cleared spectrum for new use — is reaching its limits,” Jessica Rosenworcel, a Democratic member of the Federal Communications Commission, said in supporting Obama’s move.

The FCC is now working on rules for the biggest-ever auction of commercially used airwaves, in which TV stations would give up and wireless providers would buy highly attractive spectrum.  The auction is expected to take place in late 2014 or later.

The White House on Friday also released a report showing growth of broadband innovation and access, an area that the Obama administration has on because it is viewed as a critical tool for economic growth.  To further the process, the White House now plans to invest $100 million into spectrum sharing and advanced communications.

Friday’s directive also “strongly encourages” the FCC to develop a program that would spur the creation and sale of radio receivers that would ensure that if spectrum is shared, different users do not interfere with each other.

“The steps taken today lay the groundwork for tomorrow’s broadband future,” said Vonya McCann, senior vice president of government affairs at Sprint Nextel Corp.

Source:  Reuters