Life, Connected by Ozzie Diaz

Prepaid mobile services have been around for quite some time in many countries worldwide. This financial model offers cellphone services for those that either cannot or choose to not opt for postpaid plans. Pay-as-you-go of sorts. This was the first plan my kids got on cellphones and as their financial ability, but at least as important, their usage increased, they then migrated to postpaid plans with the appropriate size buckets of voice minutes and SMS texts (for my daughter, UNLIMITED!).

As long as the plan had the right balance of bucket size and payment size (a perceivably good price-performance on what you get), then prepaid remains an attractive option for many of us. Usually the biggest advantages are the lack of contracts or commitment periods associated with postpaid, although some wireless operators (usually MVNOs like Virgin Mobile and Cricket Wireless) offer postpaid plans without contracts or commitments.

The first basic question that prepaid users ask is, “do I use the service enough to justify a postpaid plan?”

• Will they talk or receive calls on the cellphones to go for a higher minute plan?
• Will they need some more advanced features that only postpaid plans offer, such as 3G data?
• Or do they need to have just enough connectivity with a mobile device without taxing their monthly budget?

There is another large group of devices that have been coming online that are asking the same question. The mobile compute platforms such as laptops and netbooks (or the cleverly named smartbooks such as HP and Qualcomm’s recent announcement) are increasingly being connected to mobile networks in addition to WiFi.

There is a recent flurry of noise from the mobile operators on prepaid mobile broadband plans with megabyte and gigabyte buckets available for as little as $10 for 100 MB, in the case of Virgin Mobile USA. But the larger operators such as AT&T Wireless and Verizon Wireless will offer prepaid mobile broadband to complement their postpaid options. I think prepaid as an economic model is ABSOLUTELY made for:

1. connected platforms now such as laptops (to avoid the “everything they can eat, and they will” problem operators encounter with data hogs)
2. emerging connected devices later such as cars, gaming platforms, eBook readers (bundled today in the Kindle but I predict this will change)
3. many other multimedia and entertainment devices…can you say iSlate?

Recently Tariff Consultancy published a report stating that:

“Pre Pay Mobile Broadband will become the norm for the majority of users to access the Internet worldwide, with a third of a Billion users by the end of 2013″

The notion of “becoming the norm” is the operative phrase here. Similar to how cellphones have become the norm for communications and ultimately having resulted in cannibalizing fixed line services, is it feasible to think that mobile broadband will cannibalize fixed line Internet access? At a minimum, it will be complementary in that high use devices such as media servers, Hulu, Playstation Online, torrent servers, or groups of PCs and Macs will demand more than what the mobile network (or even local femtocells) would be capable of providing. But in either developing countries or smaller connected households, the advent of $10 or $20 (or even less in some countries) to last a month or two for web and email connectivity is more than sufficient to serve their needs.

The importance of device characterization, content adaption, and cloud services is absolutely critical to a positive Always Connected User Experience (ACUE). Today I bounced back and forth between my iPhone and Kindle 2 reading snippets of The Lost Symbol by Dan Brown (GREAT book so far, as usual from the author of The DaVinci Code).

Without getting verbose, these were the essentials of my positive Always Connected User Experience while waiting for my car’s oil change.

1. The page sync is automatic between the 2 devices so I never have to worry about remembering where I was. It wasn’t always this seamless…back in the stone ages of Kindle 1 I had manually sync many if not all the time.
2. The adaptation of the content is performed to the device’s capabilities (screen size, display technology, I/O, dynamic features such as accelerometer). Obviously Apple (obvious, I think) would not have approved the Kindle for iPhone app if it had not met the specs for what they typically consider as a stellar user experience. In a nutshell, it just works!
3. Yes, the content does in fact reside locally on both devices, so it’s not what I’d call a classical “connected cloud service”, but the content originates and remains available in the cloud no matter what I do locally on the devices. If I wipe my iPhone, I just reload the app and book, and I’m right back to the same page I left off on.

One key element of the overall ACUE equation is the transport media, but since the content is cached locally on the device (probably always will be) this is not as important other than the time to download. Where this becomes important is when less of the content resides locally and what the device side gets is rendering of the content. So if Amazon were actually rendering the book content and pushing me each page as I flip to the next page, I will be begin to care very much whether I’m connected over HSPA, WiFi, or EDGE. I’ll also care about the quality of the connection if I’m moving. Imagine the sorts of outages or failed calls on the iPhone in some of the dreaded “coverage holes” in the San Francisco bay area when I’m immersed in a really good publication or book.

