Blog

Home // Blog // Friday Summary: September 14, 2012

Thu, September 13, 2012

Friday Summary: September 14, 2012

By Rich

Rich here.

Way **way** back in my earliest Gartner days one of my first speaking engagements was a series of three-city tours where I was paired up with an extremely experienced telecom analyst. I was still in my twenties, and probably wasn’t qualified to wash my privates — never mind advise anyone on their security strategy.

This was an awesome training ground for a number of reasons. First of all, the stakes were low — these were smaller audiences, out for a free event. Second was all the practice I got, giving the same talk three days in a row to different groups. And it was great to work with an exceptionally good speaker with oodles of experience.

But that’s not what I’m going to talk about.

The best part for me, as someone with an unhealthy attraction to wireless devices, was spending time with someone who’d been on the inside of the telecom industry for over 20 years. The tech part I could understand easily enough, but the business side was far more fascinating than I expected. And this was after I had worked in Europe for a few months helping design the first system to sell and activate mobile phones over the Internet.

Nick hammered one rule into my head that hasn’t changed in the dozen-odd years since. “Telecom providers are greedy and stupid”. Every single decision they make is dependent on those baseline traits.

This is especially relevant as I try and figure out just what combination of iPhone 5 and data plan will best fit my needs.

First there are the relevant technology limitations. Such as the fact that LTE is a data-only standard, and carriers around the world haven’t really figured out the voice details. So the phones have to support their *old* voice and data standards (GSM or CDMA) *plus* LTE, and your phone might behave differently depending on your coverage. The best example is that Verizon only supports voice and data at the same time if you are on LTE, but not on 3G.

Then there are all the roaming agreements and spectrum issues for us world traveler types. Like when I was in Russia and it was $5 per minute for voice calls *on the discounted plan*. For comparison a satellite phone is around $1 per minute, but you need a clear view of the sky.

Then there are the plan and transition issues. All the carriers hooked us with unlimited data, then said “f*** off — you are over-using what you paid for”. So we have things like shared data plans, which look better but probably cost more for most people.

And then there is the very special case of AT&T, who will change their iPhone 5 signal indicator to a big fat middle finger. (Or the other 2-finger gesture, if you are roaming from the UK). Want FaceTime over cellular? Just switch to our more expensive plan and consider yourself lucky we **let** you install Angry Birds! You want 4G? Fine, we’ll change the display to say 4G to shut you up.

Not that Verizon is innocent. They might make a big deal over not restricting FaceTime, but they have to allow it (and Personal Hotspot) thanks to agreements they made with the US government for LTE spectrum. It’s only a feature because they were forced.

And those of you in Europe and Asia? Man, when I worked in Europe back around 2000 it was paradise compared to the US. Now I hear it’s more like paying for a high-priced dominatrix who beats the crap out of anyone else who looks at you funny. And that still beats Australian providers, who are friggin’ Mother Theresas compared to *Canadian* providers.

So I hear.

Then again, us Apple folks live in paradise compared to all the hacked-together Android phones you can’t update, which carriers load down with their “value add” user interfaces and crapware.

I don’t mind the carriers making money, and I don’t mind paying for my data, but they clearly haven’t figured out that brand loyalty and happy customers might, just possibly, come from a positive user experience beyond “Oh good, I didn’t lose this call.” Instead of adopting the traits that made Apple so popular, they are trying their damndest to maxmize revenue and reduce churn through penalty-based lockin.

But it could be worse. They *could* start smashing your head against a wall of glass shards while calmly stating “your call is very important to us,” like cable companies.

On to the Summary:

##Webcasts, Podcasts, Outside Writing, and Conferences

* [Mike quoted in this Silicon Angle series on CyberWars](http://siliconangle.com/blog/2012/08/07/cyberwars-caught-in-the-crossfire-cyberwars/). Probably too much hype here and overuse of buzzwords, but decent perspectives on the attackers. [Part 1](http://siliconangle.com/blog/2012/08/07/cyberwars-caught-in-the-crossfire-cyberwars/), [Part 2](http://servicesangle.com/blog/2012/08/08/cyberwars-2-welcome-to-the-wild-wild-west-cyberwars/), [Part 3](http://servicesangle.com/blog/2012/08/09/cyberwars-3-a-new-business-reality-cyberwars/)
* Rich quoted [about a not-so-great mobile study](http://securitywatch.pcmag.com/none/302447-problems-with-pew-s-mobile-privacy-study).

