Filter
Top Products
10.1 Hardware and SIM card security
The following security methods can be used to ensure
Nokia 9290 Communicator hardware and SIM card security
(for details and activation/deactivation, please refer to the
Nokia 9290 Communicator User Guide):
• PIN code & PUK code
• Security code for SIM change security
• Device lock – to lock the whole device
• Call restriction – to restrict incoming or outgoing calls
10.2 Radio interface security
The security of the radio connection between a GSM phone
and the GSM network is specified in the GSM standards.
The GSM network specifies the radio interface security
level, and the encryption applies to voice, data, and fax
calls. Note that encryption is only used between the GSM
phone and the base station. The level of security in the
radio transmissions depends on the network and the
local laws.
GSM short messages (SMS) are transported using the GSM
signaling channels, but these signaling channels are not
encrypted. Therefore, short messages are not a secure way
to transport data.
10.3 Software security
As the Nokia 9290 Communicator is a versatile and open
programming environment, anyone can create new software
for it. The Nokia 9290 Communicator has a secure software
installation system that can be used to minimize the risks
posed by the possible malicious software.
Software is distributed in software packages called SIS files.
These packages can be digitally signed. By signing a soft-
ware package, the originator of the package makes sure
that the package cannot be modified while it is being stored,
or while it is en route to the Nokia 9290 Communicator.
When installing software, the user will see the alleged
originator of the package and the party that authenticates
the originator’s identity. To view the currently trusted
certification authorities, the user can go to the Certificate
management tool. The user can edit trust settings for each
listed certificate. By giving a certificate a “trusted” status,
the user vouches that he/she knows that a given certificate
really belongs to the given entity.
In order to maximize software security in your Nokia 9290
Communicator:
• When editing trust parameters in the Certificate
management tool in Control panel, only trust those
certificates whose origin you can be sure of, and you
know that the certificate really belongs to the entity
whose name is on the certificate. If you are in doubt,
contact the certification authorities help desk and ask
them for their certificate “MD5 fingerprint.” Compare
the “fingerprint” with the one that is displayed in the
Certificate management tool.
• Make sure that the software is intended for the Nokia
9290 Communicator.
• Only install software that comes in SIS files. Never
install raw DLLs or EXEs.
• Only install software that has been signed and only if
you trust both the author and the certification authority.
• During the installation, be sure to read the dialogs
that are presented to you. They may contain further
security information.
• Nokia runs a Nokia OK logo program for third-party
software developers. Using software that has the
Nokia OK logo offers further assurances on the quality
of the software.
10.4 Internet and intranet
Data communications over the Internet or other IP
networks is not secure by default. To enable secure
connections, the Nokia 9290 Communicator supports
various security protocols.
10.4.1 Incoming data calls
By relying only on the factory configuration, it is not possible
to access the Nokia 9290 Communicator’s files from an
incoming data call. However, as with any normal computer,
malicious third-party software can potentially degrade the
security of the device. Therefore, only install and use soft-
ware that comes from a trusted source and is digitally
signed by a trusted party.
10.4.2 Attacks from the Internet
When the Internet connection is up, it is possible to send
data packets from the Internet to the Nokia 9290 Commu-
nicator. As the wireless link is low-bandwidth, it is potentially
possible to cause congestion by sending large amounts of
bogus packets to the device. Therefore, it is recommended
that the dial-up link uses a firewall to filter suspicious
packets. Many Internet service providers offer this service.
The use of dynamic IP addresses is another recommended
safety measure. Most, if not all, Internet service providers
supply dial-in clients with dynamic IP addresses by default.
Also, installing defective or malicious third-party software
(especially from Internet servers) in Nokia 9290 Communica-
tors may degrade the security. Only install and use software
that comes from a trusted source and is digitally signed by
a trusted party.
10.4.3 Dial-up security
The Nokia 9290 Communicator requires a PPP (Point to
Point Protocol) connection to allow connection to the
Internet/intranet. The supported authentication protocols
are PAP (Password Authentication Protocol) [RFC 1334],
CHAP (Challenge Handshake Authentication Protocol) [RFC
1994], and MS-CHAP (Microsoft variant of CHAP).
34