Mobile Handsets: A Panoramic Overview

1
Mobile Handsets A Panoramic Overview

• Dong Xuan
• Associate Professor
• CSE Dept., The Ohio State University

2
Outline

• Introduction
• Handset Architecture
• Handset Operating Systems
• Networking
• Applications
• Security Risks and Mitigation Strategies

3
What Is A Mobile Handset?

• A mobile handset (handset) is an electronic
  device that provides services to users, e.g.
• Managing address book
• Scheduling calendar
• Cellular telephony
• Accessing Internet, email
• Handsets include smartphones and PDAs

Example handsets Apple iPhone, BlackBerry Storm,
Palm TreoPro
4
Handsets Your Next Computer?

• Handsets small form factor, mobility have
  yielded meteoric sales 1
• 3.3 billion mobile phone subscriptions as of Jan.
  2008
• 2.7 billion subscriptions correspond to one
  person some people have multiple phones!
• Rapid replacement rate young adults replace
  phones every 6 months in South Korea 1
• These statistics are just for phones
• Your handset your next computer? 2

5
Whats Inside a Mobile Handset?
Source 3
6
Handset Architecture (1)

• Handsets use several hardware components
• Microprocessor
• ROM
• RAM
• Digital signal processor
• Radio module
• Microphone and speaker
• Hardware interfaces
• LCD display

7
Handset Architecture (2)

• Handsets store system data in electronically-erasa
  ble programmable read-only memory (EEPROM)
• Service providers can reprogram phones without
  requiring physical access to memory chips
• OS is stored in ROM (nonvolatile memory)
• Most handsets also include subscriber identity
  module (SIM) cards

8
Handset Microprocessors

• Handsets use embedded processors
• Intel, ARM architectures dominate market.
  Examples include
• BlackBerry 8700, uses Intel PXA901 chip 4
• iPhone, uses Samsung ARM 1100 chip 5
• Low power use and code size are crucial 3
• Microprocessor vendors often package all the
  chips functionality in a single chip
  (package-on-package) for maximum flexibility

9
Example The iPhones CPU

• The iPhone a real-world mobile handset 67
• Runs on Samsung S3C6400 chip, supports ARMv6
  architecture
• Very few details are known about the ARM Core,
  esp. given Apples secrecy
• Highly modular architecture
• Similar to Apples iPod Touch, which lacks
  telephony capability 8

Source 6
10
SIM Cards

• They include their own microprocessor and 16 KB
  4 MB EEPROM
• They come in two sizes
• Their versatility arises from portability of
  information
• SIM card identifies subscriber to network
• Stores personal information, address books,
  messages, service-related information

11
Other Memory Cards

• Some handsets include other peripheral memory
  cards
• Compact Flash
• Multimedia Card
• Secure Digital
• Handsets synchronize with a computer
• Nowadays, computers include slots of various
  sizes to hold these memory cards

12
Handset Operating Systems

• Currently, handsets run several OSes
• Symbian OS
• iPhone OS (an embedded version of OS X)
• Windows Mobile
• BlackBerry OS
• Google Android Platform (based on Linux)
• With the exceptions of Symbian and Android, these
  OSes are proprietary 910
• Telecom carriers frequently lock down handset
  firmware, OSes to prevent user modifications

13
Handset OS Usage

• According to British analysis firm Canalys,
  handset OS usage in 3Q 2008 had the following
  ranking (most to least) 11
• Symbian OS
• iPhone OS
• BlackBerry OS
• Windows Mobile
• Linux (Android, etc.)
• Others
• iPhone OS surged ahead of BlackBerry OS, but with
  new BlackBerries and Android phones, this ranking
  may easily change in the future 11
• Well now examine each OS individually

14
Symbian OS

• Dominant OS in the mobile handset market
• Runs exclusively on ARM processors
• Owned by British firm Symbian Ltd.
• Descendant of Psion EPOC OS (dev. in 1990s)
• Sony Ericsson, Nokia, et al. bought shares in the
  firm until Nokia bought Symbian in 2008, formed
  Symbian Foundation to further future open handset
  development 12
• Nokia plans to open-source the OS by 2009 9

15
Design of Symbian OS

• Based on Psion EPOC desktop OS features include
  13
• Bare-bones microkernel (nanokernel)
• Pre-emptive multitasking
• Memory protection
• Handset-centric design, can operate several
  months without reboot
• Supports multiple UIs based on smartphone form
  factor (e.g., 320 240)

16
Symbian OS Devices

• Numerous handsets use Symbian OS UIs largely
  based on manufacturer device
• Nokia S60 includes J2ME, std. UI (mostly Nokia
  phones)
• Nokia S80 QWERTY keyboard, Web browser,
  enterprise office-doc. support (older Nokia
  Communicators)
• Nokia S90 used only on Nokia 7710
• UIQ Sony Ericsson/Motorola GUI platform used
  primarily on those companies handsets
• FOMA platform closed-dev. software platform
  used by handsets on NTT DoCoMos network (Japan)

17
Symbian OS v9 Architecture
Source 15 (heavily modified)
18
Symbian OS Development

• Native language is C
• Nokia provides free Eclipse-based Carbide.c
  development tools, Carbide.vs Visual Studio
  plugin
• Mac Linux development is possible
• Can program in many other languages C, Java,
  Ruby, Python, Perl, OPL, Visual Basic, Simkin
• Applications needing any capabilities beyond bare
  minimum must be cryptographically signed (see
  http//www.symbiansigned.com)
• Can also program in Adobe Flash Lite (mobile
  version of Flash)

