2012 was the year when Samsung Electronics Co. overtook Nokia Corp. in overall handset sales and Apple Inc. in smartphones. But 2013 is shaping up to be a much more competitive landscape. Not only are low-cost smartphone makers in China jostling in to take away market share, but there will also be newcomers in the market, like Finland-based Jolla, a company formed by ex-Nokia engineers. The start-up, which opened its Asia headquarters in Hong Kong in December, is looking to launch a high-end smartphone in the first quarter of 2013. The Wall Street Journal spoke with Jolla’s co-founder Sami Pienimaki about the start-up’s expansion plans.
The following interview has been edited.
WSJ: Where does the name Jolla come from?
Mr. Pienimaki: It means a one-man sailor boat in Finnish. The idea is that there is this big sea with great opportunity. You start to sail yourself there alone – it’s a bit of an adventure and a bit dangerous, but you still want to take this adventure because you see that there is this great opportunity. Nokia was going through a massive transition in 2011 with lots of layoffs and we were able to recruit key talent including engineers that had worked on the MeeGo project. (MeeGo is a mobile operating system that Nokia was developing with Intel Corp. until the project was abandoned in early 2011.)
WSJ: How big is the company now and what are your expansion plans?
Mr. Pienimaki: We have a bit more than 50 people, mostly in Finland and two RD sites. And we are now ramping up other locations. We have a data center in Cyberport, in Hong Kong. In China, we have a sales and marketing agreement with a retail chain called D-Phone. The deal was signed in July.
Jolla’s smartphone user interface
WSJ: In addition to developing a smartphone, Jolla is also working on a mobile operating system that could become a competitor to Android and Apple’s iOS. Tell us about your platform called Sailfish.
Mr. Pienimaki: It’s an open source platform but we have proprietary elements in it. The core operating system components are very much open source. It has a full operating system and a user interface. It allows for multi-tasking.
WSJ: How do you plan to generate revenue?
Mr. Pienimaki: We want to sell Jolla-brand phones and license our Sailfish operating system so that OEMs can use the operating system. We are a challenger in the marketplace and it will take time. But there is a good opportunity with the operating system. It’s one of the few independent options available in the market.
WSJ: Longer term, do you want to be seen as a company that makes smartphones or do you want to be like Google, offering software?
Mr. Pienimaki: We understand the needs and the challenges of the marketplace and we know how to make a competitive combination of hardware and software. It’s a very challenging engineering environment and we truly understand that. By introducing a new user interface, applications and innovation through the platform, we’d be showing the way.
WSJ: When can consumers see Jolla phones?
Mr. Pienimaki: Hopefully in the first quarter of next year.
WSJ: How will you price your smartphone?
Mr. Pienimaki: It makes no sense to go to the low-end. We will kill ourselves going there. For the Sailfish operating system, it also doesn’t make sense for us. It’s a much more feasible and sustainable model that we position this as a something that is different, unique and offers scale for the users. So it makes sense to focus on the premium segment of the market. Sailfish can also be used on set-top boxes, smart TVs and in the automotive industry.
WSJ: Can you give us an update on your fundraising? Would you look at an initial public offering?
Mr. Pienimaki: We are looking at an IPO in 2013 but that’s something we’ll communicate more next year. It’s definitely an option for us.
WSJ: Where would you list?
Mr. Pienimaki: Hong Kong would be a possibility, but it’s likely that we’ll look first at Scandinavia. But it’s something that’s still under planning.
SEATTLE — Android smartphone users beware. Spammed text messages have begun circulating that can infect your handset, causing it to continually send virulent text messages to thousands of live phone numbers each day.
That discovery comes as hackers continue to probe the Android platform, in particular, for security holes with no slowdown expected in 2013.
“The mobile threat continues to grow at a very rapid pace with threats only increasing in complexity,” says Dan Hoffman, mobile security researcher at networking technology firm Juniper Networks.
Messaging security firm Cloudmark Research recently discovered a virulent spam campaign that is sending text messages to Android users offering free versions of Need for Speed Most Wanted, Angry Birds Star Wars, Grand Theft Auto and other popular games.
