The Dangers of Phorn (phone porn)

"Would you like phorn with that?"

The Shermans of Arkansas are suing McDonalds for emotional distress, embarrassment and damage to their reputations after they allege employees posted nude pictures of Mrs Sherman on the internet.

Tina Sherman says she began receiving offensive calls and text messages about the pictures from her husband’s mobile phone after he left it at the McDonald’s on 5 July.

Phillip Sherman says that when he realised he’d left his phone at the restaurant he called and arranged for staff to secure the phone until he could collect it.

The case raises interesting questions around our perception of electronic files. Would Mr Sherman have been so blasé about leaving an envelope lying around stuffed with titillating pictures of his wife? Would the McDonald’s staff having found such an envelope rushed to the scanner, downloaded them to the office PC and uploaded them to whatever sleazy website the pictures eventually ended up on?

The convergence of technology allows us to photograph, video, record, store, view and display all manner of media and documents. We can carry all of this around in our pockets (or purses). Not only that but we can make multiple copies to distribute among our devices and our friends.

The thing is, even though they are in digital form the files are just as important as if they were printed and stored in a folio. Ask all those who have lost confidential information on a stolen laptop.  Likewise with music, film and written publications those files have value to the copyright holders and just because we can copy them till our heart is content, doesn’t mean we should.

There is one thing that the Shermans don’t seem to be suing McDonalds for and that is breach of copyright. They should.

Anroids Don’t Need Anti-virus?

Computerworld has this story about a security analysist who even after finding the ‘first’ vulnerability in Google’s new Android mobile phone operating system seems to think that the OS is secure enough not to need AV software.

Miller is quoted as saying “If you want to do anything dangerous like access personal contacts, you have to specifically say to the virtual machine ‘these are things I’m going to have to do,’ and the virtual machine will ask the user if that’s OK,”.

The problem with this is that it relies on the user being able (or being bothered) to give a satisfactory answer. Peter Gutmann says that relying on users to always make a sensible decision is ultimately flawed because it relies on the user being omnicient – knowing exactly what they want and how to achieve it.

The story then goes on to say that hackers have found a way to install software on the phone bypassing the virtual machine! So even if the user is expert enough to understand whether an application should be allowed access to the Android OS, a hacker can bypass this security feature anyway.

Although this type of attack is not unique to Android, the article claims people don’t generally use their phones for accessing the same kind of important data they do on their PCs, making phones less of a target.

Nevertheless there are several antivirus software offerings for mobile phones.  This is a good thing.  Having worked in a polling booth this weekend and seen how many adults couldn’t even work out how to place two ticks on the ballot paper, I’m not hopeful that they’d competently answer a question thrown at them from an android.