Rebuttal to Windows Mobile vulnerability story

Jason Langridge has posted a response to the news report released earlier this week about security concerns with Windows Mobile’s Direct Push technology. Analyst Jack Gold of J. Gold Associates, a wireless security firm, reported that Windows Mobile 5.0 data was not stored in an encrypted format on the device (but was encrypted as it was transmitted).

Essentially, Jason thinks that the fundamental mis-understanding here is that the comparison is being made against two different architectures in that RIM, GoodLink and other solutions use a Network Operations Centre or intermediary server so they have to encrypt the payload as there isn’t a single end-to-end channel that can be encrypted.

The article is definitely an interesting read and delivers a balanced counterpoint.

Read more about this story