19
iPhone OS

• Runs on both the iPhone and iPod Touch
• Variation of Mach microkernel-based OS X that
  fits in 512 MB flash memory, runs on ARM
  architecture 21
• Four abstraction layers Core OS, Core Services,
  Media, Cocoa Touch 22
• Core Animation and PowerVR MBX 3D hardware
  provide interface animations
• 320 480 LCD display that supports multi-touch
  gestures

20
iPhone Developer Program

• iPhone Developer Program provides dev. tools,
  iPhone emulator, means to upload to App Store
  (SDK)
• To download SDK, you must apply to be a member,
  pay fees
• Standard Developer 99
• Enterprise Developer 299
• Exception Apples free iPhone Developer
  University Program for higher-ed. institutions
  23
• SDK only runs on Mac OS X Leopard on Intel-based
  Macs (go figure)

21
iPhone Web App Development

• You can develop Web apps for iPhone so long as
  they run on Safari 24
• Safari features 2526
• Auto-resizes Web pages to fit browser size
• Multi-touch functionality
• XHTML 1.1, CSS 2.1, JavaScript, W3C DOM Level 2,
  AJAX technology, cookies,
• Does not support Flash or Java
• iPhone Web apps should
• Minimize user awareness of browser experience
• Reproduce control style, layout, behavior of
  iPhone apps
• Integrate with built-in iPhone features services

22
BlackBerry OS

• BlackBerry OS is Research in Motions (RIMs)
  proprietary OS for its BlackBerry handsets
• Provides multitasking, heavily uses BlackBerry
  input devices, e.g., thumbwheel
• Current OS 4 provides a subset of Javas Mobile
  Information Device Profile (MIDP) 2.0
• Developers can use these APIs, proprietary APIs
  to write software
• All applications must be digitally signed so to
  link an app with the developer

23
BlackBerry Software

• Email from BlackBerry service, MS Exchange,
  Domino, Yahoo, etc. can be pushed to the
  handset
• Can view PDF, MS Word, Excel, PowerPoint
  attachments
• BlackBerry Browser (only supports JavaScript)
• Other online apps include
• BlackBerry Maps
• Facebook services
• Yahoo Messenger, Google Talk
• Calendar, Address Book, and PIM Sync via USB
• GPS
• See http//www.blackberry.com for much more
  information about handset and desktop software

24
BlackBerry Wireless Platform

• RIM provides standards-based platform and
  developer tools to develop and deploy custom
  wireless applications
• HTML Web browser
• Java Mobile Edition development tools
• .NET applications
• BlackBerry handsets support standard networking
  protocols and connect to any type of server
  application

25
BlackBerry Mobile Data System

• BlackBerry Mobile Data System (MDS) supports MS
  Exchange, Lotus Domino, Novell GroupWire, and
  RIMs own MDS systems for messaging applications

26
BlackBerry Mobile Voice System

• With this service, theres only one business
  number BlackBerry users must remember
• Calls are routed to a BlackBerry handset,
  regardless of whether the call is directed to an
  office or mobile phone 27
• Provides security and authentication through
  BlackBerry Enterprise Servers 28
• IT administrators can lock down handsets, route
  calls through their telecom infrastructure, etc.
  2728

27
BlackBerry Internet Services

• BlackBerry Internet Service leverages
  centrally-hosted wireless gateways, allowing
  users to access up to 10 supported email
  accounts, browse Internet

28
BlackBerry Developer Tools

• RIM provides several development tools
• BlackBerry MDS Studio
• Developers can quickly create rich client apps
  using component-based drag-and-drop approach
• Tool requires MDS runtime
• BlackBerry plugin for MS Visual Studio
  (development on MDS platform)
• BlackBerry Java Development Environment (JDE)
• Provides IDE, simulation tools for Java ME app
  for Java-based BlackBerry so developers can
  create standalone or client-server apps

29
Windows Mobile

• Windows Mobile is powered by Microsofts Windows
  CE embedded OS Windows CE runs on x86, MIPS,
  ARM, Hitachi SuperH processors
• Latest version, 6.1, includes Windows Live
  services, Exchange 2007 mail access
• Designed to closely mimic desktop Windows
• Windows Mobile 6.1 includes mobile versions of
  Office applications, Outlook (w/HTML email),
  Internet Explorer, Windows Media Player
• SQL Server 2005 included in ROM
• .NET Compact Framework 2.0 included

30
Windows Mobile Development (1)

• Native code is developed with MS Visual C
• Microsoft strongly recommends development with
  managed code 19
• Managed code is written in one of the .NET
  framework object-oriented languages
• Compiled to MS Intermediate Language (MSIL) that
  all the languages share
• At execution time, MSIL is compiled just in
  time to native object code
• Contrast with Java
• Java code is compiled to Java bytecode
• Java interpreter interprets bytecode, dynamically
  compiles frequently-accessed bytecode into native
  object code (HotSpot)

.NET Framework in Context. Source 19
31
Windows Mobile Development (2)

• Windows Mobile development tools include
• Plugins for MS Visual Studio 2005, 2008, etc.
• SDKs for Windows Mobile-based handsets
• Microsoft gives away Visual Studio to students
  for free with its DreamSpark program 20

32
Android Mobile Handset Platform

• Android is a software development platform for
  mobile handsets that is based on Linux
• Developed by Google and Open Handset Alliance
  (OHA) for different handset manufacturers
• The Alliance includes T-Mobile, Sprint Nextel,
  Google, Intel, Samsung, Wind River Systems, et
  al. 29
• Its purpose is to build a fully free and open
  mobile handset platform to facilitate development
  of handsets, software, services 30
• First Android-based handset is T-Mobile G1 31

