TI teams to hang up cell phone crackers

Chipmaker Texas Instruments and chip designer ARM are working together to beef up security for handhelds following the emergence of the first virus to target cell phones.

The two companies, both dominant suppliers and designers of cell phone chips, are "burying the security into the hardware" where it's tougher to get at, Dave Steer, ARM director of segment marketing, said in an interview Tuesday.

Cell phones are typically secured by software that encrypts subscriber identity or the unique ID number of the phone. But increasingly savvy cell phone hackers have turned these once tight security measures into loopholes.

Because ID numbers are used as security gates for cell phone services, they can compromise customer accounts if they fall into the wrong hands. Cell phone hacking is a problem in Europe, for example, where thieves steal phones, change the phone identification number, then resell them after filling them up with pre-paid phone minutes.

In theory, consumers should be able to call up their operator, add the phone to a list of stolen equipment and have it deactivated. But that process breaks down when people can "crack these things and change these numbers," Steer said.

A hardware approach means hackers have to reprogram chips, which is much harder than untangling encryption, according to a TI representative.

The companies' announcement follows reports of Cabir, the first-ever cell phone virus, which surfaced approximately two weeks ago. The virus apparently uses the Bluetooth short-range wireless feature of smart phones that run the Symbian operating system to detect other Symbian phones. It then transfers itself to the new host as a package file.

Cabir poses little threat because the user of a targeted phone has to approve a download from an unknown source. But future viruses for cell phones won't be as timid, Steer said.

is there any list of threath for mobile?

I complitely agree with the view of this companies that are acting to defend form viruses in the mobile context.
My view is that, since the opening of OS in the smartphone (and in cellular phones in general) is increasing, the possible treath source will increase too very easly.
The facts are a testimonial that the above sentence is true:
- liberty troian horse for Palm
- timophonica for mobile phone
- 911 for mobile phone
- Flooder for mobile phone
- Phage Virus for PDA
- Vapor for PDA
- BlueSnarfing and Bonding in PDA
- Cabir

I think that this area will give a lot of work to the security engineer (and it is a good information for the workers!!).

The list I have included here is certainly incomplete.
Anyone is invited to give me information on where to find a complete list of viruses, troian, worms for mobile environment

best regards
Toni Ciccardi