There are many other items such as security, authentication, e-commerce, and so forth that I’m leaving out and of course must be built into the equation. But from the non-technical users perspective, once they signed up for their account on Amazon and purchased their Kindle, they just want it to work without needing any knowledge of an unreliable cellular network, fading, channel congestion, or roaming.

Are we there yet? Ehh, kinda sorta. We’re definitely getting there as users push the capabilities of the applications, services and devices. Apps, services and devices push the capabilities of the network. And the networks push the capabilities of the carriers to react innovatively and expeditiously. Do you agree or disagree?

Mobile devices and technologies have afforded us mere mortals the ability to communicate with each other, answer practically any question, access practically any media or content available on the Internet, and entertain ourselves in ways never thought possible 10 years ago.  Since the advent of data communications over cellular technologies such as GSM/GPRS, EV-DO, and HSPA enable the immediacy of these desires.  The air interface alone, however, is not enough to allow flesh and blood to engage and interact with the digital media in that virtual netherworld.  We need devices.  Blackberries, Droids, Symbian devices, and my favorite, the iPhone, bridge the chemically and electrically induced emotions and needs for digital “connectedness” and the digital itself.

But the ways our brains are being rewired where we grow accustomed to checking emails in the kitchen, updating our Facebook status in the bathroom (yeah, could be gross), following our Twitter community sitting in front of the TV, or posting a new vid to Flickr standing in front of the BBQ while grilling some steaks (hey, the thick ones take a while) is taking the “attractiveness” of mobility to all-new heights.

BTW, I’ve personally done all of the above on my iPhone while at home NOT sitting in front of my Mac.  In fact I’ve caught myself pulling out my iPhone to open up TweetDeck or WordPress WHILE I’ve been sitting in front of my Mac with TweetDeck or WordPress already open.  WHAT THE HELL IS WRONG WITH ME?!?!

Nothing and everything, depending on your generational or conservative persuasion.  If you’re reading this blog, or especially if you’ve gotten to this post from a bit.ly shortened URL, you are likely also suffering from SocioConnectitis.  Defined as: “the insatiable and irresistible need to engage and interact with our social digital media and content. This is sometimes accompanied by narcissism (how many mentions did I get today?), paranoia (why haven’t those friend requests been accepted yet?) and a false sense of urgency (I really, really need to upload those Flip MinoHD vids to Facebook because I’m sure they’ll be helpful in curing cancer).

Where is all this headed?  For sure this second nature (soon to be first nature) act of interacting digitally won’t even be differentiated from breathing or waking up in the morning someday soon.  This is the case not just for industrialized societies, but even the poorest countries and regions are experiencing this.  Maybe not iPhone-class urges yet, but they get the notion of connectedness and those are the seeds of SocioConnectitis. And the device vendors want to cash in this growing behavior with the QUE, more Droids (someday they’ll be sentient beings), iPhone 4G (whatever that is), iSlate, Kindle DX x 10^8, and so many other windows into this digitally delectable world.

Now what? As Andrea True Connection says, “More, More, More.” Or Britney Spears says, “Gimme More.” I’m loving this disease.

This week on Dark Reading there was more talk of the cracking of the GSM A5/1 over the air encryption. There is certainly a lot of attention swarming to this topic, rightly so given the pervasiveness of mobile. In addition the hacker community is making statements of the A5/3 encryption who is built into some of the 3G standards.

I think that the biggest concern does lay solely with the cracking of A5/1, but that there is a HUGE community of software programmers interested in “seeing” how vulnerable these encryption protocols actually are and if they can break them. In general this is a good thing to overcome the Kool-Aid Syndrome (where carriers and mobile technologists because too enamored with legacy and the status quo) and get telecom vendors, standards bodies, and carriers to think innovatively and out of the box. However it’s only a good thing if malicious behavior does not reign supreme.

Imagine if the confidential mobile communications of a government official or corporate CEO were intercepted and held for ransom. Imagine if terrorists were somehow to exploit this vulverability to their advantage. As with any socially and globally impactful technology, there are two sides to the coin: the good side and the dark side!

How do we solve this both near term and long term? Do we ban cellphones in certain instances or environments? Is this even feasible given the human appendages that cellphones and smartphones have become?

I’ve always been intrigued and fascinated by technology and how technologies are adopted by people. In the past I’ve written about the concepts of strong-specific and weak-general. These concepts are not mine (I wish they were). Instead they were originated by Bill Buxton who is currently a researcher at Microsoft Research. I first learned about Bill while reading a book called The Invisible Future: The Seamless Integration of Technology Into Everyday Life.