33
Android Architecture
34
Android Features and Software

• Features
• 3D OpenGL ES 1.0
• SQLite Database engine
• WebKit Web browser
• Dalvik Register-based VM similar to Java VM
  32
• FreeType Bitmap and vector font rendering
• Connectivity Bluetooth, 802.11, GPS

• Core Applications
• Email client, SMS program, calendar, Google Maps
  (and Apps), browser, etc.
• Written in Java
• App Framework
• Full access to same framework APIs
• Architecture designed for component reuse
• Runtime
• Core C library
• Multiple Dalvik VMs run in a process, rely on
  Linux kernel for process isolation 32

35
Android SDK

• Android SDK provides required tools and APIs to
  develop apps on Android platform using Java
• Android is licensed under the Apache open-source
  license
• The Android Development Tools (ADT) Eclipse
  plugin eases development
• Download the Android SDK at http//code.google.com
  /android/ and the Eclipse plugin at
  https//dl-ssl.google.com/android/eclipse

36
Palm OS

• Palm OS originally designed by Palm Computing
  Inc. for Palm handsets, sold to Japanese firm
  ACCESS 16
• From Jan. 2004 Jun. 2005, there has been no
  development on Palm OS past v6.1 16
• ACCESS and Palm are working on new versions of
  the OS that are Linux-based 16
• ACCESS version is called the ACCESS Linux
  Platform
• Palms version will be called Palm OS should be
  available Q1 2009

37
Handset Networking

• Handsets communicate with each other and with
  service providers via many networking
  technologies
• There are two classes of these technologies
• Cellular telephony
• Wireless networking
• Most handsets support both, some also support
  physical connections such as USB

38
Cellular Telephony Basics (1)

• There are many types of cellular services before
  delving into details, focus on basics (helps
  navigate the acronym soup)
• Cellular telephony is a radio-based technology
  radio waves are electromagnetic waves that
  antennas propagate
• Most signals are in the 850 MHz, 900 MHz, 1800
  MHz, and 1900 MHz frequency bands

Cell phones operate in this frequency range (note
the logarithmic scale)
39
Cellular Telephony Basics (2)

• Digital signal processors (DSPs) are key to radio
  reception in handsets
• They transform signals from one form to another,
  e.g.
• Fourier transforms
• Discrete cosine transform

Source 3
40
Cellular Telephony Basics (3)

• Cells and base stations
• Space is divided into cells, and each cell has a
  base station (tower and radio equipment)
• Base stations coordinate themselves so mobile
  users can access the network
• If you move from one cell to another, the first
  cell notices your signal strength decreasing, the
  second cell notices your signal strength
  increasing, and they coordinate handover so your
  handset switches to the latter cell

41
Cellular Telephony Basics (4)

• Statistical multiplexing
• Time Division Multiple Access (TDMA)
• A 30 kHz-wide and 6.7 ms-long band is split into
  3 time slots
• Each conversation gets the radio 1/3 of the time
  voice data is converted to digital information
  and compressed to use less transmission space

42
Cellular Telephony Basics (5)

• Statistical multiplexing contd.
• Frequency Division Multiple Access (FDMA)
• Analogous to TDMA, but each conversation uses a
  different frequency in the same band
• Code Division Multiple Access (CDMA) 38
• Uses spread-spectrum technology and different
  pseudo-noise codes so multiple users share the
  same physical channel

43
Cellular Telephony

• It is useful to think of cellular telephony in
  terms of generations 3337
• 0G Briefcase-size mobile radio telephones
• 1G Analog cellular telephony
• 2G Digital cellular telephony
• 3G High-speed digital cellular telephony
  (including video telephony)
• 4G IP-based anytime, anywhere voice, data,
  and multimedia telephony at faster data rates
  than 3G (to be deployed in 20122015)
• We will focus on 2G and 3G technologies

44
Cellular Telephony 2G

• There are two main 2G technologies
• Global System for Mobile communications (GSM),
  which uses TDMA 39
• Interim Standard 95 (IS-95, aka cdmaOne), which
  uses CDMA 40
• There are other TDMA networks such as PDC
  (Japan-only), iDEN (Nextel-only), and IS-136 (now
  converted to GSM)
• We wont worry about these

45
GSM (1)
GSM network architecture includes the following
subsystems

• Mobile Stations (MSes) handsets
• Each handset has a SIM card
• Base Station Subsystems (BSSes) provide air
  link for MSes
• A BSS consists of a Base Station Controller
  (BSC), which includes the TransCoder Unit (TCU)
  and the Base Transceiver System (BTS)
• A BSC controls several BTSes, which is
  responsible for communication with the NSS and OSS

• Network SubSystems (NSSes) connect calls
  between network users
• Composed of several Mobile Switching Centers
  (MSC) in conjunction with location registers
  (Home Location Registers HLRs, Visitor Location
  Register VLRs) and authentication centers
  (AUCs)
• Operation SubSystems (OSSes) provide network
  admins with remote network monitoring, mgmt.
  capabilities
• Operations Maintenance Center (OMC) provides
  network with remote monitoring, maintenance as
  well as alarms, event logging

