Hi all S60 lovers and security people, my name is Jari Salomaa and I have the pleasure to begin blogging security on this blog as Neil moved on with his responsibilities at Nokia. Thanks Neil for starting this up and good luck with the new challenges.

As for myself, I am based in Mountain View, California and working in the mobile security area with our internal development activities and partners in the mobile security space. As I try to now revive this blog from some months of silence, I will faciliate recent and upcoming events, activities and developments in the mobile security space and of course where S60 is heading and would love to hear your comments, thoughs and feedback.

Please shoot your comments on what level of discussions (business, technical, reviews etc) you would like to see here and it gives me ideas on the content topics as we look into the next year and interesting new opportunities with Nokias Ovi and other things including available security applications on S60 and native security functionalities and architectures.

Please join the discussion!

I was asked to review Phone Guardian from Symbian Guru. This is a neat little security application which contains a couple of nice features. After installing to the phone, the user is required to set a master password and from the applications GUI the user is able to configure the application and set some custom parameters.

These features include:

1. The option to have the guard enabled or disabled
2. To have the phone automatically lock when the SIM is changed, or when an SMS is sent to the device, or both
3. Alarm on or off
4. User configurable lock message (free text field)
5. User configrable phone number where to send SMS's in the case an alarm condition is triggered
6. A configurable autolock period.

So how did I get on? I tested Phone Guardian on a standard Nokia E61 with the latest firmware. The Installation process was straightforward and easy and I set a master password. With regard to the configurable options, I set the guard enabled, the lock mode to activate on SIM change or SMS (both), configured another phone number in the alarm SMS field.

Then the fun part. I switched off the phone, inserted another SIM and rebooted. The normal boot process followed, I entered the SIM PIN the splash screen came and went and the main UI loaded. Then the phone started emitting this horrendously loud alarm noise with the lock code prompt! After a few seconds an SMS arrived on my other SIM.

The information contained within the Alert SMS is of real value since it contains useful information from every different SIM which is inserted into the phone. Information includes the date and time, the SIM ID, the phone IMEI and the CELL ID. The other thing I like about this feature is that a thief/finder of your phone is unlikely to be aware this software is running on your device and so they are probably oblivious to the fact their phone number is about to be sent off over-the-air - and at their expense too!

Areas where I think this software could be improved include the ability to lock access to the filesystem. With a pair of earplugs inserted and the alarm sounding, I plugged in a USB data cable to my PC and to the phone's pop-port and I was still able to dump the contents of the phone and memory card. So the ability to lock the filesystem is clearly a must. I was also able to perform a low level format (3 * and green phone button). Although the data is all wiped (bonus), once this is done the phone is still of value to the thief as all the default settings are restored.

At this point I want to mention some of the software security features that are already in S60.3, such as remote lock and lock on SIM change (Menu > Tools > Settings > Security > Phone and SIM > Allow Remote Lock). So if this feature were to be used in in conjunction with Phone Guardian, you would have a cheap security solution with the possibility to do a real remote lock (the native remote lock also locks file system access and stays locked - even if a low level format is performed).

However for Phone Guardian, this is version 1.0 and a good first attempt, so it will be interesting to see what enhancements will come in future versions. More info from Symbian Guru

So I got a phone call last week from someone who phoned to tell me about this new virus which they had discovered on the E61. The person went on to say it wasn't an isolated incident. I was told there were a couple of users in Europe who's devices kept making random phone calls, and in order for this event to occur it didn't ANY user intervention at all.

Furthermore, these calls were being made to completely random numbers and were occurring and completely different time. I was looking for patterns, so I requested more general information such as phone firmware, list of installed apps etc and the guy went off to collect this data.

After a few hours had passed I was contacted back. "It's OK Neil, we sorted it. It's not a virus at all"

So what happened?

It turned out the infamous Recording Button was the culprit. If you have early firmware (PR1 - meaning if it starts with 1.xxxx.xx.xx), then there is (dare I say) an 'undocumented feature' with regards to the functionality of Voice Tags. Let me briefly explain Voice Dialing: Holding down the Recoding Button invokes this feature. You say for example 'Fred' and it will look up and dial Fred from your phonebook - I am sure many of you are familiar with this feature.

It seems when Voice Dialing is run albeit deliberately (or in this case) accidentally, it will try to match the sound with a phonebook entry. If it doesn't find an exact match it dials what it thinks is the closest match. One can only assume it was not easy for the software to be able to differentiate between rustle (in your pocket) and Russell (your buddy). The problem here being that the program defaulted to dialing instead of resetting.

The good news is this has been fixed in the free PR2 firmware update so now it will default to not dialling at all if it doesn't find an exact match.

So the two solutions available for you are 1) upgrade your firmware to PR2 or 2) install a 3rd party automatic lock program such as the aptly named autolock from here which automatically lock the keypad after a pre-defined time.

Tip: If after reading this you decide to upgrade your E61 firmware, remember to take a phone backup first (Menu > Tools > Memory > Backup Phone Memory)

I thought I'd write about some of the new security features currently available in E Series phones - Terminal Administration Rights Model or TARM for short. I did a search on the internet and it didn't really yield many useful results so I hope this post will help raise awareness - because for enterprise security administrators, these features are great.

Let's take a typical scenario. You are responsible for security in your organisation and this includes a 5,000 mobile device fleet. Your mobile carrier offers Intellisync Device Manager (or maybe you even have a DM server in-house?) If the phones your employees are carrying are E Series devices then you have a host of great advanced security features at your fingertips.

You can for example enforce client application settings, such as removing the ability for an end user to disable their anti virus settings or removing the ability to uninstall applications.

In the UK, a mobile phone is lost or stolen every three minutes. For businesses, this is a growing concern we are storing more and more corporate data on our phones, and individuals typically posses one phone for both their business and personal life. My two personal favourites are Device Lock and Device Wipe. In the event a device is lost, borrow the nearest phone, call your operator or helpdesk and request your device be locked or if you are absolutely sure, wiped. And thats it. The result? You lost a $500 phone instead of your phone and the corporate roadmaps for the next 6 months or details on an unannounced product. Other interesting controls include Settings Enforcement and Corporate Policy Deployment. These features restrict the users ability to install applications, perform functions or modify the terminal settings in a way which could alter the terminal configuration in a way that might make it noncompliant with your security policy.

For more information on TARM and Device Management, follow this link

Hi Everyone,

For this, my 1st post, I just wanted to say to everyone and to thank Phil for giving me this blog - which I aim to use as a platform to voice my thoughts on industry news, reviews and help promote user awareness with regards to security on the S60 platform.