The research [PDF] analyzed detailed information from The Conference Board Help-Wanted OnLine (HWOL) database as conventional employment numbers from the Bureau of Labor Statistics were not suitable to track such a phenomenon as this economic ecosystem is so new.

John Stankey, President and CEO, AT&T: "Data consumption right now is growing 40% a year."

With growth rates less than half of the predictions, a data-driven FCC and Congress has no reason to rush to bad policy. Wireless technology is rapidly moving to sharing spectrum, whether in-building small cells, WiFi, White Spaces, Shared RAN or tools of what the engineers are calling hetnets — heterogenous networks. The last thing policymakers should do is tie up more spectrum for exclusive use; shared spectrum often yields three to ten times as much capacity.

Bad compromises on the video spectrum are unnecessary because plenty of spectrum is unused. That includes the 20 MHz that M2Z would be building out today if Julius hadn't blocked them; the 20 MHz the cable companies are sitting on and want to sell to Verizon; and the 30 MHz or so Stankey identifies as fallow at AT&T.

40% growth is still substantial, but wireless technology is improving at a breathtaking pace. LTE has about 10x the capacity of 2.5G and 4x the capacity of 3G. LTE Advanced, deploying beginning 2013 at Verizon, is designed for 10x the capacity of LTE. Putting more spectrum to use would be great, but let's do it right.

Wireless speeds are actually going up dramatically, with AT&T delivering 2-5 megabits to most of the country and Verizon's LTE delivering 5-12 megabits to 2/3rds of the population. Verizon is ahead of schedule to bring 5 megabits+ to 92% of the country in 2013 and 96-98% in 2015-2016. AT&T and Sprint have raised capex to catch up. 80%+ of the U.S. will have a 5 megabit offering in 2013-2014, 90%+ by 2015 or sooner. That's without any additional spectrum.

Today's wireless networks are designed to be shared: towers, WiFi, White Spaces, DAS and small cells all working together. The best engineers in the world are working on RAN sharing, SON, hetnets, 8x8 MIMO and techniques I'm writing about in my next book, Gigabit Wireless. AT&T in fact is one of the world leaders in DAS, WiFi and femtos and behind the scenes a key thought leader. There's wonderfully exciting stuff I'll be doing my best to translate for non-engineers.

Takeaway: The future is sharing the airwaves so let's get the policy right.

Written by Dave Burstein, Editor, DSL Prime

Lying at the heart of the cycle is the fact that these hot threats have never been particularly new. Within the security community, we tend to talk about the evolution of the threat landscape. If you speak with the relevant experts about a particular threat category you'll uncover that the back story to many of these "hot threats" often goes back a decade or two. Mobile malware threats are certainly no exception.

A history lesson in the evolution of mobile malware is hopefully not required, beyond to say that today's hot threat has evolved over a couple of decades and poses less of a technical challenge than many believe or commonly portray. But as history so often reveals in these cases, when a new threat is similarly labeled and thrust into the limelight for the first time, there's all too often a stampede towards apparently novel and threat-specific solutions.

Solutions (and I use that term very loosely) within the mobile malware threat mitigation arena are increasingly difficult to differentiate from one another. In the confusion of defining a new threat and the nomenclature that accompanies it, the underlying technologies and viability of their approaches can get lost rather easily.

What is the "Mobile Threat"?

When I meet with customers, prospects and journalists, I get a lot of questions about the Mobile Threat. In particular, how should businesses work to defend against it? My immediate response tends to be "what do you define as the mobile threat?"

The term "Mobile Threat" is amorphous — it has become a catch-all to encompass anything not physically tethered to a network and happens to be newish from a technology perspective, and likely subject to some new (previously unencountered) formulation of evilness. That sounds like a kind of wishy-washy definition (and it is), but catch-all's usually are. Instead, I'd rather focus on one aspect of the Mobile Threat — that of the mobile malware threat.

As I described in a blog entry illuminating a handful of security predictions for 2012, mobile malware threats continue to be misunderstood. It's all too easy to dive deep in to the various technologies that expose mobile devices to new forms of attack and vectors of compromise; just as it's rather easy to describe the various built-in technologies that the developers and engineers of the mobile devices have included to prevent many of the "legacy" threat categories we're already all too familiar with.

You could spin a lot of cycles looking into the "what if's" of mobile security threats but, at the end of the day, if you want to determine which threats and attack vectors are going to be the most immediate and protectable concern for your organization you only need to understand two things — how do your employees really use their mobile devices, and how are cybercriminals going to monetize their control of these devices?