46
GSM (2)

• GSM network architecture is as follows

47
GSM (3)

• Short Message Service (SMS) 41
• 1985 GSM standard that allows messages of at most
  160 chars. (incl. spaces) to be sent between
  handsets and other stations
• Over 2.4 billion people use it multi-billion
  industry
• General Packet Radio Service (GPRS)
• GSM upgrade that provides IP-based packet data
  transmission up to 114 kbps
• Users can simultaneously make calls and send
  data
• GPRS provides always on Internet access and the
  Multimedia Messaging Service (MMS) whereby users
  can send rich text, audio, video messages to each
  other 42
• Performance degrades as number of users increase
• GPRS is an example of 2.5G telephony 2G service
  similar to 3G

48
GSM (4)

• Enhanced Data rate for GSM Evolution (EDGE) 43
• GSM revision that provides 3 GPRS data rate
  (max. 236.8 kbps) considered 3G tech.
• Deployed on GSM networks starting in 2003
• EDGE Evolution increases bit rates to
  (theoretical) max. of 1 Mbps, decreases latency
  from 200 ms to 100 ms

49
IS-95, CDMA2000, and 3G

• Qualcomm developed IS-95 in the 1990s as first
  CDMA-based mobile standard 40
• Unlike GSM, which is open, Qualcomm owns patents
  on CDMA technology
• CDMA2000, IS-95s hybrid 2.5G/3G successor, is
  supplanting it 44
• The Telecommunications Industry Association owns
  the trademarks cdmaOne and CDMA2000 in the
  U.S.
• There are two competing 3G technologies the
  Universal Mobile Telecommunications System (UMTS)
  and CDMA2000

50
UMTS and HSPA

• The UMTS is an international standard designed to
  replace GSM (aka 3GSM) 45
• UMTS is a 3G standard and is being developed into
  a 4G standard
• Its air interface is Wideband CDMA (W-CDMA),
  which was developed by NTT DoCoMo for Japans 3G
  wireless network 46
• W-CDMA has been deployed in Europe and Asia
• In theory, High Speed Packet Access (HSPA)
  protocols extend UTMS performance to 14.4 Mbps
  and 5.76 Mbps downlink and uplink, respectively
  47
• In practice, max speeds are 7.2 Mbps and 1.4
  5.8 Mbps, respectively (depending on carrier)

51
Other Handset Networks

• Many handsets not only support cellular
  telephony, they support other networking
  technologies as well
• Wireless
• Bluetooth (100 m max, 10 m for handsets)
• IEEE 802.11 (longer range)
• Infrared Data Association (IrDA)
• Wired
• USB, etc.

52
Bluetooth (1)

• Bluetooth is a technology specification for small
  form factor, low-cost, short-range wireless links
  between mobile handsets, Internet connectivity
• Max range is 100 m in 2.4 GHz frequency band
  (handsets 10 m radios)
• There is possible interference with IEEE 802.11b
  WLANs operating in this band
• Max bandwidth is 3 Mbps for Bluetooth 2.x with
  Enhanced Data Rate

53
Bluetooth (2)

• Link Types
• Synchronous Connection-Oriented (SCO)
• Useful for circuit-switched services, e.g.,
  voice, where low delay and high QoS are required
• Offered channels are symmetric and synchronous
• Asynchronous Connection-Less (ACL)
• More efficient for data transfer, other async.
  services
• Link offers packet switching, transmission
  (Xmission) slots granted by polling access scheme
• A piconet is a collection of up to 8 Bluetooth
  units where one is a master that controls
  Xmission, hopping scheme, others are slaves
• Master tells slave, I want to send, and slave
  receives
• Slaves can send on slots only when they agree
  with master
• One connection can have several links of either
  type, but theres a 3 voice call limit within a
  piconet

54
Bluetooth (3)

• Piconets and scatternets
• One device can be connected in two or more
  piconets, which is termed a scatternet
• But a device can only be a master to one piconet
  at a time
• In order for device to be part of scatternet,
  support for hold, park, or sniff mode is needed
• Master/slave roles are not necessarily fixed and
  can be changed during connection
• Master/slave switch needed in scatternet

55
Bluetooth (4)

• Piconets and scatternets, contd.
• a) Point-to-point connection between two devices
• b) Point-to-multipoint connection between a
  master and three slaves
• c) Scatternet consisting of three piconets

56
Bluetooth (5)

• Bluetooth uses adaptive frequency hopping (AFQ)
  that detects other devices in the frequency
  spectrum and hops among 79 channels 1 MHz apart
  to reduce interference 48

57
Bluetooth (6)

• Connections established via page messages if
  recipient address is unknown, masters inquiry
  message is needed (that gives access code, asks
  for slaves Bluetooth address and system clock)
• Units are in standby mode before connections are
  made
• Page message is sent on 16 frequencies 128 times
  if no response, message is sent on 16 different
  frequencies 128 times
• Max. connection time is 2.56 seconds

58
Bluetooth (7)

• Bluetooth Special Interest Group (SIG) has
  defined numerous usage models for the technology
  that describe primary Bluetooth applications
  intended devices
• Profiles define the protocols protocol features
  that support a usage model
• See 49 for more information

59
IEEE 802.11 Networks

• The IEEE 802.11 standards specify how electronic
  devices communicate with each other in wireless
  fidelity (Wi-Fi) networks
• Many handsets can communicate with each other
  this way
• There are many 802.11 standards 53 well only
  look at 802.11b, 802.11g, and WiMax here
• Other 802.11 standards provide greater security,
  which well discuss later

