'Flat IP' mobile networks face new security challenges

Others at the event echoed his sentiment. Alan Brown, principal analyst with Gartner Dataquest's semiconductor group, said a move to a flat IP structure in mobile networks will bring a lot of flexibility to mobile operators, application developers and service providers. However, "with standard interfaces there is also the ability for hackers to get into routers for financial gain or for the challenge," he said.

Freescale demonstrated a hardware reference platform with a number of security features for future mobile devices, its i.MX31 and i.MX31L multimedia applications processors. Based on the Arm 11 core designed by Arm Holdings, the chips have a run-time integrity checker that verifies the digital signature of code before executing it. This can help stop malware sneaking onto the device -- although it could also be used to lock down a mobile device and prevent the installation of third-party applications, much as Apple has attempted to do with its iPhone.

Prototypes are often designed with additional standard circuitry to make it easier to observe their behavior under test. Probes applied to that circuitry, known as a JTAG interface, can even be used to issue debugging instructions to the microprocessor. The connections for the prototype's JTAG interface often survive -- in different positions on the circuit board -- right through to final production. Identifying where these points were located on Apple's iPhone became one of the goals of those trying to unlock the devices, as access to it might have allowed them to debug Apple's security code.

The development boards are set for release in January, and will ship with Windows CE or Linux operating systems: Freescale expects manufacturers will use them to develop multimedia players, navigation devices or similar gadgets.

Elsewhere at the Forum, Freescale showed multicore processors with built-in encryption engines. These can be used to accelerate the encryption of traffic flowing across a network -- but can also be used to decrypt application software on the fly, just before it is executed, making it harder for attackers to dissect the software in, for example, home base stations.