For a moment, think about this. While Smartphones and Tablets often share a common operating system and maybe even the same application markets or stores, they are used in different ways, at different times, to accomplish different tasks. For this reason the attack vectors cybercriminals (and espionage-focused agencies) choose to launch against them are different for each category of mobile device. The tools — of which the most commonly encountered category is "malware" — are likely to be transportable between devices, but the vectors for installation and the type of meaningful information that can be extracted via them are quite different.

When it comes to the cybercriminals that target mobile devices (which constitute the core element of the "Mobile Threat"), it is interesting to note that they're pretty much the same entities that have been historically successful in targeting traditional non-mobile devices. That shouldn't really be a surprise to anyone — it's all about monetizing the victims. If a particular cybercriminal group specializes in online banking fraud and a third of their potential target list shifts to tablet-based banking applications, they need to make a business decision — do they target the new platform or optimize their attacks against the traditional devices. As mobile application use increases, there's an increasing driver for cybercriminals to invest in new mobile tool development. Similarly, if employees are wirelessly connecting to corporate systems and assets using mobile devices in preference to other traditional platforms, the attackers are forced to target these new devices and develop the appropriate tools.

It's important to note that, while the end-point device is physically changing and the specifics of the tools the criminals need to develop and install upon the compromised devices is also changing, at the enterprise network and Internet infrastructure level there has been no change in criminal behaviors; nor is any change actually needed by them. The vast majority of C&C communications are HTTP-based regardless of the malware family or compromised device type. By speaking the same language, the cybercriminals can keep their existing infrastructure… business as usual!

Written by Gunter Ollmann, VP of Research at Damballa

How exactly did I measure this? I took five devices and visited the main entry points for the latest Alexa Top Global Sites list. I compared the size of the returned HTML document for each of the devices in question to see if server-side redirection and/or adaptation was being used. To avoid having to actually view the resulting page from each device I used the page byte size as a proxy measurement: if different user-agent strings resulted in significantly different returned HTML byte size for the same URL, I count this as server-side device detection at work. Where known, I used the full set of HTTP headers for each device in addition to the correct user-agent string.

Server-Side Mobile Web Adaptation
	Top 10 Sites	Top 25 Sites	Top 100 Sites
None	0%	4%	18%
Some	20%	8%	8%
Extensive (greater than 3 versions)	80%	88%	74%
Any adaptation at all	100%	96%	82%

Google is the star performer, fine-tuning all of its properties in all territories. The most notable non-adapting sites in the top 25 are Apple and Craigslist (to be fair to Craigslist their site is quite efficient thanks to its spare use of images).

In conclusion, while the blogosphere is full of lively debate about new methods of achieving mobile adaptation using JavaScript, progressive enhancement and media queries, the data show that the giants in the web arena are using server-side device detection techniques to achieve this goal. The techniques are not mutually exclusive of course, but pragmatism suggests that the method used by the big brands is at least worth a look.

Testing Notes

• A few of the Alexa top 100 sites are not sites designed to be browsed as such e.g. googleusercontent.com and t.co
• The main entry point for the Wikipedia (wikipedia.org) does not use device detection but all of the language-specific entry points do e.g en.wikipedia.org and es.wikipedia.org etc. For this reason I counted this as a site that uses adaptation since search results usually send you to the language-specific entry point.
• A bug in the library that I was using to crawl the sites caused failures for a handful of them so I checked these by hand.
• This method of counting server-side device device detection probably under-counts if anything since some sites may use server-side image resizing as a means of adaptation without changing the containing HTML document.
• Sites can use device detection simply to redirect browsers to a more mobile-friendly site and/or adapt the HTML to the particular device in question.

Mobile Devices Used

• Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
• Mozilla/5.0 (iPhone; CPU iPhone OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3
• Nokia6300/2.0 (05.00) Profile/MIDP-2.0 Configuration/CLDC-1.1
• SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0
• DoCoMo/2.0 N905i(c100;TB;W24H16)

Written by Ronan Cremin, Director of Engineering at dotMobi

It is January 2012 and we keep our heads above the mobile data deluge, even if barely, thanks to a gathering avalanche of LTE networks.