60
IEEE 802.11 WiMax Specs.

• 802.11b (1999) 51, 53
• Operates in the 2.4 GHz frequency band
• Provides max 11 Mbps data rate
• 38 m indoor range
• 802.11g (2003) 51, 53
• Operates in either 2.4 GHz or 5 GHz frequency
  bands
• Provides max 54 Mbps data rate
• 38 m indoor range
• WiMax (802.16) 52
• Operates in 2.3 GHz, 2.5 2.6 GHz frequency
  bands
• Provides max 40 Mbps data rate now, 300 Mbps
  later
• 3 km cell range

61
IrDA

• The Infrared Data Association (IrDA) provides
  protocols to transfer data between handsets,
  other devices using infrared light 54
• Similar in principle to a remote control
• Data rate is 16 Mbps now, 300 500 Mbps later
• Range is 1 m, communicating devices must have a
  line of sight
• Deployed in over 500 million devices

62
Wired Networks USB

• The Universal Serial Bus (USB) is a ubiquitous
  standard for transferring data between computers
  (including handsets!) 55
• By definition, data is transferred one bit at a
  time
• USB 1.1 (1998) max 1.5 Mbps (low-speed), 12 Mbps
  (full-speed)
• USB 2.0 (2000) max 480 Mbps
• USB 3.0 (to be released in 2009 2010) max 5
  Gbps

63
Handset Applications

• Many handset applications mirror those of
  computers, e.g., managing ones schedule, Web
  browsing, etc.
• But handsets mobility is opening up new markets
• Global mobile gaming market value expected to
  reach 2.6 billion (3.27 billion) in 2012
• Global mobile advertising market value expected
  to reach 1.77 billion (2.23 billion) in 2012
• Also, handsets make mobile and location-based
  services possible, which well discuss next

64
Mobile Location-based Services

• Carnegie Mellon Universitys (CMUs) Human
  Computer Interaction Institute has developed
  several such services that well examine
• Mobile social computing
• inTouch Coordination for families, small groups
• Whisper Mobile Coordinating groups for social
  events
• Large-scale mobile collaboration
• Hitchhiking estimating places busyness
• Mobile data
• GurunGo Linking desktop, mobile devices
• Usable privacy and security
• Contextual instant messaging
• People Finder
• CMUs Grey resource-control system
• Memory support
• Memory karaoke

65
Mobile Social Computing

• Mobile social computing
• inTouch Coordination for families, small groups
• Whisper Mobile Coordinating groups for social
  events
• Large-scale mobile collaboration
• Hitchhiking estimating places busyness
• Mobile data
• GurunGo Linking desktop, mobile devices
• Usable privacy and security
• Contextual instant messaging
• CMUs Grey resource-control system

66
inTouch (1)
The inTouch service helps coordinate with others
while mobile

• Target Users
• Small to medium groups of people
• Fluid demanding schedule
• Many responsibilities
• Examples
• Dual-career families
• Work groups
• Ad hoc (e.g., conferences)

Mobility
Awareness
Messaging
67
inTouch (2)

• inTouch use case Suppose Vanessa is running
  late picking up her son Daniel. She can send him
  a text message telling him that shell be 15
  minutes late.

68
Whisper Mobile (1)

• Motivation Easily find, share, and coordinate
  friends for social events

69
Whisper Mobile (2)

• Creating an event is straightforward
• Minimal text input
• Use location, audio, camera to do so
• Then link it with inTouch

(a)
(b)
(c)
(d)
(e)
70
Large-Scale Mobile Collaboration

• Mobile social computing
• inTouch Coordination for families, small groups
• Whisper Mobile Coordinating groups for social
  events
• Large-scale mobile collaboration
• Hitchhiking estimating places busyness
• Mobile data
• GurunGo Linking desktop, mobile devices
• Usable privacy and security
• Contextual instant messaging
• CMUs Grey resource-control system

71
Hitchhiking (1)

• Many location-based services focus on where you
  are
• Hitchhiking looks at places busyness, e.g.,
• Is the café busy?
• How long are the airport lines?
• Approach estimate number of people in a place
  by counting number of handsets there and upload
  number and location to servers (anonymized for
  privacy)
• Locations can be viewed on a map, e.g.,
  Microsofts SensorMap

72
Hitchhiking (2)
73
Mobile Data

• Mobile social computing
• inTouch Coordination for families, small groups
• Whisper Mobile Coordinating groups for social
  events
• Large-scale mobile collaboration
• Hitchhiking estimating places busyness
• Mobile data
• GurunGo Linking desktop, mobile devices
• Usable privacy and security
• Contextual instant messaging
• CMUs Grey resource-control system

74
GurunGo (1)

• Goal Easily access useful info while mobile
• Motivations
• People print out online maps rather than copy
  them to handset (easier, small mobile form
  factor)
• People browse the Web differently on desktops and
  handsets
• GurunGo allows people to explicitly copy info to
  handsets, implicitly copy maps to handsets and
  generate speech-based directions

75
GurunGo (2)

• Example of speech-based directions

76
Usable Privacy and Security

• Mobile social computing
• inTouch Coordination for families, small groups
• Whisper Mobile Coordinating groups for social
  events
• Large-scale mobile collaboration
• Hitchhiking estimating places busyness
• Mobile data
• GurunGo Linking desktop, mobile devices
• Usable privacy and security
• Contextual instant messaging
• CMUs Grey resource-control system

77
Contextual Instant Messaging

• CMU developed a custom AIM client, bot that
  people can query howbusyis screenname
• Robot respects user-specified privacy settings
• Users can create groups, put screen names in them
• Users can specify what each group can see
• System generates audit logs for security

