security, technology

Top 5 Technologies Helping to Shape the Future of Mobile

MobilityCommunication and mobility has changed drastically in the last ten years. We no longer use the cell phone as a means to simply place a phone call but rather it has become our moving office. With access to email, calendar and time management, internet research, online entertainment, fitness and health management, connecting with friends, or ranting on Twitter, the mobile device has become an extension of ourselves. Ofcom research from 2017 supports that mobile has overtaken the desktop as the main way users across the globe are accessing the internet. This is an important note for technology teams that support mobile or are tasked with creating the next big mobile application. Let’s take a look at how today’s technologies are shaping tomorrow’s mobile use.

  1. Mobile Security Solutions

mobilesecurityPopularity for mobile or wireless security solutions will increase as the sheer number of targets are available for compromise. Although mobile malware is a rare concern these days, it won’t be long before we hear about more targeted mobile attacks.  The chance for brand damage through data leakage, Wi-Fi interference, out-of-date devices is a growing concern as more mobile and IoT devices connect to the corporate network. Think about it. If the biggest threat is the user itself, and with mobile devices superseding the desktop for internet access, the target for cybercriminal activity will shift. CSO online states, “Human attack surface to reach 6 billion people by 2022. As the world goes digital, humans have moved ahead of machines as the top target for cyber criminals. There were 3.8 billion internet users in 2017 (51 percent of the world’s population of 7 billion), up from 2 billion in 2015.” [Source]

The threat to our daily communication and data continues to evolve and mutate like a living organism trying to find its way in an unknown environment. More than ever, security is and should be top of mind for any technology professional.

  1. Application Development

There will also be an enterprise race for mobile applications that help transform our lives. As the tools to design and create mobile apps rapidly change, the more advanced, more complex apps introduce new technologies like virtual assistants or AI bots designed to provide the ultimate experience by exceeding customers’ expectations. This is another technology wave sweeping over us as mobile moves to deliver amazing, consistent experiences to consumers while building brand equity. Combine apps with new-age technology like AR or VR and the stickiness is boundless for businesses and possibilities for users, endless.

  1. Analytics

analyticsThey are always watching, but in a good way. Along with a sweet mobile app, understanding the consumer behavior behind the app is the key to being able to deliver a delightful experience. Analytics applied to applications can offer insight into market, behavioral, and operational knowledge which can lead to better business decisions for the products or services offered.

  • Market – How many users using the app? Where are they located?
  • Behavioral – How is my user interacting with my application? How can I help direct them?
  • Operational – How is the performance of the application?
  1. Wearables & IoT

We’ll start to see an increased use of wearables and IoT making its way into the workplace. “Gartner expects wearables to have a 24% compound annual growth rate (CAGR) in revenue through 2020, reaching a total market value of $62 billion.” [Top 10 Technologies That Are Defining the Future of Mobility, Gartner, July 2018]

Wearables

Wearables like smartwatches, head-mounted displays (HMDs), and smart clothing is offering up unique opportunities and functionality for hospitals, service management, warehouse logistics, and even enabling a service technician doing repairs in the field. To sweeten the pot, integrate wearables and IoT with mobile for many productive roles within the business. When you connect the ‘things’ through one cohesive platform, like mobile, you can begin to perform greater functions like mass configuration, management, and monitoring to deliver business-based benefits. Think about sensor data delivering an alert to a technicians’ mobile device because the data center’s climate control has reached its threshold. This also provides a less intrusive avenue for alerts and notifications of those wearables and IoT devices.

  1. AR & VR

More AR & VR programs will make their way into mobile applications. What does that mean exactly? Often confused with each other, augmented reality or AR refers to the digital content overlaid on the real world and virtual reality or VR is a simulated, digital environment that shuts out the real world. Both technologies build on immersing the user in either an augmented (real) or virtual (fake) world and can be implemented through a mobile application.

loreal_arA great example of an augmented reality (AR) app is what L’Oreal has done in the beauty and makeup marketplace. You can take a picture of yourself with their app and then augment your hairstyle or try different shades of makeup to ensure the ‘right’ look. This ultimately leads the user to that perfect shade of eye shadow, enhancing the customer experience and inferring brand imprinting. AR applications present real-world opportunities for businesses to interact with their customers in a new, transformative way while also establishing brand delight.