The reason for this momentary occurrence of awakedness (don’t know if this is a word) to the strong-specific and weak-general concepts was from an article I recently saw in FastCompany called Tracing the Evolution of Consumer Electronics. What’s Next? The article is really more of a set of family trees showing the apparent origin of certain products back in the days right after the primordial ooze. For example, the Kindle 2 traces back to the original days when, ahem, paper books and book presses were the hot thing…can you imagine that! There are many other interesting lineages for the iPhone, Blackberry, Wii/PS3/Xbox, and other devices.

The core question presented by this article is: will a single device ever unite them all? In my most humble opinion, NO FRIGGING WAY! I could be wrong on this and I’m sure there will be technological innovations that we can’t even conceive of or imagine today.

I have an iPhone (3 in fact), Kindle (2 in fact), iPods, netbooks, media center PCs, PS3, laptops, Macbook Air, Razr’s, PDAs, a drawer full of cellphones and smartphones (the graveyard of those that didn’t pass muster), digital picture frames, cordless telephones, LCD TVs, LCD monitors, other MP3 players that came and went, and I’m sure a few other devices that I’m forgetting.

I believe the primary reason for why we will ALWAYS possess an array of strong-specific devices and NO ONE device will do all of what the FastCompany article devices do is due to how we interact with the devices and applications on those devices. For example, the way we interact (and expect feedback and interaction with us) with a music player is very different than how we interact and expect interaction with our senses with a cellphone. Granted, while the iPhone is supposedly a convergence of these functions and an adaptive screen and UI will present the varying forms of interaction, I’m one of many that will state the iPhone isn’t much of a phone. If I wanted a real phone, I’d use my Razr. The iPhone is more of a weak-general device and we all know its weaknesses.

The size and Mobility Quotient are defining factors as well. If the size is larger than my cellphone (my Kindle for example) then I won’t be taking this everywhere with me so don’t bother putting music functionality (yes, it’s in the Experimental section) or voice calling into it. If the Mobility Quotient is high, then I will generally interact with it on an on-demand, “snacky” basis rather than a more dedicated, in-your-face manner as I am doing right now on my Air. While I can write this blog entry on my iPhone, only large doses of mind altering drugs will compel me to do that.

‘Nuf said. But am I all wrong on this? Can flexible or rollup displays create a truly useful weak-general, one-size-fits-all device? Can voice, gesture, or Vulcan Mindmeld new interaction models solve the “keyboard barrier” that so many devices suffer today? Are we headed towards a Nebulous Future, per the FastCompany article, where it’s not about singularly and vertically designed devices but rather a distribution of functions that collectively create the experience? For example, the compute and connectivity is always in my wristwatch, but depending on what I am intending on creating or consuming the connectivity may be vectored towards a large display or interaction modality that matches my “intention”. Who, what, or how will that “intention” be determined?

Who knows. For now, I’m just content to speculate about Apple’s tablet device being announced around CES…I MUST HAVE ONE!

There was more news today in Dark Reading on the vulnerabilities of the Apple iPhone, RIM Blackberry, and Palm Pre as a result of spear-phishing tests using a phony LinkedIn email. The impact of this social engineering threat is two-fold:

1) There are so many people using their smartphones to view corporate and personal email that it’s hard to guess whether anyone is safe from this sort of attack.
2) Social networking is becoming one of the killer apps on smartphones, especially when coupled with location (such as GPS) and the real-time web (such as Twitter). The attack preys upon the insatiable need to be connected to our communities, even though I have idea why Bill Gates would want to connect over LinkedIn.

According to Joshua Perrymon, CEO of PacketFocus, “he was able to get his spoofed message through 100 percent of the time.” 100%!!!

How do you fix this? According to the article, “The trouble with socially engineered, targeted attacks is that there’s no real “patch” to protect products and users from falling for them. Email authentication technologies like PGP are not widely adopted, and it’s difficult for vendors to spot spoofed email messages, experts say.”

The only resort is to rewind to the stones ages of landline and pen/paper. Highly unlikely so I foresee we’re in for quite the Tsunami of Insecurity with infected mobile devices by the millions and billions.

ABI Research recently conducted a survey on the security issues of mobile voice calling. Specifically the concern that cellular voice calls can be either intercepted and decoded, or that the cellphones themselves can be infected and infiltrated with malware that can render it remotely accessible by a hacker or someone who wants to eavesdrop on conversations.

