Well, kind of. Parallels 6 has been released, and along with it, Parallels Mobile. Parallels Mobile allows you use an iPod Touch, iPhone, or iPad to remotely access a virtual session running in Parallels on a Mac. An active Parallels account and a registered virtual machine are required. Also, requires 3G or WiFi. This is essentially a remote desktop connection to a running virtual machine on the Mac and I’m not sure how useful it is, but watching Windows 7 using gestures on an iPad makes the video below very enjoyable on many levels.
Apple has announced a sudden reversal in its development conditions for its mobile devices today. Back in April, Apple announced that the only development platform that could be used to create apps for its mobile devices was the Apple SDK (software development kit), which only runs on a Mac. Fortunately, Cupertino has had a change of heart. It is now just fine to develop apps with other development platforms, provided the apps don’t download any code. Time will tell how badly the ‘no download’ condition will hamstring developers, but this is a move in the right direction.
Apple says that it has “listened to our developers”. I’m not quite sure who they were listening to back in April when they pulled the plug on third-party development platforms. Perhaps what they heard as they listened this time was the footsteps of developers heading to less restrictive platforms such as Android? Regardless, it’s a win for pretty much everyone. Adobe wasted no time in responding with glee because developers can now develop for iOS with Flash Professional CS5. Note, that doesn’t mean that Flash will work in your web browser on your iOS devices now, it just means more sales for Adobe’s development platform. Ultimately, it’s a win for users. More developers will be able to develop for iOS devices now, and that means more apps for users of the iPhone, iPad, and iPod Touch.
In addition, Apple has announced they are publishing guidelines for how the app store review process works. This is designed to give developers a better idea of how the review process works and presumably a better shot at getting their apps approved.
It’s been rumored for quite a while that the next iPad will ship with a front facing camera and FaceTime. As of now that’s still, well, a rumor. However, the folks at 9to5 Mac and CrunchGear are posting the picture to the right and reporting it is a video chat debug in the next generation iPad firmware. It’s such an obscure shot that I can’t believe I’m even talking about it, but it would seem the next logical step in the iPad’s evolution. This brings a few question to mind. Upgrading my phone every couple of years seems fairly logical because they take a lot of abuse and they are subsidized to the point of being fairly inexpensive. What about the iPad? It’s a larger investment. How often will iPad owners be willing to upgrade? Also, with a slew of pads reportedly rushing to the market based on Android, WebOS, Windows 7, etc., is anyone going to beat Apple to the punch by including a front facing camera and video chat software? If they do, does it really matter? Is FaceTime already king? Apple has promised to release its protocol secrets for FaceTime. If they follow-up with that, we may see some wonderful interoperability with other devices. If they don’t release the protocols, will they release FaceTime to other platforms? So many questions from the possibility of simply adding a camera to a tablet.
What are your thoughts on this? I’d love to hear your comments.
According to PreCentral and intomobile, HP has officially confirmed a tablet based on WebOS. No information on pricing or delivery just yet other than early 2011. Will HP throw up a worthy competitor to the iPad or will it be an also ran? Time will tell.
NFC World is reporting that Apple has picked up NFC (Near Field Communication) expert Benjamin Vigier as their new mobile commerce product manager.
What’s that all about?
Near Field Communication is close range wireless technology that allows two devices to transfer data at close range (about 10cm), which basically means you tap them together to move information. Apple’s hiring of Vigier along with a fistful of NFC patent applications would indicate that Apple is looking to add this technology to a future iPhone, perhaps even the next iPhone. TechCrunch is reporting that Apple is already testing hardware from NFC hardware leader NXP.
What does that mean to me?
Short term, it should mean that you’ll be able to pay by tap and go with your phone at Apple partners through your iTunes account. Of course, we’d imagine that the Apple Store would be first in line. Go in, grab your new MacBook Pro, fire up the checkout application on your phone, tap your phone on a pad at the sales counter, and walk away. The technology could be used anywhere from coffee shops and newspaper stands to big box retail to about anything you can buy with a credit card. People could exchange business cards with a simple phone tap.
Longer term, imagine smart shopping carts that cross items off your list as you put them in the cart. How about avoiding the lines and tapping your cart to checkout? I would imagine it will take some convincing to get retailers to start ripping out their checkout counters, but that’s the kind of stuff that is possible with NFC.
Apple won’t be the first to bring NFC to a mobile phone. There are already a handful of phones that are equipped with the technology. But, Apple will bring a ease of use to the equation and some big backing. With 150 million iTunes accounts, the momentum should be there to get retailers on board. Of course, you can expect Android and the rest of the phone world to step it up as well.
Personally, I’m not excited about paying by phone. I don’t find paying by credit/debit card or cash to be an excruciating process. NFC should be faster, but by how much? If I have to pull up the app on my old 3G, it could actually be slower. However, this is the future and I do see some other interesting uses for the technology. If you embrace it, be sure to check out my post, Personal Insecurity and lock down your phone.
In a report by security company M86 Security, organized crime is using a new trojan variant called Zeus v3 to infect unsuspecting web surfer’s machines, then steal their online banking credentials. Once the credentials are obtained, they are then used to drain your account. This is a very sophisticated and organized attack. It’s not something that the kid down the street who hasn’t come out of his basement in three years is capable of pulling off. M86 has posted an in depth whitepaper on the matter which can be found here. The report is both fascinating and disturbing.
