"Large cellular botnets could then be used to perpetrate a [denial of service] attack against the core of the cellular network," says Patrick Traynor, an assistant professor at Georgia Tech involved in the study. "But because the mobile communications field is evolving so quickly, it presents a unique opportunity to design security properly -- an opportunity we missed with the PC," he adds.

Stumped on Security

The overall lack of cell phone security so far is one of the first issues Traynor and his team are trying to tackle. Right now, they say, proper antivirus protection would drain too much of a phone's battery and thus prove to be unpractical. Add in the fact that most people tend to be trusting when it comes to voice technology, and you have the potential for disaster.

"Most people have been trained to enter social security numbers, credit card numbers, [and] bank account numbers ... over the phone while interacting with voice response systems," says Tom Cross, an IBM Internet Security Systems researcher also involved in the research. "Criminals will exploit this social conditioning to perpetrate voice phishing and identity theft."

Early Optimism