Monthly Archives February 2013

Canadian government changes data device guidelines

Unsecured mobile data devices are a serious security risk, something the Canadian government is affirming this week by releasing new guidelines for use of such equipment.

The directives handed down by Human Resources and Skills Development Canada (HRSDC) still allows for use of USB and other portable drives, but requires some to have biometric encryption, or be encrypted and password protected. In some cases, the devices don’t need such protection but management clearance is required before they can be used.

The news comes on the heels of a major data breach, after the personal information of nearly 600,000 Canadian Student Loan recipients was exposed last year when a federal department employee lost an external hard drive. A USB drive with information on 5,000 disability pension applicants was also recently lost by the HRSDC.

As pointed out by Postmedia News, the new rules essentially leave it up to workers to utilize technology wisely. Interestingly, a recently leaked internal memo from Public Safety Canada warns government employees about sending PIN-to-PIN messages, stating the method is unsecure and transmissions could be intercepted by other BlackBerry users.

“Although PIN-to-PIN messages are encrypted, they key used is a global cryptographic ‘key’ that is common to every BlackBerry device all over the world,” stated the memo. “Any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device.”

What wasn’t pointed out by Public Safety Canada is that BlackBerry does offer customizable security options to secure data, and that there are ways to encrypt messages that only allow them to be read by devices on the same network. Oh, and as noted by The Register, this “news” isn`t really news at all.

FCC delving further into rural call completion problems

Telecom associations are applauding the Federal Communications Commission for finally taking steps to tackle the call failure issue in rural areas.

Earlier this month, the FCC filed a notice of proposed rulemaking seeking comment on regulations needed to address the problem of dropped or poor quality long-distance calls, a move that the National Telecommunications Cooperative Association (NCTA) has been demanding for some time.

Critics say least-call routing is to blame for the failures. Completing calls in rural areas tends to be pricier, to help cover the increased cost of service. Some long-distance carriers contract third-party companies, which attempt to use the cheapest route to connect the call, even if it means the quality will be poor or the call may fail. Others may spit out a busy signal or drop the call altogether once it is realized the call won’t be profitable to connect due to the extra cost.

Along with lost business revenue and aggravation to customers, the practice can cause serious safety issues. Instances where hospitals have been unable to reach rural patients and problems with failed communication between first responders and medical professionals have been reported.

The FCC agrees, noting completion rates are frequently poor, even when the performance of the intermediate provider appears acceptable on paper.

“The problems manifest themselves in lengthy periods of dead air on the calling party’s end after dialing a number, audible ringing tones on the calling party’s end when the called party’s telephone never rings at all, false busy signals, inaccurate intercept messages, and the inability of one or both parties to hear the other when the call does go through,” states the FCC notice. “This causes rural businesses to lose customers, cuts families off from their relatives in rural areas, and creates potential for dangerous delays in public safety communications in rural areas.”

It cites several studies undertaken by rural telco associations which found the problem doesn’t appear to be resolving itself. A whopping 80 per cent of respondents to one survey reported call completion issues, and reports of problems receiving calls increased over 2,000 per cent from April 2010 to May 2011.

A second study, completed in May 2012, found that despite small improvements, the call-failure rate in rural areas was 13 times higher than urban locations. Five months later, a third study found call completion failure rates were still high.

But it’s not a new issue to the FCC, which has been looking into the matter for several years. Many groups have been critical of how slow the Commission has been to address the issue – in a letter sent in December, the NCTA pressed for more action.

“If anything, any resolution of such concerns over the past few years has been at best temporary in nature – more of a reprieve than a resolution, in reality – as carriers apparently change routing tables for fear of regulatory sanction only to then reprogram them days or weeks later and thereby recreate the problem once again,” stated the letter.

“This tactic might be likened to ‘regulatory whack-a-mole’ and in legal terms, it might be considered a classic case of ‘capable of repetition yet evading review.’ It is abundantly clear that a more permanent, comprehensive, and definitive solution is need in short order.”

In a statement released a few weeks ago, the National Exchange Carrier Association (NECA) applauded the FCC for finally taking the next step in the process.

“NECA is pleased the FCC has made this preliminary step towards gathering data necessary to resolve rural call completion issues,” said Jeff Dupree, NECA vice president of government relations. “We, along with our rural allies, have worked hard to bring call completion issues to light and applaud the Commission’s proposal to further these efforts by mandating a national data collection and requiring data retention by carriers.”

The notice of proposed rulemaking suggests new record-keeping requirements be put in place, ensuring the FCC can act when high failure rates or poor call quality strike rural areas. FCC chair Julius Genachowski admits the new regulations have the potential to place heavy burdens on carriers, but said the need to get a handle on the issue takes precedence.