78
Grey Resource Control

• CMU developed a distributed handset-based
  resource control system
• Resources include office doors, electronic files,
  etc.
• Flexible, end user-specified policies
• Proactive Manually create policy before request,
  e.g., Alice can always enter my office
• Reactive Generates policy based on request,
  e.g., Can I enter your office?
• CMU connected Grey with Bluetooth-enabled office
  doors
• There were security and usability issues with the
  system

79
A Large-Scale Mobile App

• Gawker Stalker people spotting celebrities in
  New York City

80
Handset Security Issues (1)

• People store a wealth of information on their
  handsets and dont think about securing them!
• Naturally, this makes handsets targets for
  miscreants whether theyre script kiddies or
  Mafia cybercriminals due to whats stored on
  them
• Incoming, outgoing, missed calls
• SMS (text) and MMS messages
• E-mail
• Instant-messaging (IM) logs
• Multimedia, e.g., pictures, music, videos
• Personal calendars
• Address books
• Clearly, handset security is a vitally important
  challenge

81
Handset Malware History (1)

• Hackers are already attacking handsets
• Most well-known case a 17-year-old broke into
  Paris Hiltons Sidekick handset 58
• Less well-known worms, viruses, and Trojans have
  targeted handsets since 2004
• 2004 59
• Cabir worm released by 29A, targets Symbian
  phones via Bluetooth
• Duts virus, released by same group, targets
  Windows Mobile phones
• Brador Trojan released by same group, opens
  backdoor on Windows Mobile 63

82
Handset Malware History (2)

• 2005 60
• CommWarrior worm released replicates via
  Bluetooth, MMS messages to all contacts in
  address book
• Doomboot Trojan released claims to be Doom 2
  video game, installs Cabir and CommWarrior
• 2006 5960
• RedBrowser Trojan released claims to be a Java
  program, secretly sends premium-rate SMS messages
  to a Russian phone number
• FlexiSpy spyware released sends log of phone
  calls, copies of SMS/MMS messages to Internet
  server for third party to view
• 2008 61
• First iPhone Trojan released
• Of course, other mobile malware has been
  released some malware completely disables the
  handset
• There is also the possibility of mobile botnets
  62

83
Key Handset Security Problems

• At this point, mobile device capability is far
  ahead of security. Prof. Patrick Traynor,
  Georgia Tech (emphasis added) 62
• Handset information can be stolen 63
• Transient information Enhanced 911 can provide
  user location information
• Static information BlueSnarfing attacks
  (connection without owners knowledge), cracking
  Wired Equivalent Privacy (WEP) and Wi-Fi
  Protected Access (WPA) 64
• Theft of service attacks, e.g., premium-rate
  calls/SMS messages 63
• Denial-of-service attacks 63
• Flooding attacks overload the handset radio with
  garbage
• Power-draining attacks attempt to drain the
  battery
• Botnets and DoS attacks against networks are
  likely in the future 62
• Cybercriminals make 10 as much as security
  researchers! 69

84
Mitigation Strategies

• Handset manufacturers, OS software vendors, and
  researchers have worked to counter threats
• Symbian OS requires apps to be cryptographically
  signed in order for them to run without user
  approval
• Some handset manufacturers have joined the
  Trusted Computing Group (TCG) and added hardware
  to thwart malware tampering with the device 60
• The iPhone runs each application in a sandbox
  to prevent malware from running on the device
  68
• Heterogeneous handset OSes make massive malware
  outbreaks difficult
• Vendors like McAfee, Symantec, and Trend Micro
  sell security software for handsets F-Secure has
  bundled its software with Hong Kong provider
  CSLs handsets 65
• Researchers have worked on modeling malware
  propagation on networks, detecting power-draining
  attacks, etc. 6667

85
The Challenges Ahead

• Because the mobile communications field is
  evolving so quickly, it presents a unique
  opportunity to design security properlyan
  opportunity we missed with the PC. Prof.
  Patrick Traynor 62
• Since most people buy a new handset every 2
  years, its vital to ensure the security of
  handset hardware, OSes, applications, and
  networks while maintaining usability 62
• One suggested approach is to give handsets a
  hard power-off switch so they dont have power
  when turned off 63
• Academic research will play a key role in this,
  as will user education to counter social
  engineering
• Given the sensitivity of information stored on
  handsets, cybercriminals may well find effective
  ways to use them to continue their nefarious
  acts, e.g., bot herding, data theft, etc., even
  with different operating systems, power
  constraints, and carriers
• Though we may not hear news of handset attacks as
  often as those against (Windows) PCs, we cannot
  fall into a false sense of security

86
Questions?

• Thank you!

87
References (1)

1. T. T. Ahonen, When there is a mobile phone for
   half the planet Understanding the biggest
   technology, 16 Jan. 2008, http//communities-domi
   nate.blogs.com/ brands/2008/01/when-there-is-a.htm
   l
2. A. Wolfe, Is the Smartphone Your Next
   Computer?, InformationWeek, 4 Oct. 2008,
   http//www.informationweek.com/news/personal_tech/
   smartphones/ showArticle.jhtml?articleID210605369
   