For those who don’t wish to commit the time to understand all of the fine details about how the attack works, I’ll lay out the short version here. First, the bad guys infect legitimate ad servers. These are machines that serve the advertisements to websites you regularly visit. From there, the infected servers start pushing out the trojan to computers visiting LEGITIMATE websites. The trojan is delivered via advertisements through the infected ad servers. That’s really the beauty of delivery. They deliver the payload to infect your computer through regular websites because the advertising on them comes from somewhere else. The ad servers are infected the same way your home computer gets infected. Somewhere along the line, a vulnerability wasn’t addressed. This can happen for a number of reasons. The operating system wasn’t patched, a firewall rule wasn’t enforced, etc. Once the trojan is delivered to the home users computer, it simply waits until the unsuspecting user logs into their bank account via a web browser. That’s when it sends the credentials to a command and control (C&C) server. Later, after it analyzes the information (bank name, country, etc) the C&C server communicates back to the victim’s computer and has it initiate a bank transfer. It will drain the victim’s account, siphoning it off and covering tracks along the way. Then, to put the cherry on top, when the victim logs back into their bank, the traffic is diverted to the C&C server where a fake statement is generated, thereby fooling the user into thinking they have money in their account.
This is a brilliant and complicated scheme. The money trail is like following a single noodle through a bowl of spaghetti. Thus far, attacks have primarily been on UK bank accounts, but don’t let that make those of you outside of the UK feel good. This could very easily be perpetrated elsewhere. To compound the matter, this particular attack seems to be very good at getting past the major virus scanners.
That’s the bad news. The good news is, we can make it very hard to fall victim to this type of attack. If you don’t bank online of course, you are immune. If the benefits of online banking outweigh the risks, you can still protect yourself. First, you should be following ALL of my advice in my recent post Lock Down!. This alone will dramatically reduce your chances of infection by the trojan. Another option is to switch to a Mac or use Linux. While not immune, these operating systems are much more difficult to infect because of their Unix heritage and because they just aren’t as popular as Windows. Windows is the low hanging fruit for virus writers. Linux has become very easy to use and most versions of it are free. I have my computer setup to give me a choice of booting to Linux or Windows. That’s pretty easy to do. Third, you could use a boot CD as I described in my post A Temporary Solution for your online banking activities. While not as convenient, you won’t be at risk of infection. This is the safest option next to just not banking online at all.
We spend a lot of time talking about avoiding viruses, phishing scams, and laptop security. These things are all very important. But, if you own a smartphone, chances are, you’ve got a much bigger security risk in your hands. Consider how easy it is to lose your phone or have it stolen. It’s compact and fits neatly into the palm of your hand, or a bad guy’s hand. It’s easily set down and easily walked away from. It’s easy to pull from a pocket or purse. It’s easy to have knocked off of your belt in a crowded area. In short, it’s easy to be separated from your mobile phone.
So, what’s so bad? I call my carrier and they lock the phone right? Well, kind of. Part of that depends on how quickly you can get to your carrier and just because they can clamp down on somebody sending calls out, can they stop them from using WiFi? Let’s say you give a thief just one hour. What can they do? Well, if you store your username and password in your web browser or apps and you haven’t locked your phone, they can do plenty. People are doing real work on their mobile devices these days. As an example, let’s suppose that I stored my credentials in all of my apps, then left my phone on the table at a restaurant. I know, shame on me for even having it out at a place of dining! What could you do with my phone? Well, depending on the apps I have installed, you could take all of your friends to the movies on me, drop in on my brokerage account, drain my checking account and saving account, wreak havoc on all of my social networks, take over my satellite receiver, make changes to my mobile phone account, and worst of all you could run amok on this blog! That’s some serious damage pretty fast! All of those are just examples. Depending on what apps you are running, the damage to you could be much worse. We haven’t even talked about storing your username and password to your most frequented websites or that all of your contact’s information such as work and mobile numbers has just been given up!
So, what to do? Well, first, take an inventory. What apps have you installed? What websites are in your history and your list of favorites? What is your risk if your phone is lost or stolen? If you are uncomfortable in the least at that thought, you have a couple of options. First option is just to not save credentials. Don’t allow any of your apps or the websites you visit to remember your login information. That won’t make your friends any happier when some creep is calling them on their mobile phone because they got it from your phone, but that’s your call. If you absolutely must store information, you’ll need to set a password for unlocking your phone. This is going to be less convenient than not storing your credentials because you will have to enter that code to use your phone for anything, including simply making a phone call (who does that?). There are multiple levels here. Some phones will only let you enter a four digit numeric pin. Better than nothing, but for the more paranoid (used in a good way here) some phones allow you to use numbers and letters. Using a combination of numbers, uppercase letters, and lowercase letters makes the password harder to crack. In addition, some phones allow you to hard lock the phone after a certain number of failed login attempts, which means the phone will no longer accept a password attempt and is therefore useless. The iPhone has a setting that will erase the phone after 10 failed password attempts. Both of these options mean you will want to backup your phone to your computer very regularly. If your phone is locked or erased, chances are it’s going to end up in a dumpster somewhere and not back in your hands. If you want full on paranoia, opt for a solid password using a combination of numbers and letters, lock down or erase after a number of failed attempts, and don’t store your credentials in apps or the web browser. That is certainly not going to be the most convenient phone to use, but if you do lose it, you’ll be able to breath a little easier. You will have to find the level of balance that is most comfortable for you. Just don’t make it easy for the bad people. You could just drop the data plan altogether and not worry about it, but that would be just icky! And of course getting a smartphone without a data plan is becoming increasingly difficult.