Tech Talk/By Martha Knight

Remember Android Donut? That was v 1.6, right after Cupcake. After Donut there were Éclair (2.0, 2.0.1, 2.2), Froyo (2.2-2.2.3), Gingerbread (2.3, 2.3.2, 2.3.3-2.3.7). Honeycomb (3.0, 3.1, 3.2), Ice Cream Sandwich (4.0, 4.0.2, 4.0.3, 4.0.4), and now Jelly Bean (4.2, 4.2).

They certainly do sound delicious. But according to Bluebox Security, all the 900 million Android phones since Donut came with a vulnerability. Samsung has patched it in the Galaxy S4.

Bluebox says the flaw would enable a hacker to morph a perfectly good Android app into a Trojan.

There are application developers, which use the application development kits Google, the Android OS’s owner and publisher, supplies, and there are device makers that make apps, as Cisco provides AnyConnect to its customers. Both classes of app makers’ apps are vulnerable to the security flaw, according to Bluebox.

Any of the Trojan apps out there, if installed by an Android device user, can result in the hacker gaining access to the Android system, the other apps currently on the device, and their data. It can take control of the phone, make phone calls, record calls, send messages, operate the camera.

Compromised Android phones allow hackers to create botnets because such devices tend to be in perpetual motion and use.

So, if 900 million smart phones could be remotely implanted, to become the gadget version of The Terminal/Nightmare man, has there been a mass invasive alteration of Android phones? Apparently not. Google is developing a fix even as we speak.

Still, device makers will have the responsibility to come up with the updates to their products, and get them distributed.

Android is an open OS, and that means there are many, many developers involved. That’s good because the resulting ferment brings about much creativity and rapid improvements. But no one central “Goog-zilla” has close, constant contact with all development teams. That delays correction, compared with how things work in more closely controlled, proprietary software development ecosystems.

For now, Bluebox recommends that individuals with Android devices take care to identify the app publisher before downloading. Also, enterprises that have welcoming BYOD (bring your own device) policies should insist that users update their devices, and see that a super-security protocol be in place to protect corporate data.

Windows operating systems have been larger targets for malware than most others, because of their vast installed base, not because of greater inherent vulnerability. Android has attracted hackers in the same way, and in fact has not been as locked down as some of its rivals. But the theoretical risk has not materialized to the degree we might have predicted.

Google has modified the app entry process at the Play Store. Big G now casts its googley eyes over all apps submitted, to see whether they contain any of the modified code related to this exploit.

•    •    •

The mainframe is almost 50. Well on the way to the ash heap of history. Or is it?

The System/360 that IBM began producing in 1964 was a pretty good machine in its day. Any computer of its family could work with any other. It was capable of being upgraded. Not bad. Other computers by various makers were worlds unto themselves. They would not talk to other computers. They became obsolete. But not the IBM family of mainframes.

IBM mainframes process 30 billion business transactions every day.

Our stock, credit card and fund transfer transactions are handled by mainframes.

Most major insurance companies use System z mainframes. So do the top banks, and almost three-quarters of Fortune 500 companies.

Mainframes in use today may differ significantly from the earliest mainframes, but modern TVs aren’t like those of 1964, nor are the airplanes and cars.

Mainframes of 2010 use 5.5 Hz hexa-core processors, can have 120 cores if needed, and 3 terabytes of memory (memory, RAM, not storage).

Mainframes are more efficient and faster than combinations of PCs with equivalent computing power. Maintenance is less costly and complex than whatever else might be used instead.

Will cloud computing make mainframes passé?

Experts I have been reading say that would depend on whether the cloud services are based on clusters of x86-chip based servers, or on mainframes.

Provide a service to a great number of users or subscribers, and you will need dozens, or hundreds, or thousands of small servers and PCs.

Or you will need something scalable, up or down. Like a mainframe.

All components can be swapped out on a mainframe, including the CPU.

The technicians who were experts in the care and feeding of mainframes in the 1960s have retired or soon will. There is a strong demand for others to become available. Mainframes represent a major investment, and are not likely to be discarded anytime soon. Their counterparts are still being manufactured and sold. Software is still being written for them. They don’t wear out because their components are replaceable.

That might be a good field to get into.

Drymar@gmail.com. 642-7552.