“We’ve seen some evidence of improvement, but not nearly enough,” Genachowski said in a statement. “And although, as we’ve come to learn, the causes of rural call failures can be complex and the responsible parties difficult to trace, one thing is clear: This has got to stop. The FCC has a fundamental responsibility to ensure phone calls complete reliably.”

ISPs turn on Copyright Alert System

Six strikes and you’re out? As of this week, participating U.S. Internet service providers (ISPs) are starting to utilize the Copyright Alert System. Users suspected of using copyright-violating peer-to-peer file sharing programs, such as BitTorrent, will now be issued notices about their illegal activity.

Initially the notifications will be educational and may include voicemail messages and links to legitimate content. Further alerts could see users forced to watch anti-privacy videos. ISPs also have the power to reduce Internet connection speeds, aka throttle bandwidth, for repeat offenders.

Those who think they’re being unfairly accused can appeal to the American Arbitration Association for $35. If the investigation rules in their favour, the warnings will be removed from their account and they’ll be refunded their money. But if it goes the other way, the ISP may be in a position to take further action against the user.

Mobile World Congress kicks off in Spain

The 2013 Mobile World Congress (MWC) kicks off today in Barcelona, Spain, drawing thousands of attendees, from telecommunications CEOs to mobile app developers. Notable keynote speakers set to take the stage over the next three days include AT&T president and CEO Randall Stephenson, Dropbox founder Drew Houston, Mozilla chair Mitchell Baker and Nokia president Stephen Elop.

While many mobile giants launched new products at the recent Consumer Electronics Show in Las Vegas, more are expected to make major announcements at MWC, including Huawei, which plans to unveil two new devices. Others debuted products before the show even started.

Gadgets aside, many network operators use the congress to push their wish lists, calling for increased wireless spectrum, lower taxes and this year’s hot topic: harmonization.

“It’s not just about having the right amount of spectrum. It’s critical that the spectrum is harmonized on a global basis,” said Franco Bernabe, Telecom Italia CEO, said in his MWC speech today. That would make way for cost efficiencies allowing phones and network equipment to “work across a broader part of the world,” he continued.

CRTC finalizes wholesale high-speed Internet rates

This week, the Canadian Radio-television and Telecommunications Commission (CRTC) released finalized rates for wholesale high-speed access services used by independent providers, a move that could ultimately offer some users a bit of relief on their bill.

“Large and small independent service providers now have the certainty they need to continue offering Canadians a choice of innovative and competitive services,” said Jean-Pierre Blais, CRTC chairman. “We are pleased to finally close this chapter after a careful examination of the wholesale rates, which included a review of the costing information.”

The big companies that whole high-speed access to independent providers will begin utilizing a single billing model, offering identical rates for both residential and business end-users. In the past, the large companies charged different rates for different services.

Businesses are likely to benefit most from the changes, since their rates will now be the same as residential services. The CBC predicts Bell wholesale customers in Ontario and Quebec, Telus customers in Alberta and British Columbia, and Cogeco customers will all receive a lower rate. However, independent providers who utilize Rogers, Shaw and Videotron cable may see an increase.

Marc Gaudrault of Teksavvy Solutions, which offers Internet services, told the CBC that DSL customers would receive more benefit than those on cable.

“I don’t know if rates will go down, but perhaps value for your money will go up,” Gaudrault was quoted as saying. “… On the cable side, either rates will go up or value for your money will go down.”

The CRTC does not approve the rates and packages for Internet services offered at the retail level, though it expects its recent decision to have a favourable impact.

AT&T adds U-verse fees

Your AT&T bill may cost you a few extra bucks starting this month, after the company implemented extra fees associated with U-verse broadband and IPTV. According to AT&T, one of the new fees – a $2 broadcast TV surcharge – is needed to recover a portion of the amount local broadcasters charge AT&T to carry their channels.

U-verse high speed Internet packages will increase $3 per month, and customers who are not currently paying a fee for Wi-Fi-enabled Wireless Gateway will be stung for another $2 per month for equipment rental.

AT&T isn’t the only company tacking on a few extra dollars to its bills – DirecTV recently added a $3 regional sports fee, and Frontier has started charging modem and gateway fees ranging from $7 to $15.

Analyst decreases BlackBerry Z10 sales estimate

Is the BlackBerry Z10 destined for failure? At least one analyst has cut his sales estimates for the device, stating retail stores have indicated “steady, but modest demand” despite the frenzied interest expressed immediately after the launch. Canaccord Genuity analyst Mike Walkley estimates just 300,000 smartphones will be sold, a far cry from his original projection of 2 million.

“With new BB10 smartphones launching in the U.S. only in mid-March or later at subsidized prices no better than competing high-end Apple/Samsung smartphones… we are lowering our BB10 sales estimates for the February quarter and all of [fiscal] 2014,” Walkley wrote in a note to clients. “Further, we believe carrier support for BlackBerry 10 in the U.S. is modest, as demonstrated by Sprint only planning to launch the Q10 [BlackBerry with a physical keyboard] and T-Mobile only the Z10.”

