Tag: technology

Ex-Nokia Engineers launch new Smart Phone

20131209-090336.jpg

Engineers who used to work for Nokia are hoping to grab a share of the lucrative and highly competitive smartphone market with a new handset, which is based on the former world No. 1 cellphone maker’s old software and is faintly reminiscent of its recent models.

The Jolla handset’s Sailfish platform has been developed from the MeeGo operating software, Nokia’s last open-source platform which it abandoned in 2011 when it switched over to using Microsoft Corp.’s Windows system.

The sleek 4.5-inch phone, which almost looks like it could be part of Nokia’s Lumia range, features an eight megapixel camera, supports fast 4G Internet connections and includes the well-received Nokia’s HERE mapping services that cover more than 190 countries.

But, unlike Nokia’s phones, Jolla is also compatible with more than 85,000 apps provided by Google Inc.’s Android, the popular and dominant operating system that has helped Samsung overtake the former Finnish bellwether to be the world’s largest cellphone maker.

Marc Dillon, head of Jolla software and one of four founders of the company in 2011, spent 11 years working for Nokia after moving from the United States. He says Jolla’s open operating system gives it an edge over rivals.

“We are providing a world-class choice … that is an alternative for consumers (and) that can be very agile and powerful,” Dillon said in an interview in a Helsinki office block previously occupied by Nokia employees before it laid off thousands. “For our operating system business we have a huge opportunity because there is currently one choice really available to every global mobile manufacturer and that’s Android.”

Other systems, such as Apple’s iOS or Microsoft’s Windows, can be carried only on handsets manufactured by those companies.

In a consumer test, the Jolla, which has a price tag of 399 euros ($540), didn’t seem to have much to make it stand out among other smartphones. Its camera is standard; it uses a MicroSD card; has 16GB of memory storage, with a talk time and battery time of some 9-10 hours. But it has nice touches, including multiple swipe features and a useful user-replaceable battery, unlike many other models.

Neil Mawston from Strategy Analytics near London says the Jolla is not “an iPhone or Samsung Galaxy killer” although it but could find a niche in the relentless smartphone race.

“At some point people will start looking for an alternative to Android and Apple so there might be an opportunity in this very cyclical market for Jolla to grab market share,” Mawston said. “But I think it will be two or three versions down the line before we really know whether Jolla or Sailfish is worthy of challenging Apple or Android or Microsoft.”

Finnish telecoms company DNA, which started selling the Jolla handset on Wednesday evening as hundreds lined up outside the Jolla-DNA marquee in the city center, said it had “thousands of preorders” in 136 countries, led by Finland, Germany and Britain.

The company Jolla, which now has more than 100 employees in Finland and Hong Kong, has found backers among Finnish and foreign investors, including Hong-Kong based China Fortune Holdings Ltd., but Dillon declined to give more information.

20131209-090342.jpg

MacDefender: No, Macs are not suddenly susceptible to viruses

MacDefender: No, Macs are not suddenly susceptible to viruses

The tech community is in a frenzy over malicious software called MacDefender that targets Mac users. While this is a new phenomenon, it has nothing to do with the security of Mac OS X. Macs are still not susceptible to viruses.

Ever since Mac OS X was introduced over ten years ago, Mac owners have watched from afar as Windows users have suffered through viruses and spyware. There are always bugs and holes in any kind of software, but Mac OS X has remained free of self-installing viruses for a decade. In light of the recent MacDefender outbreak, many people are declaring the end of Apple’s virus-free reign. The problem with these claims is that Mac OS X’s security has not actually been breached. In fact, users themselves are giving explicit permission for this software to install.

For those who are unaware of the MacDefender issue, many people with Macs have been coming across malicious webpages that trigger a download of unwanted, fake antivirus software. Many times, these webpages fraudulently claim that a security scan has found malware on the user’s Mac. The solution, they say, is to install their software, pay for it with a credit card, and run it to clean out the system. Obviously, this is all a big scam to get money and credit card numbers. The MacDefender program does absolutely nothing but pester people for payment and open adult sites if they don’t comply. While this sounds bad, there’s not much Mac OS X could have done to prevent it from happening.

MacDefender trojan for Mac OS X

Unlike Windows malware and viruses that install themselves with no interaction from the user, this new Mac trojan requires the user to do most of the work. Here’s what must happen for MacDefender to be installed on a Mac:

  1. The user must go to an infected website. Many people have come across these through Google Image searches, so it could happen to anyone.
  2. The infected page runs a script that downloads the MacDefender installer file. Most of the time, this is the end of the line. Nothing has been installed and the Mac has not been infected. Just drag the file to the Trash – no harm, no foul. However, if Safari is set to “Open ‘safe’ files after downloading,” the process moves to stage 3.
  3. When Safari is configured to automatically open downloaded files, the MacDefender file will launch the application installer. Even still at this point, nothing harmful has occurred. If the user wisely realizes this is not a trusted or desired installation, they can quit the installer. Again, the file can then be trashed and the whole thing can be forgotten. On the other hand, if the user chooses to click the buttons to select a destination disk and continue the installation, they move to stage 4.
  4. Mac OS X, as a built-in layer of security, will then ask for an Administrator password. The user must willingly enter this password to complete the installation, otherwise it will fail and MacDefender won’t infect the system. Some new variants of the MacDefender malware don’t require a password if an Administrator account is being used, though. But Apple has always recommended people create Standard user accounts for day-to-day use, which would still require a password. Regardless of the type of account, the user must still manually click through the installer to get to this point.
  5. Assuming the user has completed all of the previous stages and is using an Administrator account and/or has entered their password, the MacDefender trojan will finally be installed. At this point, adult sites and security scare tactics will try to persuade the user to provide their credit card information.

As you can see, the process a user must go through to infect their Mac with MacDefender requires a number of poor decisions. Specifically, decisions where the user explicitly circumvents Mac OS X’s built-in security measures and their own best judgement. This method is called social engineering – manipulating a person (by scaring them into thinking they are infected with a virus) into doing something they don’t want to do (installing malicious software that poses as something else). Social engineered malware differs from the majority of traditional Windows malware, which can install itself without the user doing a thing. MacDefender doesn’t take advantage of a weakness in Mac OS X, but rather a weakness in the user. That’s why Macs continue to be virus-free and third-party security software still isn’t needed for most folks.

Of course, that isn’t to say Apple can’t make some improvements. For one, the “Open ‘safe’ files after downloading” setting in Safari should not exist. It’s highly recommended that every Safari user go to the program’s Preferences menu and uncheck this option right now. Second, Apple should modify Mac OS X setup process to create a Standard user account by default. This is more secure because a password is required for all software installations under a Standard account. Administrator accounts should remain hidden so unknowing users don’t log into them for everyday use. Nonetheless, these are relatively minor gripes. The major issue here is training users so they are better prepared not to fall for social engineering scams.

To sum everything up, this is a human attack, not a computer attack. How can a Mac – or any piece of technology, for that matter – protect users from themselves? Aside from turning Mac OS X into a curated platform like iOS where every piece of software must be approved by Apple through the App Store, there is no way to do this. Users must stay aware of what’s going on and use their best judgement. If you don’t have antivirus software installed and you get a warning that a scan has revealed security issues, don’t believe them. If an installation starts and you don’t know what program it is or why it’s there, quit it. Most importantly, if something is asking for your Mac’s Administrator password and you don’t know why, don’t give it.