Kevin Kealy of AT&T: New Technology Often Has Unforeseen Consequences

Chief security scientist says with technology, like mobile phones, being used for more purposes, beware of misuse and negative consequences.

by / May 14, 2009

SACRAMENTO, Calif. -- The convergence of devices -- like cell phones, PDAs and pagers being combined into one -- can lead to misuse and unintended consequences, said Kevin Kealy, chief security scientist of AT&T Labs, at the Conference on California's Future in Sacramento. The more devices that are combined into one piece of technology, the more unintended consequences will follow.

Kealy gave the example of people hacking Apple iPhones to run programs like the operating system Linux. Using Linux on the iPhone isn't an original purpose for having the mobile device, but it has become an unintended use.

Kealy said data networks being changed to handle other functions, like carrying fax and voice traffic, is another new technology that can have negative consequences. Although voice over Internet protocol (VoIP) can offer cost savings, don't forget the vulnerabilities that come along with it. For example, he said many people assume VoIP works like a traditional phone. However, it actually works like a computer, and many VoIP phones aren't encrypted, so anyone with the right tools can listen to conversations.

Advice for Bluetooth Users

When California instituted the Wireless Communications Device Law that required drivers 18 and older to use a hands-free device when talking on their cell phones while driving, many people turned to Bluetooth devices, which allow electronic devices to communicate wirelessly. Many people may not think about how secure their conversations are when using a Bluetooth device.

Kealy said the devices run on the same frequency as Wi-Fi and usually have a 150-foot range, making it easy for people to hack in and listen to conversations. He warned government users to never discuss anything expensive, confidential or embarrassing when using a Bluetooth device.

Attackers also can download the last-called list or contact list from a mobile phone without users' knowledge or consent. Kealy said this happens so frequently that it has been termed "War nibbling." Attackers also can access mobile phones through Bluetooth to make outgoing calls and send text messages from an unsuspecting person's phone number.

He said the newer versions of Bluetooth are addressing security issues, but users must be careful.

Protecting Your Devices

Other security tips Kealy offered include:

  • Ensure laptop and PC cameras are turned off or covered up if possible to keep people from accessing them from a wireless connection. The cameras can let attackers see the computer's user or into the house.
  • Keep automatic updates turned on to ensure security patches are up to date.
  • Ensure spam filters are updated.
  • When sending an e-mail with the blind carbon copy option, use the same caution as you would when using the carbon copy option because they can be counted as spam.

"Every layer of security will keep somebody out," Kealy said. He added later, "Nothing that you do will ever be 100 percent effective."

Elaine Rundle Staff Writer
Platforms & Programs