Imagine a vulnerability that would allow malware to take over your mobile device; turn on the microphone, camera and GPS; and transmit everything it hears, while simultaneously sending copies of e-mail and text messages to a remote server. Sounds like a nightmare, right? Unfortunately, it exists. Worse, your security software can’t stop it.

Over the course of the week and a half since Carrier IQ was demonstrated by security researcher Trevor Eckhart, a great deal has been revealed about the Carrier IQ software installed on a variety of smartphones by a number of carriers.

Perhaps the toughest part of securing your endpoints is finding out who in the company has administrative rights to the computer they’re using. This is especially the case in companies where there hasn’t really been a consistent procurement or configuration policy, which is probably most companies.

The approach of the Christmas buying season poses a number of security threats for retailers, both brick-and-mortar and online. Those threats include heightened risks for merchants and for their customers. Worse, not all of those risks are easy to spot or easy to remedy.

Hey! You! Yes, I’m talking to you, the person who is sitting at a computer reading this blog entry. You can check, but I’m willing to bet you the computer you’re using allows you full administrative rights. In other words, you have the ability to do pretty much anything you wish with your machine. You can install software, change security settings and even open malware-laden e-mails that can then install Bad Stuff on the computer.