By installing the free app, the user actually downloads a hidden program connecting their handset to a command and control server in Hong Kong, says Cloudmark researcher Andrew Conway. The Hong Kong server next sends the handset a list of 50 phone numbers, copies of viral messages and instructions to begin sending the messages to each of the numbers.
Previously, Android spammers had to assemble and activate dozens of SIM cards — the chip at the heart of cellphones — and each card acted as an individual spam-blasting phone. But that can get expensive, and carriers have gotten better at detecting and blocking such campaigns.
Using infected Android handsets, instead, is akin to how spammers use infected PCs to spread spam.
“If they can get their malware on a bunch of different handsets, and, indeed, have enough handsets so it’s difficult for them all to get detected and shut down, that vastly improves the economics for spammers,” Conway says.
The victim can lose in two ways. If they don’t have an unlimited texting plan, the next phone bill could be a whopper. It takes about 65 seconds to automatically text 50 phone numbers, after which the Hong Kong server sends a fresh batch of numbers. So each infected phone can blast thousands of viral text messages a day.
What’s more, the malicious program also blocks incoming messages from anyone not on the user’s contact list. “So the phone company or a friend can’t text you back and say, ‘Stop sending me spam,’” Conway says.
In such cases, the carrier could decide to unilaterally shut down the user’s text-messaging capabilities, he says.
Cloudmark estimates that only a few thousand Android smartphones have been infected, though tainted text messages continue to circulate. More worrisome is the notion that this attack could be a precursor of what’s to come in 2013, especially for Android users.
Apple, Microsoft and Research In Motion smartphones are much less targeted. That’s because Google designed Android as an open system, making it easy for handset makers and Web-application developers to jump on board. Android has become the world’s most popular smartphone platform. But it has also become the biggest hacker target.
Juniper Networks has tracked a 350% increase in malicious and invasive apps targeting mostly Android users in 12 months through the end of October. “Attacks are becoming more malicious and clandestine,” says Juniper’s Hoffman.
Conway advises Android users to stick strictly to Google’s official application store, Google Play, and ignore unsolicited offers that arrive by text message. If you see a suspicious text message offer, forward it in a text message to 7726, a free service set up by the carriers to eliminate spam.
Google Play is a “99.99% trustworthy” because the search giant is on high alert for hackers and fixes any breaches quickly.
“You’re much safer going to Google Play than from any other source, especially ones from Asia,” Conway says. “If an offer is too good to be true, it’s a fake.”
From an attacker’s perspective, malware doesn’t need to be elegant or sophisticated; it just needs to work.
That’s the ethos behind a recent spate of Trojan applications designed to infect smartphones and tablets that run the Android operating system, and turn the devices into spam-SMS-spewing botnets.
By last week, the malware was being used to send more than 500,000 texts per day. Perhaps appropriately, links to the malware are also being distributed via spam SMS messages that offer downloads of popular Android games–such as Angry Birds Star Wars, Need for Speed: Most Wanted, and Grand Theft Auto: Vice City–for free.
[ Anonymous hacks Westboro Baptist Church in aftermath of Connecticut school shooting. Read more at Anonymous Posts Westboro Members' Personal Information. ]
Despite the apparent holiday spirit behind the messages, however, it’s just a scam. “If you do download this ‘spamvertised’ application and install it on your Android handset, you may be unknowingly loading a malicious software application on your phone which will induct your handset into a simple botnet, one that leverages the resources of your mobile phone for the benefit of the malware’s author,” according to an overview of the malware written by Cloudmark lead software engineer Andrew Conway.
The malware in question uses infected phones “to silently send out thousands of spam SMS messages without your permission to lists of victim phone numbers that the malware automatically downloads from a command and control server,” said Conway. Of course, the smartphone owner gets to pay any associated SMS-sending costs.
