Silicon Shecky

Extra charges for single online pay, 4G outages, the FTC starting to look at their business practices. Verizon, what have you done?

I was going to give a review of the Motorola Droid Razor today, but decided to push that off. See the Razor is available only through Verizon, and I noticed yet the start of another outage of 4G services this morning. Verizon has said these outages are growing pains, and were the 4G network brand new, I would accept that, but it is not. Verizon has had their 4G network up for just over a year, and should know how to handle growth. They were the ones who didn’t have the issues AT&T had with the explosion of smartphones. Of course that was CDMA vs. GSM. Now its LTE vs. LTE, and AT&T might have the advantage.

See both are using the LTE network, which requires the use of a SIM card. AT&T, whose network is still known for poor quality, and lots of drops, at least has a head start in dealing with the issues of a network that requires the SIM cards. I wish I had proof, but it seems that the SIM cards, or at least networks that require them, are not as stable here in the States as a network like CDMA which has no SIM card. (At the time of writing this, the 4G network just came back up after being inaccessible for an hour). It would be interesting to hear from someone on the differences between the two networks and why the ones that need SIM cards seem to be more unreliable.

Now this is on the heels of the FTC announcing it was probing Verizon over the $2 convenience fee it was going to charge and then pulled back on. Verizon’s statement is that even paying online has its costs. And they are right, there is equipment and software costs, maintenance on the systems, and hardening the equipment against hackers and other forms of data breaches. Still the costs are the same, whether for an automated system or if people pay individually. That is, unless they have to use 2 separate systems, or the company that is processing the payments is charging them an extra fee. Either way, there are other options to reduce the cost. If you think about it from a security standpoint though, the single payment, which I use, is a safer bet, not just from people knowing they have the money in their account, but from a security breach standpoint.

Just think about it. If you sign up for Automated payments, Verizon and the third party who processes the payments, both have your bank account or credit card information saved on servers. These servers are supposed to be PCI compliant. Even if they are, PCI compliance is a joke. Think of the banks (all of which have to follow at least PCI compliance) or stores (Which have to be PCI compliant) or anything that does online transactions, and how many breaches we hear of. Now think about how many breaches we don’t hear of, at least not immediately. Now look at single payment options, where you can choose not to save the payment info on their servers. Yes there are still problems that can arise from man in the middle attacks, spoofed SSL certificates, etc.. but once you make that payment, the info is not supposed to be stored anywhere. That means if Verizon, or their third party payment processor, has a security breach, your payment information should not be compromised. In reality it might just me being paranoid, but from a logic standpoint it does seem safer.

Now, Verizon did withdraw the $2 fee idea pretty quick, but expect to see it show back up again and again. The bigger thing Verizon has to worry about right now is the amount of bad press they are receiving. They need to remember that pissing one customer off means that customer is going to tell their friends and family, and eventually it can and will take a toll on business.

The Touchpad isn’t completely Dead. Mostly dead, yes, but is it just a flesh wound? The Touchpad frenzy has proved a point, and now can HP, or any company, really capitalize on it?

Apple has been the cock of the walk, the king of the tablet, since the iPad came out. They came up with something that is a great idea which has spawned a whole tablet market. No competitor seems to be able to come up with anything to seriously threaten its dominance. Its not that the Android tablets aren’t good, it has to do with features, and more importantly price point. I touched on this when talking about the Nook Color in the past. HP though, unwittingly, came up with the plan. Something I had mentioned in those same posts about the Nook Color. Its the same thing that gave the PC the advantage in the PC wars back in the 90′s. that is price point.

I’ve been wondering when we would see a price point that would spur competition. Most Tablets are in the $400 plus range of price. The Nook Color, although a reader, is $250 and offers a lot of tablet features, but its App store is lacking. The demise of the HP Touchpad and the fire sale though has shown that for a lower price point, a tablet that doesn’t have as much app support can compete. Now imagine if you will what would happen if Android had a tablet in the $200 or less range. More people purchase it, more developers see a reason to write apps for it, and bingo, a true competitor to Apple can emerge. Amazon might do that with its rumored tablet, but no solid information on it is out yet.

The idea being that in a down economy that we are in does put limits on what people are willing to purchase. Done properly though, a low cost tablet can bring in a nice profit to a company. Yes they might loose on the initial hardware, but if partnered up with the developers, it can be possible to turn a profit through the purchasing of apps. It might mean the developer makes a little less, or the apps are a bit more expensive, say $2 for most apps instead of $1, but it is possible.

Barnes and Noble could have done it completely, instead of halfway. Now the question is will others learn from this or not?

We all know Social Engineering is the most commonly used way to spread malware. There seems to be a device that can help with that, as far as e-mails go. Its not a cheap form of protection though.

We all know that Social Engineering is the easiest way to spread malware. As P.T. Barnum said, “There’s a sucker born every minute,” and in the age of the Internet, it is even easier to get to those suckers. Pyramid Schemes, Malware, Phishing Attacks, all heavily rely on the mark being trusting. Anti-Malware, Firewalls, and security devices have always had a problem with this angle of attack.

Now a company called Cyveillance is touting a new appliance to help mitigate the Social Engineering front. Two problems though. First, like all first generation, innovative ideas, the cost is more than most people make in a year. Over $100,000 for the device alone, not including all the scan types, and extra protection licenses added on.

Second, it only scans e-mail. This is nice for those instances where it is e-mail that has a bad link, but a lot of the malware is coming through hijacked ads on websites. This device doesn’t take any of that into account.

More information is available here and here. Overall the idea of a device like this, or algorithms and heuristics that can defend on this front, and be reliable, is where we need to focus our defenses on. Hopefully, someone can go the next step on this. After all, we are only as secure as the weakest link in the chain.