##Favorite Securosis Posts

* Adrian Lane: [The Five Laws of Data Masking](https://securosis.com/blog/the-five-laws-of-data-masking). I pulled another classic Securosis post for this week’s fave.
* Mike Rothman: [Incite 1/25/2012: Prized Possessions](https://securosis.com/blog/incite-1-25-2011-prized-possessions). Evidently we don’t blog any more (doh!), so we have taken to digging through the archives and highlighting pieces from the past. Here is an Incite I wrote back in January, and it reminds me of what’s important. To me, anyway.
* Rich: Mike starts his new DDoS series — [Defending Against Denial of Service (DoS) Attacks](https://securosis.com/blog/defending-against-denial-of-service-dos-attacks-new-blog-series)

##Favorite Outside Posts

* Mike Rothman: [It’s More Important to be Kind than Clever](http://blogs.hbr.org/taylor/2012/08/its_more_important_to_be_kind.html). Most businesses are always striving for improvement. But at what cost? This HBR post puts things in the proper context. _”Just make sure all their efficiency doesn’t come at the expense of their humanity.”_
* Adrian Lane: [Tracking Down the UDID Breach Source](http://intrepidusgroup.com/insight/2012/09/tracking-udid-src/). The thoughtful quest to figure out the UDID breach source. Well done!
* Rich: Verizon’s [third post in a series on opportunistic attacks](http://securityblog.verizonbusiness.com/2012/09/11/ask-the-data-on-opportunistic-attacks-part-3/). I may pick on the wireless side, but the Verizon Business security guys are our best industry source for data driven reports right now.

##Research Reports and Presentations

* [Understanding and Selecting Data Masking Solutions](https://securosis.com/research/publication/understanding-and-selecting-data-masking-solutions).
* [Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks](https://securosis.com/research/publication/evolving-endpoint-malware-detection-dealing-with-advanced-and-targeted-atta).
* [Implementing and Managing a Data Loss Prevention Solution](https://securosis.com/research/publication/implementing-and-managing-a-data-loss-prevention-solution).
* [Defending Data on iOS](https://securosis.com/research/publication/defending-data-on-ios).
* [Malware Analysis Quant Report](https://securosis.com/research/publication/malware-analysis-quant-report).
* [Report: Understanding and Selecting a Database Security Platform](https://securosis.com/research/publication/report-understanding-and-selecting-a-database-security-platform).
* [Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform](https://securosis.com/research/publication/vulnerability-management-evolution-from-tactical-scanner-to-strategic-platf).

##Top News and Posts

* [Security Explorations: Oracle Confirms Newly Discovered Java Vulnerability](http://news.softpedia.com/news/Security-Explorations-Oracle-Confirms-Newly-Discovered-Java-Vulnerability-291333.shtml).
* [CRIME attack and TLS/SSL](http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/).
* [Microsoft disrupts Nitol botnet.](http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx)
* [Congress looks to tighten email privacy.](http://www.macworld.com/article/1168574/congress_looks_to_tighten_email_privacy_law.html) PATRIOT act notwithstanding.
* [What it was like to be an actor in Sneakers](http://www.slate.com/articles/arts/culturebox/2012/09/robert_redford_sidney_poitier_ben_kingsley_dan_aykroyd_what_it_was_like_shooting_the_movie_sneakers_.html). The darn film *still* holds up well.

##Blog Comment of the Week

Nothing this week… methinks we need to blog more.

Blog

Friday Summary: September 14, 2012

Comments

Leave a Reply Cancel reply

Research

Firestarter: Multicloud Deployment Structures and Blast Radius

Firestarter: So you want to multicloud?

Firestarter: 2019: Insert Winter is Coming Meme Here

Firestarter: re:Invent Security Review

Firestarter: Hardware Hacks and Lift and Pray

Sign Up for Our Newsletter

Contact

About

Quick Links