Virtual reality (VR) is also making its way into marketing and branding efforts. A good example of this happening is in the automotive industry where manufacturers create a virtual experience of what it’s like to drive their car in an effort to increase sales. The introduction of this new technology is literally driving new experiences which have significant impact on brand and consumer awareness. Widespread adoption of VR will be much slower than AR because of the hardware requirements. However, the market impact of these technologies will be plentiful in a few years. “By 2020, the economic impact of virtual and augmented reality is predicted to reach $29.5 billion.” [Source]

Most often the future of technology is predicated upon forecasts, new development, and exploration.  Technology will always move forward, and the future of mobile technology will continue to pioneer uncharted lands and unveil new ways in which we will work and live.

Advertisements
security, technology

Meltdown & Spectre: A New Dawn

Meltdown and Spectre dominate the security news and the more I delve into it, the greater the understanding of the depth and breadth this now means for the future landscape of device security.

meltdown-spectre-kernel-vulnerabilityTurns out the three variants of side-channel attacks, Meltdown and two different for Spectre, were discovered back in June of last year [2017] by researchers using speculative execution, which is where processors execute on code and then fetch and store the speculative results in cache. It’s a technique used to optimize and improve the performance of a device. What is important to note with Spectre is that it puts users at risk for information disclosure by exposing the weakness in the architecture of most processors in the market, and the breadth is vast: Intel, AMD, ARM, IBM (Power, Mainframe Z series) and Fujitsu/Oracle SPARC implementations across PCs, physical and virtual servers, smartphones, tablets, networking equipment and possibly IoT devices.

Currently there are no reported exploits in the wild.

Of the two, Meltdown is the easier one to mitigate with operating system updates. AMD processors are not affected by Meltdown. Please see below for Microsoft KBs related to Meltdown. Spectre is a bit more complex to resolve because it is a new class of attack. The two variants of Spectre both can potentially do harm like stealing logins and other user data residing on the affected device. Intel, ARM, and AMD processors are affected by Spectre. Recently, Microsoft released another emergency update to disable Intel’s microcode fix. This original update was meant to patch for variant 2 of Spectre. Unfortunately, that update had adverse effects as there were numerous reports of reboots and instability, so Microsoft issued an out of band update to disable.

Things are still evolving around Spectre and while operating system updates and browser updates are helping to patch for Spectre, it is being reported by some sources that a true fix may be an update to the hardware (processor) itself.

The following is a chart* to clarify each vulnerability:

Meltdown Spectre
Allows Kernel Read Yes No
Patched with KAISER/KPTI Yes No
Leaks User Memory Yes Yes
Executed Remotely Sometimes Definitely
Likely to Impact Kernel Integrity Browser Memory
Practical Attacks Against Intel Intel, AMD, ARM
*Chart is courtesy of SANS/Rendition Infosec. See full presentation here.

The following is list of Microsoft Windows KBs for Meltdown:

Operating system version Update KB Superseded Patch
Windows Server, version 1709 (Server Core Installation) 4056892 4054517
Windows Server 2016 4056890 4053579
Windows Server 2012 R2 4056898 N/A
Windows Server 2012 Not available N/A
Windows Server 2008 R2/Windows 7 SP1 4056897 4054518
Windows Server 2008 Not available N/A
Windows 10 for 32/x64-bit Systems 4056893 4053581
Windows 10 Version 1511 4056888 4053578
Windows 10 Version 1607 4056890 4053579
Windows 10 Version 1703 4056891 4053580
Windows 10 Version 1709 4056892 4054517

Microsoft has also recently released a cool new dashboard that uses analytics to help discover vulnerable devices and helps assess whether those devices are susceptible to Meltdown and Spectre. You can get that here.

It will be important over the next few weeks to stay on top of any breaking news around Meltdown and Spectre. Mitigation efforts should be underway in your IT organization to prevent a future zero-day attack.