In Dark Reading, an article titled Most Enterprises Ignoring Mobile Voice Security, discusses the findings of the survey from ABI. It states that while mobile voice interception and its vulnerabilities are a high concern to the people surveyed, only 18% of respondents have actually implemented mobile voice encryption. One of the key triggers to this concern seems to be around the announced cracking of the A5/1 encryption for GSM voice from a hacker conference earlier this year. In addition, there will be equipment in the sub-$1000 range available to intercept and decode the over-the-air conversations.

I think there will be issues in the deployment of end-to-end mobile voice encryption.

1) The link layer encryption and authentication protocols will be in place and heavily invested by the carriers and handset OEMs.
2) Additional application layer encryption must be resident and match both ends of a voice conversation, especially in a cell-to-cell call. This will be a challenge given the plethora of handset OEMs and the additional plethora of handset models and OS variants they support.
3) The user experience will need to be completely transparent, including all the key exchange and mgmt. If the user has to doing anything more than pick the number and press Send, there will be significant user dissatisfaction. Ultimately the user just wants to have a call, not worry about security or encryption.

It seems to me that the true security concerns do in fact lay in the shoulders of the enterprise as the report states. The enterprise, whether a govt agency or a corporation, has sensitive information and communications that they can allow to be exposed due to regulatory or governmental policies, or even national security. Until the technology completely solves itself, evolves, and becomes easy to use and pervasive enough to be fully relied upon, all enterprises with this concern need to take the following measures.

A) Identify the physical areas throughout your offices and locations that represent the greatest threat if information or communications at those locations were to leak.
B) Implement a No Cellphone policy at those sensitive locations. They might include boardrooms, trading floors, stock exchanges, classified information facilities, call centers, security operations centers, executive offices or suites, etc.
C) Deploy a Cellular Location and Analytics system or service, such as from AirPatrol Corp., to detect, locate, and perform detailed analytics within a geo-fenced environment, i.e. the sensitive areas. This system can be deployed as an in-house system or service for 24×7 monitoring. Or can be selected as a one-time vulnerability assessment to take a snapshot over a short period to see how bad the problem may be.

At the end of the day, the enterprise needs to do what they can do. There will be an awful lot they won’t get the wireless operators to do for them. Security is most definitely one of those things (the enterprise services “SI” part of a carrier corporation notwithstanding). Security adds friction to increasing ARPU. The enterprise needs to take ownership over everything occurring within the confines of their domain.

Do you agree with this? Would love to get point and counterpoint on this topic.

I’ve written on the problem of contraband cellphones in the past and how bad of a growing concern (and public safety threat) this issue is to the respective corrections officials dealing with it. My recently, Richard Stiennon of ThreatChaos forwarded me an article Dawn.com who reports on a lot of news in Pakistan of how Omar Saeed Sheikh, a militant being held in Pakistan for, according to the article, his arrest in Feb 2002 for the murder of US journalist Daniel Pearl, threatened the President and Chief of Army Staff of Pakistan…using his cellphone in a Hyderabad prison!

The article titled, Jailed militant’s hoax calls drove India, Pakistan to brink of war, states “‘Omar Saeed Sheikh was the hoax caller. It was he who threatened the civilian and military leaderships of Pakistan over telephone. And he did so from inside Hyderabad jail,’ investigators said. The controversy came to light after Dawn broke the story, exactly one year ago, that a hoax caller claiming to be then Indian foreign minister Pranab Mukherjee was making threatening calls to President Zardari.”

“The very next morning, Nov 29, Hyderabad jail was raided by intelligence agencies and over a dozen SIMs were recovered along with two mobile sets. Majid Siddiqui, the jail superintendent, was suspended. ‘I don’t know much but it is true that some mobile SIMs and mobile sets were recovered from Omar Saeed Sheikh when he was in Hyderabad jail.”

It’s been said before that criminals would gladly conduct their illicit enterprises from within prisons using cellphones because it’s the safest place to be. This certainly rings true of the case of Omar Saeed Sheikh whose cellphone had a SIM card from a UK wireless operator so looked like a UK cellular device roaming in Hyderabad. And over a dozen more SIMs were confiscated during a raid to obtain the contraband. This is only the scratch on the scratch of the tip of the iceberg. This problem will continue to grow without an effective technical solution to detect, track, and monitor or confiscate the contraband devices in all prisons worldwide. These Always Connected criminals will simply continue to easily obtain the same great devices and services that we as productive consumers enjoy and take for granted every day.

Today an article in Dark Reading titled Federal Agencies: Online Collaboration, Cyber Terrorism, Mobility, Web 2.0 Their Biggest Security Threats outlines the results of a survey by the Ponemon Institute on what ails our government’s agencies the most in terms of security threats and concerns. The survey of 217 senior-level federal IT executives yielded some pretty extraordinary findings.