3. J. L. Hennessy and D. A. Patterson, Computer
   Architecture A Quantitative Approach, 4th ed.,
   Elsevier, 2007
4. Research in Motion, BlackBerry 8700c Technical
   Specifications, http//www.blackberry.com/product
   s/pdfs/blackberry8700c_ent.pdf
5. R. Block, iPhone processor found 620MHz ARM
   CPU, Engadget, 1 Jul. 2007, http//www.engadget.c
   om/2007/07/01/iphone-processor-found-620mhz-arm/
6. Samsung Semiconductor, Product Technical Brief
   S3C6400, Jun. 2007, http//www.samsung.com/global
   /system/business/semiconductor/product/2007/8/21/6
   61267ptb_s3c6400_rev15.pdf
7. Wikipedia, iPhone, updated 15 Nov. 2008,
   http//en.wikipedia.org/wiki/Iphone
8. Wikipedia, iPod Touch, updated 14 Nov. 2008,
   http//en.wikipedia.org/wiki/ Ipod_touch

88
References (2)

1. N. Cubrilovic, Symbian Goes Open Source
   Courtesy of Nokia, TechCrunchIT, 24 Jun. 2008,
   http//www.techcrunchit.com/2008/06/24/symbian-goe
   s-open-source-courtesy-of-nokia/
2. Android An Open Handset Alliance Project,
   http//code.google.com/android/
3. Canalys, Global smart phone shipments rise 28
   Nokia retains lead, but Apple moves into number
   two position, 6 Nov. 2008, Press Release,
   http//canalys.com/pr/2008/r2008112.htm
4. Nokia, Nokia to acquire Symbian Limited to
   enable evolution of the leading open mobile
   platform, 24 Jun. 2008, Press Release,
   http//www.nokia.com/A4136001?newsid1230415
5. Wikipedia, Symbian OS, updated 13 Nov. 2008,
   http//en.wikipedia.org/wiki/ Symbian_os
6. Symbian Ltd., Symbian OS, http//www.symbian.com
   /symbianos/
7. B. Morris, Symbian OS Architecture Overview,
   Wireless Developer Forum UK 06, Symbian Software
   Ltd., http//developer.symbian.com/wiki/download/a
   ttachments/1376/Ben_Morris.ppt?version1
8. Wikipedia, Palm OS, updated 3 Nov. 2008,
   http//en.wikipedia.org/wiki/ Palm_os

89
References (3)

1. Wikipedia, Windows Mobile, updated 13 Nov.
   2008, http//en.wikipedia.org/ wiki/Windows_mobile
   
2. Wikipedia, Windows CE, updated 12 Nov. 2008,
   http//en.wikipedia.org/wiki/ Windows_CE
3. Microsoft Corp., .NET Framework Conceptual
   Overview, MSDN, 2008, http//msdn.microsoft.com/e
   n-us/library/zw4w595w(printer).aspx
4. Microsoft Corp., Microsoft Gives Students Access
   to Technical Software at No Charge to Inspire
   Success and Make a Difference, 18 Feb. 2008,
   Press Release, http//www.microsoft.com/Presspass/
   press/2008/feb08/02-18GSDPR.mspx
5. K. Haslem, Macworld Expo Optimised OS X sits on
   versatile Flash, 12 Jan. 2007, Macworld,
   http//www.macworld.co.uk/ipod-itunes/news/
   index.cfm?newsid16927
6. Wikipedia, iPhone OS, updated 16 Nov. 2008,
   http//en.wikipedia.org/wiki/ IPhone_OS
7. Apple Inc., iPhone Developer University
   Program, 2008, http//developer.apple.com/iphone/
   program/university.html
8. Apple Inc., Apple Developer Connection Web
   Apps Dev Center, 2008, http//developer.apple.com
   /webapps/

90
References (4)

1. Apple Inc., Apple iPhone Features Safari,
   2008, http//www.apple.com/iphone/features/safari.
   html
2. Apple Inc., Safari 3.1 Product Overview, Jun.
   2008, http//images.apple.com/safari/docs/Safari_P
   roduct_Overview20080602.pdf
3. Research in Motion, BlackBerry Mobile Voice
   System, 2008, http//na.blackberry.com/eng/servic
   es/blackberry_mvs/
4. A. Succo, RIM exec sees BlackBerry product as
   shaping telephony, 22 May 2008, InfoWorld,
   http//www.infoworld.com/news/feeds/08/05/22/RIM-e
   xec-sees-BlackBerry-product-as-shaping-telephony.h
   tml
5. Open Handset Alliance, Members,
   http//www.openhandsetalliance.com/
   oha_members.html
6. Open Handset Alliance, Overview,
   http//www.openhandsetalliance.com/
   oha_overview.html
7. Wikipedia, Android (mobile device platform),
   updated 16 Nov. 2008, http//en.wikipedia.org/wiki
   /Android_(mobile_device_platform)
8. Google Inc., What Is Android?, 2008,
   http//code.google.com/android/what-is-android.htm
   lruntime

91
References (5)

1. Wikipedia, Mobile radio telephone, updated 6
   Jul. 2008, http//en.wikipedia.org/wiki/0G
2. Wikipedia, 1G, updated 6 Aug. 2008,
   http//en.wikipedia.org/wiki/1G
3. Wikipedia, 2G, updated 18 Nov. 2008,
   http//en.wikipedia.org/wiki/2G
4. Wikipedia, 3G, updated 19 Nov. 2008,
   http//en.wikipedia.org/wiki/3G
5. Wikipedia, 4G, updated 11 Nov. 2008,
   http//en.wikipedia.org/wiki/4G
6. Wikipedia, Code division multiple access,
   updated 30 Oct. 2008, http//en.wikipedia.org/wiki
   /Code_division_multiple_access
7. Wikipedia, GSM, updated 14 Nov. 2008,
   http//en.wikipedia.org/wiki/GSM
8. Wikipedia, IS-95, updated 10 Oct. 2008,
   http//en.wikipedia.org/wiki/IS-95
9. Wikipedia, Short message service, updated 19
   Nov. 2008, http//en.wikipedia.org/wiki/Short_mess
   age_service
10. Wikipedia, Multimedia messaging service,
    updated 3 Nov. 2008, http//en.wikipedia.org/wiki/
    Multimedia_Messaging_Service
11. Wikipedia, Enhanced Data Rates for GSM
    Evolution, updated 19 Nov. 2008,
    http//en.wikipedia.org/ wiki/Enhanced_Data_Rates_
    for_GSM_Evolution
12. Wikipedia, CDMA2000, updated 17 Nov. 2008,
    http//en.wikipedia.org/wiki/ CDMA2000

