* Posts by Chris 54

3 publicly visible posts • joined 14 Jan 2010


Chris 54

Great, but not new

My old company built an identical app for Symbian handsets for Vodafone UK. Believe it or not, this was in 2004-2005. You can read about it here:


Thrutu is fantastic - in-call sharing should be a core feature of every handset. I wish 'em luck.

Microsoft dubs Windows Phone 7 'ad serving machine'

Chris 54

Think again

My company has a similar solution called PACE for Series 60 based handsets. It performs exactly the same function as the MS solution - an insert ads into the idle screen, into running aps on the screensaver, in-call and more.

As noted in the overwhelming number of posts, these type of solutions - including ours - can be intrusive and plain annoying.

However, trial results also show that subscribers can be very positive about ads - assuming the right balance is found between ads and and the services provided to the user in return for accepting advertising.

Here are some real user quotes from our UK trial in December last year:

• “If this service is done very well it will have a positive effect on the perception of ... as being an innovative operator!”

• “If they offered the service the way I liked it, then I’d be more inclined to get a phone with ...”

• “If they were the first company to offer it I’d think fair enough well done - they’ve stepped up a gear with going online.“

• “I feel a little bit like they are actually giving me something back - an additional service almost for free.”

The trick is of course finding a balance between ads and the free content/services supported by the ad-revenue. Users are OK with ads, but expect something in return.

I accept that these solutions can be annoying. Done well, however, they achieve a positive outcome for all parties. The results speak for themselves: a 60% click through rate on at least one campaign / month when running a 25%/75% ad to content mix.

Trojan pr0n dialers make comeback on mobile phones

Chris 54
Black Helicopters

Not a very convincing post from CA

Firstly, the CA author shows a poor understanding of J2ME MIDP.

"The JAD application however is packaged with a data file (load.bin) that has a list of high-cost destination numbers."

Erm - JAD application? The JAD is the descriptor - it is not the app. itself.

Secondly, even if the user downloads and runs the associated JAR, every MIDP phone I have ever seen prompts the user before sending an SMS - irrespective of whether the app is signed or not.

Finally, does it really matter that the list of premium numbers is read via a call to getResourceAsStream(...)?

As a general comment, smartphones present a much greater risk for this style of attack. Symbian Signed apps can run in the background and can send SMS messages without any user interaction. Android has similar capabilities. iPhone apps are extremely limited in this regard - I believe all an app can do is open an SMS link in the browser - the user must actually send the message.

Finally, if memory serves, the Series60 based SX1 shipped with an augmented reality game called Mozzies. The word was going around that if the game were run on a non Siemens based terminal, it automatically generated a premium SMS. This may be apocryphal - I had an SX1 but never saw the brilliant Mozzies running on any other handset.

It is fair to say that the real worry in premium SMS trojans is that it only takes one SMS to subscribe to a tide of reverse billed content.

Black Helicopter because it looks vaguely like a mozzie...