Even the wildest prognoses proved conservative as the GSMA was betting on a more 'managed' progression through intermediate steps of gradual increases reasoning that the use of existing investments should be maximized while price declines and threats to existing roaming and SMS revenues also had to be 'managed'. Continuity implies to postulate that transitions should be gradual, not chaotic or highly disruptive. The last two years, however, turned out to be rather disruptive after a plateau of relative tranquility powered by a steady traffic and revenue growth in the wireless data world. But over the last year we have rather unexpectedly seen industry pillars including Microsoft, Nokia and RIM heaving and creaking under the mobile broadband gusts. Once unassailable Symbian now fades away and Android dominates the charts. Cloud computing combined with ever more Intelligent and versatile end devices is likely to further upset a relatively stable decade when some dominant computer and handheld operating systems were revenue and profit gushers with every new version they issued.

It still holds that faced with deluges of data and floods of handsets and applications, a drought of IP addresses might be perceived as a rather minor issue in the scheme of big things that would be resolved in due time anyway. As address depletion became a reality, the excitement was limited to the circles of digerati and cognoscente but went largely unnoticed by the vast majority. Not so when broadband networks fail to deliver enough bandwidth to provide a satisfactory user experience.

Back in June of 2009 there were no LTE networks operational. Ten of them were forecasted to go live by the end of 2010. The very first to become commercial was Teliasonera in Norway and Sweden on December 14th 2009. In the US, MetroPCS was first of the mark on September 21st 2010 followed by Verizon Wireless on december 5th the same year. In Canada, we saw Rogers Wireless start LTE service in july 2011 with Bell following in September 2011, the same month as AT&T Mobility.

Latest GSM Association figures (registration required) show us that as of January 5th 2012 we have 49 operational LTE networks in 29 countries and 229 deployment commitments in a total of 79 countries. And obviously LTE networks have to be able to talk to each other. This in turn is generating furious activity to deploy IPX exchanges to provide data and voice roaming in an all IP environment, a topic by itself, and keeping a number of us quite busy over the last six months.

And what about IPv6 in all of this? It is or soon will be under the hood. Verizon announced from the start that their devices would support IPv6 as recommended in the LTE specifications and they kept their word. Some mobile network operators have been rather discreet but are quietly working on their IPv6 deployment. They consider upcoming IPv6 support as implicit; IP addresses are IP addresses, their format is irrelevant to the general public.

Mobile operators often cited lack of LTE ready enabled end devices as a delaying factor. That argument is now passé. End of October, the GSA listed 197 LTE enabled devices from 48 manufacturers, up threefold since February 2011 and the list includes 27 smart phones. And If you happen to be enjoying the Consumer Electronics Show in Vegas this week, LTE devices are hot!

Now that both voice and data are becoming more widely available as voice over LTE concerns move backstage, competitive pressure should start working its magic. The choice and the application versatility of LTE enabled devices associated with quality of service and adequate pricing is what turns on a mobile broadband hungry public.

We already start to feel the acceleration of the LTE powered mobile broadband bullet train. The art will be to translate this in IPv6 traffic growth forecasts. I have a vague feeling that the most accurate forecasts will unlikely be based on some prudent extrapolations.

Let IPv6 enjoy the LTE ride.

Written by Yves Poppe, Director, Business Development IP Strategy at Tata Communications

The world's congested mobile airwaves are being divided in a lopsided manner, with 1 percent of consumers generating half of all traffic. The top 10 percent of users, meanwhile, are consuming 90 percent of wireless bandwidth.

The Times article had another tidbit in it:

Arieso researchers, in their latest survey, found that users of Apple's iPhone 4S downloaded 276 percent more data from an operator's network than did people with the Apple 3G, which has been on the market since June 2008.

Arieso said that part of the reason for the increase in download volumes may be Apple's Siri voice feature on the iPhone 4S which allows consumers to dictate to the phone and enter more text and data into the network in an easier way.

Other news outlets picked up the story and lost all perspective. The Globe carried a Reuters story titled "iPhone 4S devours data twice as fast as previous model". Let's overlook the mathematical incorrectness of the headline ("twice as fast" would have meant only 100% more data, not the 276% — or nearly 4 times as much). The Financial Post carried a Bloomberg story proclaiming in its headline "Siri doubles iPhone data usage".

The Globe/Reuters story more accurately hints at user consumption patterns, rather than the device itself, but it doesn't do much more than recite raw data:

IPhone 4S users transfer on average three times more data than users of the older iPhone 3G model which was used as the benchmark in a study by telecom network technology firm Arieso.