92
References (6)

1. Wikipedia, Universal Mobile Telecommunications
   System, updated 18 Nov. 2008, http//en.wikipedia
   .org/wiki/Universal_Mobile_Telecommunications_Syst
   em
2. Wikipedia, W-CDMA (UTMS), updated 19 Oct. 2008,
   http//en.wikipedia.org/ wiki/W-CDMA_(UMTS)
3. Wikipedia, High Speed Packet Access, updated 15
   Oct. 2008, http//en.wikipedia.org/wiki/High_Spee
   d_Packet_Access
4. Bluetooth SIG, Basics, 2008, http//www.bluetoot
   h.com/Bluetooth/ Technology/Basics.htm
5. Bluetooth SIG, Profiles Overview, 2008,
   http//www.bluetooth.com/Bluetooth/
   Technology/Works/Profiles_Overview.htm
6. Wikipedia, Wi-Fi, updated 18 Nov. 2008,
   http//en.wikipedia.org/wiki/Wi-fi
7. Wikipedia, Wi-Fi technical information, updated
   31 Oct. 2008, http//en.wikipedia.org/wiki/Wi-Fi_T
   echnical_Information
8. WiMax Forum, Frequently Asked Questions,
   http//www.wimaxforum.org/ documents/faq/
9. Wikipedia, IEEE 802.11, updated 16 Nov. 2008,
   http//en.wikipedia.org/wiki/ 802.11
10. Infrared Data Association, Welcome to IrDA,
    http//www.irda.org/ displaycommon.cfm?an1subart
    iclenbr14

93
References (7)

1. Wikipedia, Universal Serial Bus, updated 19
   Nov. 2008, http//en.wikipedia.org/wiki/Usb
2. Screen Digest, iPhone breathes new life into
   mobile gaming market, 31 Jul. 2008, Press
   Release, http//www.screendigest.com/press/release
   s/ pr_31_07_2008/view.html
3. Screen Digest, Mobile media advertising
   opportunities The market for advertising, 2
   May 2008, http//www.screendigest.com/reports/
   08mobilemediaadvert/pdf/08chinacabletv-pdf/view.ht
   ml
4. B. Krebs, Teen Pleads Guilty to Hacking Paris
   Hiltons Phone, Washington Post, 13 Sep. 2005,
   http//www.washingtonpost.com/wp-dyn/content/artic
   le/2005/ 09/13/AR2005091301423_pf.html
5. D. Emm, Mobile malware new avenues, Network
   Security, 200611, Nov. 2006, pp. 46
6. M. Hypponen, Malware Goes Mobile, Scientific
   American, Nov. 2006, pp. 7077,
   http//www.cs.virginia.edu/robins/Malware_Goes_Mo
   bile.pdf
7. PandaLabs, PandaLabs Quarterly Report
   JanuaryMarch 2008, http//pandalabs.pandasecurit
   y.com/blogs/images/PandaLabs/2008/04/01/Quarterly_
   Report_PandaLabs_Q1_2008.pdf
8. Georgia Tech Information Security Center,
   Emerging Cyber Threats Report for 2009,
   http//www.gtiscsecuritysummit.com/pdf/CyberThreat
   sReport2009.pdf

94
References (8)

1. D. Dagon et al., Mobile Phones as Computing
   Devices The Viruses are Coming!, IEEE
   Pervasive Computing, Oct. Dec. 2004, pp. 1115
2. G. Fleishman, Battered, but not broken
   understanding the WPA crack, Ars Technica, 6
   Nov. 2008, http//arstechnica.com/articles/paedia/
   wpa-cracked.ars
3. CSL Unveils Mobile Security Service, China Tech
   News, 31 Mar. 2008, http//www.chinatechnews.com/2
   008/03/31/6562-csl-unveils-mobile-security-service
   /
4. C. Fleizach et al., Can You Infect Me Now?
   Malware Propagation in Mobile Phone Networks,
   Proc. of ACM Workshop on Recurring Malcode (WORM
   07), Alexandria, VA, USA, 2 Nov. 2007, pp.
   6168.
5. H. Kim et al., Detecting Energy-Greedy Anomalies
   and Mobile Malware Variants, Proc. of the 6th
   Intl Conf. on Mobile Systems, Applications, and
   Services (MobiSys 08), Breckenridge, CO, USA,
   1720 Jun. 2008, pp. 239252.
6. E. Sadun, Programming with Safety Scissors and
   Glitter Glue, Inside iPhone, 10 Oct. 2008,
   http//blogs.oreilly.com/iphone/2008/10/programmin
   g-with-safety-scisso.html
7. T. Claburn, The Cybercrime Economy,
   InformationWeek, 9 Apr. 2008, http//www.informati
   onweek.com/blog/main/archives/2008/04/the_cyber_c
   rime.html