March 11, 2010

The Mobile Hypervisor's killer app has arrived and it's not what you think

In my January blog entry “Application delivery and the evolution of endpoints” I referenced how Citrix and VMware were starting to position themselves to be able to offer mobile hypervisors. At the time I suggested that while the technology did offer interesting opportunities, there was little immediate demand. However in light of one of the announcements from last week's RSA conference in San Francisco, it looks like I may have spoken too soon. 

Derek Brown and Daniel Tijerina’s announcement at RSA of the creation of an 7,800 node botnet consisting of both Android phones and jailbroken iPhones running their WeatherFist mobile application may well spur enterprise demand for the mobile hypervisor.  Brown and Tijerina of TippingPoint’s Digital Vaccine Group created two versions of the same basic application. The version of WeatherFist that was released into the wild did no more than obtain a phone’s GPS coordinates and phone number before uploading them to a remote server which then converted the coordinates to a zip code and responded with the local weather forecast pulled from the Weather Underground site. At the same time, the pair created a malicious version of the application, but  - contrary to some reports  - did not release it.  This version (WeatherFistBadMonkey) contained code that could raid the phone’s contacts list, steal cookies and send spam email.  Most significantly, given the level of privilege required for the released version to operate, it would have been no more difficult to obtain a user’s permission to allow the malicious version to run. 

 

Now that the news has broken I was expecting to find that WeatherFist had been pulled, but at the time of writing WeatherFist is still freely available on ModMyi, annotated with the somewhat ironic label “This package is from a trusted repository.”

 

This type of exploit requires two things to work, a poorly policed mobile app store and gullible trusting users. Unfortunately trusting users are in endless supply and even the  best policed of app stores will let something noxious in given enough time. Given this, how long will it be now before IT security departments start mandating that users cannot install any third party applications on a smart phone with access sensitive information?  Which is where the mobile Phone hypervisor comes in.  If employers cannot rely on their staff to prevent malware infection. How long will it be before IT security departments start mandating that smart phones have hypervisors installed to ensure separation of business and private applications and data as a means of controlling the inevitable backlash against ever more restrictive security controls dictating just what an employee can do on their phone.

Posted at 12:30 PM in Mobile Devices | | Comments (0) | TrackBack (0)

| | | |

March 09, 2010

Slow news day

Take a quick look at the following and see if you can work out what it has to do with thin-clients...

[Product X] offers users cutting edge foundational and architectural designs that will allow [Product X] users numerous options for future customization and product expansion. Like your organization, [Product X] has been designed to change, grow, and adapt to the evolving technology and service requirements of your business.

Regardless of your organization's size, [Product X] will tightly couple with the data generated by your business enterprise. The core of the [Product X] engine supports single computing and networked environments. In enterprise scenarios with large existing deployments, homogeneity is rare and [Product X]'s platform allows you to interoperate with the technologies offered by third-party healthcare vendors. With higher integration requirements, security systems must also be interoperable.

Any ideas?  Me neither. 

Yet if you look through Citrix's list of 'Citrix Ready Products' you will find that Product X listed under thin-clients. Only it's not, it's a healthcare data analytics app. Which it a bit a shame really because if there's anything we need more of today it's thin-clients with "cutting edge foundational and architectural designs" and "numerous options for future customization and product expansion".

Like I said, it's a slow news day.

Posted at 07:20 AM in Marketing FUD | | Comments (1) | TrackBack (0)

| | | |

March 08, 2010

My dog ate the backup tapes

My post from last week Virtualization in New Europe included a call for submissions for your best DR or business continuity story, the winner will receive a free past to the Burton Group Catalyst Europe conference in Prague.

We've already had a few good entries, but most have been recycled 'customer success' stories. Not exactly what I would call prize winning material. So come on people get with the spirit of the occasion would you. If you need a little inspiration, watch the re-run of last night's Oscar awards show, rent a copy of The Hurt Locker, then ask yourself would Kathryn Bigelow ever want to make a movie of my story and if the answer isn't yes, then it's time for a rewrite.

You want to win and get a free ticket to the hardest hitting IT conference in Europe this year, then you have to try a little harder.

Posted at 11:13 AM in Off Topic | | Comments (0) | TrackBack (0)

| | | |

Dell set to corner the market for desktop virtualization hardware

After selling the $500 (HOW MUCH?) FX100 zero-client for the last 18 months as part of its Remote Workstation package, Dell has finally acknowledged that the same Teradici PCoIP chipset that allows it to connect to the R5400 rack workstation will enable it to work with VMware View 4.0.  

If that wasn’t enough, Dell have also launched a marketing blitz pushing the new and rather desirable Latitude 13 laptops as being ”Ready for Virtualization”.

Dell Virtualization Ready

Does this mean that the Latitude 13 will be shipping with a client hypervisor some time soon, or just that it will have Citrix and VMware's respective desktop clients pre-installed.  Whatever the answer I guess Dell must be missing Ron Oglesby more than it knew.

Posted at 07:48 AM in Desktop Virtualization, News, Thin-Clients | | Comments (0) | TrackBack (0)

| | | |

March 05, 2010

Virtualization in New Europe

Regular readers of this blog will know that I've never made a secret of my enthusiasm for Project Virtual Reality Check. So with that said, I'm particularly happy to report that Ruben Spruijt will be in Prague this April to present the latest Project VRC benchmark results at the Burton Group Catalyst Europe Conference. We also have the incomparable Chris Wolf presenting Burton Group's selection criteria for server hosted desktop virtualization, as well as delivering a workshop on client virtualization. The only thing that spoils it for me is that while everyone else from Burton Group is heading off to Prague, I will be staying at home working on material for Catalyst North America. 

If, unlike me, you have the opportunity to attend Catalyst then Burton Group are offering a couple of cool incentives to help get you there. Take a look at the Burton Group data center team blog, where we are offering a free ticket to Catalyst to whoever submits the best DR story.  No DR story to share, then try using the promo code “INSIDER” during registration, you'll get full access to Catalyst EU for the discounted price of €995. And finally, we are so confident you will be enlightened and educated at Catalyst 2010, we are offering a full guarantee. If you are not satisfied with the quality of our conference content and if you don’t learn something that is useful to you, your Catalyst registration is free. Try asking for that anywhere else.

Posted at 07:05 AM in News | | Comments (0) | TrackBack (0)

| | | |

Next »
Simon Bramfitt

Worthwhile reading

Favorite Tweets

Categories