Data usage of the previous model, the iPhone 4, was only 1.6 times higher than the iPhone 3G, while iPad 2 tablets consumed 2.5 times more data than the iPhone 3G, the study showed.

It is possible — and more likely — that the data is demonstrating important market information: that the heaviest users of mobile data are the ones most likely to own the latest devices. It isn't the device that is "devouring" data; it is power users that own the devices. These are the early adopters — the people who line-up to buy the latest device on launch day.

That was what I found most interesting, with important implications for consumer marketing and network development strategists.

Written by Mark Goldberg, Telecommunications Consultant

We've also extended the property set of DeviceAtlas Cloud Premium to include all of the multimedia properties, making the property set at par with DeviceAtlas Enterprise.

The major focus for these new properties is HTML5, which allows advanced Web apps to be completely optimized and provide a faster, richer experience for end users. Having these properties on the server side means fewer requests for the client and less content that has to be sent. It's a win-win on both sides!

We've also introduced a number of standard JavaScript properties that nicely complement the HTML5 set. Many devices, especially non-smart phones, have inconsistent support for JavaScript. These properties take the guesswork out and allow appropriate content to be sent to all users.

The other new property of note is Display PPI. This returns the pixel density for a device's screen and can be used with the resolution properties to produce images that look sharp on any screen. Many new devices are being introduced with high-resolution "retina" displays, so it is becoming increasingly important to take pixel density into account when resizing images for devices.

This release also brings a new mobile site, built using the award-winning goMobi platform and full access to the Data Explorer for all registered users.

All of the new properties can be found listed on the property pages in our Resource Center.

Top 10 Featured Blogs in 2011:

1. A Fairness 'Scorecard' for Trademark Protection Under the New gTLDs
   By Konstantinos Komaitis, Feb 23, 2011 (33,350 views)
2. IP Addressing in the New Age of Scarcity
   By Peter Thimmesch, May 27, 2011 (21,563 views)
3. Smartphones: Too Smart for Mobile Operators?
   By Henry Lancaster, Aug 03, 2011 (21,144 views)
4. On Mandated Content Blocking in the Domain Name System
   By Paul Vixie, Mar 18, 2011 (16,315 views)
5. Court Approves Nortel's Sale of IPv4 Addresses to Microsoft
   By Benson Schliesser, Apr 27, 2011 (13,173 views)
6. The Design of the Domain Name System, Part VIII - Names Outside the DNS
   By John Levine, Sep 17, 2011 (12,399 views)
7. Top Public DNS Resolvers Compared
   By Michael Meisel, Apr 07, 2011 (12,217 views)
8. Why the Lawsuit Against .XXX Maybe the Best Sales Tool Ever For New gTLD Applicants
   By Michael Berkens, Nov 17, 2011 (9,466 views)
9. Independence and Security Online Have Not Yet Been Won
   By Mike Dailey Jul 03, 2011 (9,373 views)
10. Comcast’s Impressive System for Notifying Infected Users
    By J.D. Falk, Mar 01, 2011 (9,216 views)

Top 10 News in 2011:

1. New Top-Level Domains Approved By ICANN
   Jun 19, 2011 (44,312 views)
2. ICANN Approves .XXX
   Mar 18, 2011 (20,936 views)
3. Experts Urge Congress to Reject DNS Filtering from PROTECT IP Act, Serious Technical Concerns Raised
   May 26, 2011 (12,284 views)
4. Microsoft Offers $7.5 Million to Buy 666,624 IPv4 Addresses
   Mar 25, 2011 (9,600 views)
5. Egyptian Government Shuts Down Most Internet and Cell Services
   Jan 28, 2011 (3,988 views)
6. US Government Domain Seizure Results in Unintended Shutdown of Thousands of Websites
   Feb 16, 2011 (3,962 views)
7. J.D. Falk: 1974 - 2011
   Nov 17, 2011 (3,918 views)
8. Cybercriminals Shifting Focus From Windows PCs to Other Systems and Mobile
   Jan 20, 2011 (3,823 views)
9. Researchers Report New Method for Detecting Domain-Fluxing
   Mar 28, 2011 (3,633 views)
10. Microsoft, Federal Agencies Take Down Rustock Botnet
    Mar 18, 2011 (3,607 views)

Top 10 Industry News in 2011 (sponsored posts):

