Regulators should put wireless operating systems on probation

The regulators like the CRTC, Ofcom, FCC should be concerned with the opening up of wireless phone operating systems. It is a hacker's dream come true and will likely create vulnerabilities that are beyond the control of a telephone company's ability to secure, operate or manage if hacked.

Telephone systems have been hacked and broken into long before edge devices such as mobile phones, smart PDA and handsets came along. But these systems required specific knowledge, and often breaches of security occurred because of careless security procedures that only impacted a single location such as a PBX of a corporate office. In the past we have seen hacked voice mail systems such as the famous cell phone eavesdrop on Carly Fiorina, who was using an older generation cell phone that was simply listened to while she retrieved her voice mail. Initially it was thought that the actual Voice mail platform was hacked into. Voice mail has been hacked into before and is only as good as the policies that are implemented. In both circumstances, the possible security problems are now real problem when applied to wireless phones. The new Droid software released by Google presents a new era of security problems both for cellular carriers and users alike.  By no means are they alone: RIM, Apple and others face the same issues and should be aware of the path they now should be responsible for.

Responsible you ask - for what? Software applications are an area that most consumers and user have little expertise in.  The vulnerabilities already present in the internet PC world is past epidemic portions and now reaches pandemic proportions; viruses, denial of service attacks and so on. Mobile phones are now as easy to manipulate as a PC. Many already argue that the wireless phone is the next hunting ground for hackers.  Scott Totzke, RIM's vice-president of BlackBerry security, said hackers could use smart phones to target wireless carriers using a technique similar to one used in assaults that slowed Internet traffic in the United States and South Korea in July.

There should be a set of standards and verification tools that regulators use to verify software code on a phone and must be LOCKED DOWN prior to release. Because a wireless phone has access to both communications platforms - the public switched telephone network (PSTN) and internet, the danger is significant and no software application should be released without vetting its ability to withstand attacks to and from the user's device. There is a genuine threat to national security of every country's phone network. There should be penalties for software applications that create vulnerabilities impacting the telephone network. Imagine if 911 / 999 call centers were purposely hit with attacks as one example or worse, your ability to call 911 was blocked because of a rogue software application.