An earlier version of the malware was discovered in October, disguised as anti-SMS spam software, but it remained downloadable for only a day. “Apparently using SMS spam to promote a bogus SMS spam blocking service was not an easy sell,” said Conway. Subsequently, the malware was repackaged as free versions of popular games, and the malware’s creator now appears to be monetizing the Trojan by sending gift card spam of the following ilk: “You have just won a $1000 Target Gift Card but only the 1st 777 people that enter code 777 at [redacted website name] can claim it!”
As with the majority of Android malware, the malicious apps can be downloaded not from the official Google Play application store, but rather from third-party download sites, in this case largely based in Hong Kong. In general, security experts recommend that Android users stick to Google Play and avoid third-party sites advertising supposedly free versions of popular paid apps, since many of those sites appear to be little more than “fakeware” distribution farms. But since Android users are blocked from reaching Google Play in some countries, including China, third-party app stores are their only option.
After installing the malware and before it takes hold, a user must first grant the app numerous permissions — such as allowing it to send SMS messages and access websites. Only then it can successfully transform the mobile device into a spam relay. Of course, people in search of free versions of paid apps may agree to such requests. Furthermore, “not many people read the fine print when installing Android applications,” said Conway.
If a user does grant the malware the requested permissions, it will transform their Android device into node, or zombie, for the malware creator’s botnet. At that point, the malware immediately “phones home” to a command-and-control server via HTTP to receive further instructions. “Typically a message and a list of 50 numbers are returned,” said Conway. “The zombie waits 1.3 seconds after sending each message, and checks with the CC server every 65 seconds for more numbers.”
Again, the Android malware used to build the accompanying SMS-spewing botnet isn’t sophisticated, but it does appear to be earning its creator money. “Compared with PC botnets this was an unsophisticated attack,” said Conway. “However, this sort of attack changes the economics of SMS spam, as the spammer no longer has to pay for the messages that are sent if he can use a botnet to cover his costs. Now that we know it can be done, we can expect to see more complex attacks that are harder to take down.”
Your employees are a critical part of your security program, particularly when it comes to the endpoint. Whether it’s a PC, smartphone or tablet, your end users are on the front lines of phishing attempts and malware attacks. Read our Security: Get Users To Care report to find out how to keep your company safe. (Free registration required.)
MEIZU officially announces the new MEIZU MX Quad-core
MEIZU announces the world’s first smartphone with the quad-core Exynos A9 CPU
HONG KONG – April 16, 2012 – MEIZU today announces the brand new MEIZU MX Quad-core smartphone to be available in June this year. Among many surprises, the MEIZU MX Quad-core is the first smartphone in the world to use the brand new and powerful Exynos A9 quad-core processor.
The MX Quad-core uses a power efficient quad-core Exynos A9 CPU with industry-leading 32 nm HKMG technology which has been optimized to reduce CPU power consumption by up to 20%. In addition, it will last even longer with a new 1700mAh battery.
With its state-of-the art hardware, the MEIZU MX Quad-core is better in every way than its predecessor. The MEIZU MX Quad-core CPU is 60% faster, and GPU 50% faster compared to the previous MX. Whether it is browsing through menus, playing the latest games, or watching 1080p video, the MX Quad-core easily beats dual-core devices.
MX Quad-core comes with a vivid 292 PPI high definition ASV display. With no visible pixels on the screen, it provides the user with the ideal smartphone viewing experience. On the back side, the MX Quad-core has an 8 megapixel BSI camera with an f/2.2 lens aperture, capable of taking great photos even in low light conditions. The MX Quad-core will come with MEIZU’s unique Flyme OS based on Android 4.0, providing users with beauty, simplicity and buttery smooth performance at every interaction.
The MEIZU MX Quad-core will be available in MEIZU’s 400 retail stores during June at ¥2999/3999 CNY and $3099/4099 HKD for capacities 32GB and 64GB in Mainland China and Hong Kong, respectively. With MX Quad-core, the company also releases MX back covers in five colors in addition to the original white, allowing users to experience the MX on their own terms. Coinciding with the announcement of MEIZU MX Quad-core, the MEIZU MX will have its price adjusted to ¥2399 CNY and $2599 HKD in Mainland China and Hong Kong respectively. The reduced price for the MEIZU MX is effective as of April 16, 2012.