1. Google Says "Think Mobile" ...and then goMobi
   By dotMobi, Feb 15, 2011 (6,120 views)
2. The Botnet-Counterfeit Drugs Connection
   By MarkMonitor, Apr 01, 2011 (4,928 views)
3. New gTLD Timeline Announced and .XXX Approved
   By MarkMonitor (4,253 views)
4. Second Half 2010 "Dashboard" Domain Name Report - Released
   By PIR, Feb 14, 2011 (3,666 views)
5. MarkMonitor Report: How Scammers Generate Significant Traffic Promoting Suspected Counterfeit Goods
   By MarkMonitor, Feb 01, 2011 (3,536 views)
6. AusRegistry Int. and Crowell & Moring Join Forces to Support New Top-Level Domain Applicants
   By ARI Registry Services, Mar 14, 2011 (3,507 views)
7. Celebrity Marketing Guru Jeffrey Hayzlett to Promote New TLDs for AusRegistry International
   By ARI Registry Services, Jun 17, 2011 (3,472 views)
8. Minds + Machines’ Parent Company, TLDH, Appoints Peter Dengate Thrush as Executive Chairman
   By Minds + Machines, Jul 17, 2011 (3,457 views)
9. DNSSEC is Just the Beginning
   By .CO Internet, Mar 02, 2011 (3,421 views)
10. Landrush for New Domain Extension - .GR.COM
    By CentralNic, Jan 11, 2011 (3,421 views)

Written by CircleID Reporter

2011 has been a significant year for the technology sector globally. Information technology is touching more people in more ways than ever before.

Developed markets will be considering a 2012 in which business innovation, competitiveness, and service differentiation are built on ubiquitous broadband, cloud computing, smarter mobile computing, and an increasing plethora of Internet-connected devices. By contrast, securing the technology future for developing markets demands that attention be placed on more fundamental issues.

Here are five key tech issues for the emerging markets in 2012.

Internet Infrastructure

The build-out of critical Internet infrastructure is critical to economic diversification and sustainable development. Initiatives to improve routing of domestic Internet traffic and provide new, more optimal routes for regional Internet traffic must be accelerated through the build-out of Internet exchange points (IXPs). One top of the exchange points must come expanded terrestrial and mobile broadband networks.

Implications: Internet service providers (ISPs), governments, and businesses must work together for a faster roll-out of national and regional infrastructure. This is the key to unleashing ICT-based innovations and spurring the market for digital content and mobile service delivery.

Incentive Regulation

The agenda for infrastructure development must be guided by informed government policy. This is particularly crucial in smaller economies where market size does not present sufficient incentive for private sector investment. Incentive regulation to improve the current weak frameworks for stimulating growth and protecting consumer interest in the ICT sector will be demanded by the private sector. At the same time, governments will increasingly recognize that national benefits of ICT-enabled growth are too important to leave to the private sector to set the implementation agenda. More stakeholders will call for ICT adoption to be set within a wider context of national development.

Implications: Regulators have to adapt more quickly to technology changes. They must take the lead in ensuring that market forces align to social development objectives. Done well, this can translate to increased business innovation, improved delivery of government services, and greater consumer choice.

Cybersecurity

Cybercrime will increasingly challenge resource-constrained businesses and governments. Businesses, especially those with large, high-value networks, like financial services providers and energy companies, will require greater support cover not just nationally but regionally. A coordinated approach is critical to guiding national action and ensuring consistency and compatibility of action among nations. If regional governments are to secure their information and communications systems, identifying and investing in a central point of coordination for cybersecurity must be a top priority.

Implications: Governments must put aside petty internal and intra-regional differences and cooperate fully to ensure that cybercrime does not disrupt already fragile local economies and markets.

Mobile Phones, Mobile Apps, Mobile Services

Growth in mobile computing uptake and the availability of mobile apps that address local needs will continue. It will be driven by consumer-focused apps, but eventually business apps will catch on. As smartphones proliferate and mobile providers upgrade their networks to provide customers with faster mobile broadband access, software developers will have greater incentive to build apps. The improved user experience resulting from faster mobile data plans means that consumers will also have greater interest and incentive to use mobile apps and services.

Implications: The education sector must evolve to supply the human resources needed to support, not only the creation of digital content, but the development of new, digitally driven innovation and enterprises. This will create opportunity in the private and NGO sectors for training and capacity building beyond the traditional approaches.

Open Data

As governments increasingly recognize the potential of open data, they will move to make their datasets publicly accessible. Progressive administrations will seize the opportunity to demonstrate their commitment to transparency and accountability. Of course, they will also benefit by shortening the timeframe of new service roll-out and shifting the burden to innovators and entrepreneurs.

