By now I'm sure we are all aware of the potential risks of wireless networks, and the threat to both corporate and home users from hackers, crackers, worms, viruses, spammers and the like. Whether it be corporate espionage, simple mischief or malicious script kiddies, the damage is quickly done and the consequences can be far reaching and long lasting. Articles are being written not just in the technical press, but also in the national dailies, warning of vulnerable WiFi networks being deployed at an alarming rate, and companies exposing their entire corporate networks through careless installation of access points in their offices.

However, how many have considered that the mobile phone or PDA in their pocket could also be a problem? With the increasing convergence of phone and network aware devices, come new and often unnoticed threats. Features such as built-in cameras, wireless networking, Bluetooth, calendars, phone books, all present their own particular problems, and associated risks. If we think of each feature by category, it becomes clear that they each have their own expected security perimeter, and it is this that is quietly being expanded and, potentially, exposed.


For example, let's look at phone books and calendars. Your personal phone book will normally live in several places – on a card index, in a personal computer, and, nowadays, on your mobile phone. The perimeters, therefore, are the walls of your office, the LAN that your PC is connected to, and the pocket that your phone is carried in. If none of these are breached then your data is, in theory, safe. Or is it? The fact that these devices are becoming network aware means that they may be unwittingly creating a path that extends these perimeters way beyond that which you originally planned for or expected. Other service categories' boundaries may start to overlap in unexpected ways, and a change to the way, say, voice signals are handled, may compromise the security of your image, calendar or phone-book data, even though they are nominally unrelated.