Telecommunications Archives

Telecommunications

Report: Hell is Unpatched Systems

June 2, 2014 Paul Roberts

One of the ‘subplots’ of the Internet of Things revolution concerns embedded devices. Specifically: the tendency of embedded devices to be either loosely managed or – in some cases – unmanageable. The future holds the promise of more, not fewer of these. That’s the gist of a piece I wrote for InfoWorld, and that you can read here. In short: we’re already seeing the beginning of a shift on the threat landscape. While attacks against traditional endpoints (like Windows desktops, laptops and servers) are still the norm, there are more stories each day about cyber criminal groups and malicious actors who are compromising non-standard endpoints like home wifi routers. In March, for example, the security consultancy Team Cymru identified a botnet consisting of some 300,000 compromised home routers and other in-home devices. The virus called “TheMoon” was also identified spreading between vulnerable home routers and other embedded devices. The […]

Car Makers, Suppliers Going Their Own Way On Security

June 1, 2014 Paul Roberts

I was surprised to see a big feature story over at CNN.com this morning – given that the security of connected vehicles has no obvious link to LA Clippers owner Don Sterling, the on-going shakeup at the Veterans Administration or a tornado or other natural disaster. Still – there it is: “Your car is a giant computer – and it can be hacked.” The feature, by Jose Pagliery is solid enough – though it doesn’t break much new ground. He mentions the research by Chris Valasek and Charlie Miller at The Black Hat Briefings last year. He also talks to the folks over at Security Innovation. [Want more on security and connected vehicles? Check out our video: Insecure At Any Speed: Are Automakers Failing The Software Crash Test? ] The big take-away: automobiles are rife with old and outdated software and hardware, much of it lacking even basic security features like secure communications […]

Report: Samsung Investing In IoT Security

May 27, 2014 Paul Roberts

South Korean electronics giant Samsung Electronics Co. said on Tuesday that it will invest heavily in security for the Internet of Things sector, citing security for IoT as a ‘key future technology’ alongside energy storage and harvesting. The report on Tuesday, from South Korea’s Yonhap News Service said Samsung, currently the world’s top maker of mobile phones, said Samsung is soliciting proposals on IoT security algorithms and protocols through the end of June. Possible applications include “biometrics, smart structures and advanced traffic networks,” according to Yonhap. The announcement comes by way of Samsung’s Future Technology Fostering Center, a research group that the company established last year to help keep it on the cutting edge in technology. According to published reports, Samsung has pledged 1.5 trillion won ($1.34 billion) over 10 years to fund the Center. Approximately 750 billion won ($670 million) will be allocated to research projects through 2017.

Heartbleed: Technology Monoculture’s Second Act

April 22, 2014 Paul Roberts

Say ‘technology monoculture’ and most people (who don’t look at you cross-eyed or say ‘God bless you!’) will say “Microsoft” or “Windows” or “Microsoft Windows.” That makes sense. Windows still runs on more than 90% of all desktop systems, long after Redmond’s star is rumored to have dimmed next to that of Apple. Microsoft is the poster child for the dangers and benefits of a monoculture. Hardware makers and application developers have a single platform to write to – consumers have confidence that the software and hardware they buy will “just work” so long as they’re running some version of Windows. The downside, of course, is that the Windows monoculture has also been a boon to bad guys, who can tailor exploits to one operating system or associated application (Office, Internet Explorer) and be confident that 9 of 10 systems their malicious software encounters will at least be running some version of the […]

Vint Cerf: CS Changes Needed To Address IoT Security, Privacy

April 2, 2014 Paul Roberts

The Internet of Things has tremendous potential but also poses a tremendous risk if the underlying security of Internet of Things devices is not taken into account, according to Vint Cerf, Google’s Internet Evangelist. Cerf, speaking in a public Google Hangout on Wednesday, said that he’s tremendously excited about the possibilities of an Internet of billions of connected objects, but said that securing the data stored on those devices and exchanged between them represents a challenge to the field of computer science – and one that the nation’s universities need to start addressing. “I’m very excited,” Cerf said, in response to a question from host Leo Laporte. He cited the Philips HUE lightbulb as an example of a cool IoT application. “So you’re going to be able to manage quite a wide range of appliances at home , at work and in your car. Eventually, that will include things you’re […]