Implications: A huge opportunity has opened for entrepreneurs, researchers, and society. More public awareness is needed to stimulate innovation, collaboration and, most important, more efficient, personalized services for citizens.

Onward to 2012

There is wide recognition of the value of building knowledge-based economies and of investing in technology-driven systems. These are fundamental to economic and national development. There is also no denying that the technology revolution is exposing antiquated infrastructure and institutional processes; testing the philosophy and approach to education; highlighting the imperative for new approaches to human resource development; and creating new, strategic challenges for business, education, and political leaders alike.

Advances in technology have exacerbated the vulnerability of states to externally developed and controlled intellectual capital. The central role of information and communications technology in modern society amplifies the debate on priority and significance of deliberately cultivating and securing indigenous intellectual capital.
From all indications, 2012 will be a continuation of the positive trends and innovations that gained momentum in 2011. The most forward-thinking, innovative organizations will continue to adopt and deploy technologies to improve efficiencies and better engage customers and citizens.

In 2012, these developments in emerging markets will require strong, ethical leadership to ensure that investment in technology is matched by commitment to equitable social development.

Written by Bevil Wooding, Internet Strategist, Packet Clearing House

"While Google was an early investor in the dotMobi company, all formal financial ties were dissolved between dotMobi and Google — along with its 13 other former investors — in February 2010, when Afilias acquired 100% of dotMobi. Today, dotMobi is a successful and wholly owned subsidiary of Afilias."

Hal Lubsen, CEO, Afilias, said, "While Google was an early investor in the dotMobi company, all formal financial ties were dissolved between dotMobi and Google — along with its 13 other former investors — in February 2010, when Afilias acquired 100% of dotMobi. Today, dotMobi is a successful and wholly owned subsidiary of Afilias."

dotMobi continues to be the ICANN-appointed registry for the .mobi top-level domain and also continues to create award-winning products like goMobi, the mobile website builder, and DeviceAtlas, the mobile device detection database.

The year still has a couple of weeks to rock on before we can comprehensively summarize the events and trends of 2011. I'm sure there will be a bunch of annual threat reports preempting the end of year — extrapolating trends etc. in order to get the jump on reports that use real data. At the highest level of navel gazing you could probably sum up 2011 with one word — "More". The bad guys got richer, more successful, invented a few new attack vectors, and generally grew in numbers; meanwhile the good guys got more efficient at causing the bad guys pain, but continued to be outspent by the bad guys.

But let's put that aside for now. What does 2012 hold in stall for us?

It's easy enough to predict the future when you're merely commenting upon the trends of past years and projecting "more" of the same. While I can offer no shortage of meaningful predictions for 2012 across a broad range of threat and security categories, I thought it would be fun to pick three topics that stole much of the limelight of 2011 — Advanced Persistent Threats (APT's), mobile malware and botnet takedowns.

So, without further ado, here are a handful of predictions for 2012.

APT Bonanza

The volume of persistent attacks directed at large corporations will continue to increase and the victims will continue to feel as though they have been specifically targeted. There will thus be a presumption of sophistication to successful penetrations, which will lead to more organizations concluding that they have been the victim of an APT — which, after more detailed analysis and external input, will increasingly be revealed as false claims.

• More attacks will be labeled as APT's due to misunderstanding by the victims, or because of an implied "get out of jail" tactic when public disclosure of the breach is mandated by law.
• External analysts and security firms will dedicate more time and resources to analyzing breaches that are disclosed as "APT's", and will be more vocal in correcting false claims.
• A growing unease will be attributed to the "cry wolf" mentality of labeling breaches as APT's throughout the year.
• Real APT attacks will increasingly be lost in the noise of falsely-claimed APT's, and the sophisticated attackers will be able to further obfuscate the intent of their attacks.

Mobile Malware threats will continue to be misunderstood

Mobile malware will divide into two streams — Smartphone malware and tablet crimeware. Both mobile malware streams will be similarly unimpressive from a threat sophistication perspective, however their criminal intent will direct their evolutionary changes. Tablet crimeware will develop at a faster pace than Smartphone malware in 2012 as the opportunities to defraud potential victims on tablet systems grow quicker.