ISPs living up to advertised speeds

The Federal Communications Commission’s recently released report on consumer wireline broadband performance has found the majority of Internet service providers (ISPs) are delivering speeds as advertised during peak consumer usage hours.

The February report — part of the FCC’s Measuring Broadband America initiative, with data collected last September — found that 97 per cent of ISPs were coming through with promised speeds during the busiest hours of 7-11 p.m. on weekdays. Most providers remained steady, with results on par with the previous FCC study. One standout was Frontier, which improved performance by a significant 13 per cent. The FCC was also encouraged to see providers have sustained their migration to higher speed services.

Some providers were even found to be providing service faster than they claimed, with Cablevision, Comcast, Verizon Fiber and ViaSat/Exede demonstrating sustained download and upload ratios higher than what was advertised. On the flip side, AT&T, Qwest and Windstream struggled to reach their own numbers. ViaSat’s satellite provided the fastest speeds, followed by fiber, cable and DSL. On average, satellite performed at 137 per cent of advertised speeds, while fiber delivered at 115 per cent, cable at 99 per cent and DSL at 85 per cent, during peak times.

“In our testing, we found that during peak periods 90 per cent of ViaSat consumers received 140 per cent or better of the advertised speed of 12 Mbps,” stated the FCC summary. “In addition, both peak and non-peak performance was significantly higher than advertised rates. While latency for satellites necessarily remains much higher than for terrestrial services, with the improvements afforded by the new technology we find that it will support many types of popular broadband services and applications.”

While satellite was the top performer, what the FCC doesn’t point out — but the Huffington Post does, in this article — is that the service comes with caps that limit data consumption and video streaming. The news outlet has previously reported complaints by rural residents who said bad weather and caps interfered with their speed and service.

When it comes to VoIP, the FCC found quality suffered when bandwidth was being shared amongst various services, though measurements utilized in the report did not detect such effects. VoIP services were adequately support by all service tiers examined.

“Faster broadband has brought untold benefits to millions of Americans – from distance learning to distance healthcare,” said FCC Chairman Julius Genachowski said in a statement. “This is good news for consumers and the economy, but we can’t be satisfied. To unleash innovation and realize broadband’s full potential, we must continue to see increases in broadband speed and capacity.”

The FCC is pushing a proposition for national high-speed one gigabit Internet, something it would like to see achieved by 2015. Genachowski has said the service is essential to facilitate economic growth and global competitiveness.

So how do you know you’re getting your money’s worth from your ISP?‘s Thorin Klosowski offers up a good basic guide for consumers , starting with examining your bill to determine the service level you’re paying for and using simple online analytics to test your speed.

If you feel you’re not getting enough out of your service, sometimes it pays to shop around. But keep in mind that depending on where you live, all services may not be readily available. Providers also sometimes offer different bundles based on geographic location. And if you’re content with your home service, but need someone to take a look at options for your business, sometimes it’s best to seek help from a professional consultant to ensure you’re getting the biggest bang for your online buck.

New hack blasts past iPhone password screen

The latest security flaw that allows iPhone passwords to be hacked, allowing unauthorized parties access to the device including the ability to call out, has been uncovered on YouTube. A video posted to the popular site shows how a series of deliberate actions can bypass the iPhone’s security controls. While we haven’t linked to it, a screen grab of the video is posted above.

The user who posted the video – who shows how to exploit the password settings in a step-by-step tutorial – suggested people only use the hack as a practical joke and not with malicious intent.

“For prank your friends … for a magic show … use it as you want, at your own risk, but please do not use this trick to do evil!” wrote the user who posted the video.

Apple released a statement yesterday confirming it is aware of the vulnerability and is working on a fix for the issue.

Study finds people take confidential data when leaving a job

That contract drafted to protect company secrets may not be working as well as you thought. A recent Ponemon Institute study found about half of employees who left their job last year held onto confidential data, suggesting that all those Bring Your Own Device (BYOD) security fears are not unfounded.

To make matters worse, 56 per cent of those surveyed didn’t think using classified information and trade secrets from a previous employer was wrong. Nearly two-thirds reported seeing it unfold in their own workplace.

The majority admitted they don’t delete corporate data from any of their devices – laptops and smartphones included – upon their departure from a company.

“Chief information security officers are certainly concerned about intellectual property leaving but they are also concerned about being the unwitting recipient of confidential data that a new employee has taken from their former employer,” Robert Hamilton, director of product marketing with Symantec’s Data Loss Protection group, told FierceEnterpriseCommunications.

When it comes to BYOD, the possibility of a confidentiality breach has always been a main concern. A shocking 46 per cent of people admit to allowing others to use their work device and 33 per cent do not encrypt corporate data or files. And from the results of the latest study, it doesn’t appear many would take the proper steps to delete that sensitive information either.