brendanz.net

I woke up this morning to a rather pleasant surprise, pictured above.

I am currently checking with my Vodafone account mangers to see if they have finally launched their long awaited upgraded to their existing GPRS network.

If this is indeed the case, it will be appreciated by many people with 2G handsets. And also for people like me who prefer to use 2G even though they have a 3G handset and those who prefer to use 2G to get a far better battery life!

For those that don’t know, AAPT use the Vodafone network.

UPDATE 1: I live in Wollongong and travel to Sydney for work, and I lost the EDGE signal just past Thirroul. It was only GPRS from Waterfall to Sydney. In the Sydney CBD I am only getting GPRS.

UPDATE 2: I have confirmed with a friend of mine who also lives in Wollongong that he is also using EDGE. He quotes “It’s solid, latency is not high. Seems to be perfect for mobile devices. It’s as good as it was in Singapore and Hong Kong when I was there last”.

UPDATE 3: It looks like that this  is going to be slowly made available in regional areas. No EDGE in the city, as far as we know.

Was it just me, or did anyone else think “Wow, those guys should really be using two factor authentication” at the start of the book/movie?

For those of you that haven’t seen it or read the book, the opening scene begins with a guy breaking into an area that is secured by a retina scan (eye scan) system. This guy gets in by killing and then ripping the eye out of a doctor who has access to the system, and using that to enter the secured area. Yeah a bit gross and extreme, but a valid lesson can be learnt here.

The ever increasing investment in authentication technology such as reliable and accurate retina and fingerprint authentication can make IT departments forget the importance of two factor authentication. Some places that I have worked in previously only required one form authentication – “something you are” – such as a retina scan or a fingerprint reader. This really doesn’t cut it. For places like banks and other financial institutions, there should definitely be more consideration on these matters, especially considering how easy it is to fake a fingerprint. (A quick Google search reveals several quick guides on how this can be easily).

In this Dan Brown example, an additional layer of security with a 6 digit pin code would make it much harder. Even if the burglar tortured the doctor into revealing a password, for example, there would still be more time to raise the alarm after the body was discovered.

As I turned to my girlfriend in the movies, I was about to explain all of this to her. But I wisely put the geek subject aside, as I’m sure she wouldn’t appreciate me ruining another movie by pointing out a technical flaw!

More on this soon(ish).

RIM has finally announced the long awaited BES 5.0, which sports a few interesting features including

• Retrieve corporate documents behind firewalls
• Add, read, rename and delete folders on the handset and have those changes be applied to the desktop email client
• Create rules within the inbox to filter email and have those changes be applied to the desktop
• View attachments in calendar entries and meeting requests
• Download and store emails and email attachments onto microSD cards

They are a fair while behind schedule, although, I do believe that HTML email and remote server search were originally going to be implemented in BES 5.0 too, however they were included in a service pack. I will be interested to see the pricing schematics they have in mind for it – perhaps in order to upgrade to BES 5.0, it may be a one off fee, similar to going from 4.0 to 4.1. I hope they don’t increase the CAL prices.

A highly coordinated attack on dozens of ATMs around the world happened last night. A company called RBS WorldPay has service which allows employees to be paid onto a system similar to debit-card accounts, that can be used from most ATMs.

Someone hacked into their site and found several vulnerabilities that were exploited, allowing people to use fake cards to withdraw money from people’s accounts. Additionally, they also found a way to remove the maximum withdrawal limit so they  could essentially take out as much money as the ATM had. Reportedly 130 ATM’s were targeted for a total of 9 million dollars – roughly $70 000 per ATM.

So far, the FBI have made no arrests and have no leads, other than the pictures of people at a few of the ATMs. A class action lawsuit has already been filed.

Initial thoughts were had that it was organised by the mob, but it does seem a little too dispersed. A few users comments on Slashdot posted a much cooler alternative – that it was a group of hackers with a small, organised worldwide user base. Wouldn’t surprise me either way.

Imagine how the phone call would have went to the CIO in wee hours of the morning!