• The hype around mobile malware will continue to exceed the threat and the cybercriminals capabilities in 2012 — but the cybercriminals and security researchers will strive to meet that hype.
• As mobile systems become more usable for day-to-day financial transactions and online stores tune their shopping portals for larger-screened mobile devices, cybercriminals will increasingly target these platforms. This crimeware (and injection vectors) will be more "traditional" and a closer facsimile of current generation PC-based crimeware capabilities than many have projected in the past.
• Smartphones, long seen as "the" mobile threat vector and with the longest history of malware abuse (e.g. Symbian-based malware and premium-rate fraud), will technically be susceptible to the same malware as that affecting tablet systems — but will not be the primary target of attack.
• Cybercriminals that develop malware specifically for Smartphones will increasingly target the devices for propagation purposes — seeking to infect other (traditional) corporate systems and to breach corporate VPN's.
• In the corporate realm, the Bring-Your-Own-Device (BYOD) consumerization of IT will entice cybercriminals that target enterprise networks to innovate new attack and propagation vectors. Throughout 2012 new vectors will be theorized and may be developed as proof-of-concept tools, but the hype will be bigger than reality because there are technical hurdles within the operating systems of the mobile devices that have yet to be overcome.
• Security conferences of a Black Hat ilk throughout 2012 will uncover and illustrate new vectors that subvert the underlying mobile device operating systems that will be leveraged in the 2013 timeframe for the targeted propagation of crimeware via BYOD
• The traditional invasive and "scary" mobile malware capabilities (e.g. eavesdropping on the victims calls, tracking the device owner, etc.) will not advance in 2012 and will continue to be potential capabilities rather than primary objectives for attackers.
• The first generation of commercial "DIY" mobile crimeware construction and attack tools will be developed and sold by enterprising cybercriminals
• Large scale botnets will not exist on the mobile platforms in 2012. There will be several "proof-of-concept" botnet implementations and theoretical attacks but, from an overall global threat perspective, they will be insignificant.

Botnet takedowns will be ineffective

Despite a number of public and media-hyped botnet takedowns in 2011, and the prospect of increased takedowns in 2012, the overall impact on cyber-criminal operations will decrease. In response to the 2011 takedowns, cybercriminals will change some of their management tactics, further distribute their command-and-control (C&C) infrastructure, and invest in improved and more diverse infection vector operations.

• Professional criminals who build and monetize botnets will invest in more robust crimeware distribution technologies and services. The capability to infect 10,000+ computers per day will be more important than the marginal loss of 3-year old botnets with only a few hundred thousand infected devices.
• Botnet C&C infrastructure will continue to become more agile — flitting between domain names, IP addresses and physical locations at an increasing pace. In 2011 this agility was measured in weeks; by the end of 2012 it will be measured in hours.
• Botnet operators will add more layers between themselves and their victims. In 2011 cybercriminals increasingly adopted the use of commercial anonymous VPN services to connect to their C&C servers, and deployed C&C proxies between the botnet victims and the real C&C servers. In 2012 we can expect this trend to continue and there is a high probability that multiple layers of C&C proxies will be adopted to further protect the cybercriminals C&C investment.
• Noisy botnets (i.e. Spam botnets and DDoS) will continue to be the focus of legal botnet takedowns. In response, cybercriminals will in most cases reduce the noise of their botnets and will also further segment their botnets to ensure that the entire botnet is not lost in a single takedown operation.
• Botnet takedown attempts will become more "risky" as the takedown entities become more comfortable with the process. Risk will be introduced as the entities pursue remote clean-up and remediation of victim devices.
• "Good guy" botnet remediation services will become a commercial reality in 2012. As multiple security vendors and academic institutions focus upon the botnet menace they will uncover more vulnerabilities lying within the heart of both the botnet malware and the C&C portal software. There will be growing pressure to exploit these vulnerabilities for the purpose of usurping control of the botnet from the cybercriminals hands and to issue appropriate shutdown and uninstall commands directly from the compromised C&C servers.

I wonder how many of these predictions will come to fruition? I guess we'll find out in 380 days.

Written by Gunter Ollmann, VP of Research at Damballa

cPanel and dotMobi today announced the immediate availability of the goMobi mobile website builder via the cPanel platform. This means cPanel Web hosting companies can now offer their customers a unique, leading-edge way to connect with on-the-go consumers and prospects.

With the rapid rise in mobile Internet usage, goMobi gives Web hosting companies a proven way to open the massive opportunity of the mobile Web to their customers. According to recent research from Web performance measurement firm Gomez, over 50 percent of consumers are more likely to buy from a store with a mobile website, so the demand for mobile sites is only set to grow. The goMobi cloud service can build a sophisticated mobile friendly website in minutes at a price point designed for small-to-medium businesses.

With goMobi, cPanel users can offer a very powerful, yet easy to use, mobile site builder. cPanel is launching a substantially enhanced version of goMobi, which brings a range of new templates, the ability to create custom forms, video content embedding, and integration with leading m-commerce solutions like PayPal and Google Checkout. Users can generate the mobile site using existing (or new) Web content, and add a range of updated features like "click to call," Google Maps integration, social networking integration, and automated QR code creation. Such features come as standard offerings with goMobi and have proven to convert clicks into sales. goMobi sites can reside on any Internet domain like .info or .mobi, and will work on more than 7,500 models of Web-enabled mobile devices and handsets.

"Mobile has changed how customers interact with businesses. Only businesses that are able to provide a great mobile experience will be successful in this new market. We are delighted to be partnering with cPanel as we roll out goMobi to the hosting industry," said Eileen O'Sullivan, COO of dotMobi.

cPanel Vice President of Operations, Aaron Phillips, said, "We are pleased to have goMobi in the suite of tools cPanel users can offer their clients. Web hosting companies are seeing a daily increase in the demand for a solid, but simple, mobile Web solution. And that is exactly what dotMobi offers with its goMobi service. It's a cost-effective way for any business to create and manage a mobile website while giving hosting companies a profitable way to help those customers."

goMobi is available as a cPanel application with a fully integrated WHMCS module for billing and client management. For more details, visit http://goMobi.info.

About cPanel

Since 1997, cPanel has been a leading innovator and developer of control panel software for the Web hosting industry. Headquartered in Houston, Texas, cPanel builds software that allows Web host professional to transform standalone servers into fully automated point-and-click Web hosting platforms. cPanel licensed software allows owners of servers and websites, along with resellers and developers, to optimize their technical resources and replace tedious shell-oriented tasks with dynamic, intuitive Web-based interfaces.

Poverty reduction is the first, and arguably most urgent, Millennium Development Goal (MDG) of the United Nations, but for many people in developing countries, information poverty rapidly becomes actual poverty. Lack of education, illiteracy, lack of nutrition or access to health resources, lack of aspirations — the causes of poverty are complex, persistent and difficult to overcome. Figures vary, but around 10 million people still die every year from hunger, and present trends in rising food prices and the global economic crisis may have pushed tens of millions more back into poverty, with women and girls often the most at risk, according to UN analysis. For many people, better access to information could make a real and significant life-changing difference.

Mobile applications and customized services can deliver concrete benefits promoting healthcare and education to raise awareness and help achieve public health goals. m-Health applications offer huge promise through lower costs and greater coverage to improve the quality of healthcare, as well as shifting the focus in behaviour towards preventative healthcare, rather than curative healthcare. Examples include: the treatment and management of health (e.g. by reminding, registering or transmitting readings for diabetes or blood pressure); better health data to improve decision-making; applications for treatment plans (e.g. in HIV retroviral adherence plans); or applications for awareness-raising and information dissemination throughout the community at large, following community-based approaches towards achieving improved health outcomes as a social construct.

In education, mobiles could put a teacher into the hand of every schoolchild, woman and parent. Educational apps are being devised with local language content to teach literacy, numeracy, geography or safety or hygiene awareness. Children can learn more about prospects and opportunities in certain fields. Even more valuable, they can familiarize themselves with ICTs and learn fresh skills — skills that will stand them in good stead in a field where the shortfall between labour requirements and skilled labour is projected to widen significantly over the next ten years.

More broadly, expanding access to mobiles can open up young and old minds alike to new opportunities, new sources of information and fresh perspectives. They may also create an enabling environment for innovation, experimentation and fresh thinking, even within established societies with traditional perspectives — for example, in agricultural or rural societies, which can experiment with new and innovative development initiatives.

Written by Paul Budde, Managing Director of Paul Budde Communication

More from this report: "The biggest concern with mobile malware are the limited capability of current security solutions and the vulnerability of the general user base. An organization's PC is controlled by the IT security team, whereas an employee's own mobile device that is being used to access and store corporate data is likely not controlled by the security team. Organizations will need to extend their security policies, including providing secure Internet browsing to their mobile devices while ensuring that personal devices accessing the company Wi-Fi and networks can be included under the same policies. This, coupled with the relative infancy of mobile anti-malware solutions, results in M86 Security Labs labeling this area as one of the most concerning areas for cybercriminals to exploit in 2012."