In brief: Google’s decision not to patch a security hole in versions of Android used by hundreds of millions of consumers is a bad omen for the Internet of Things and will likely push some Android users to alternative versions of the operating system.
Apple
IoT Security: The Next-Generation Matters Now
As a cyber security professional, I spend most of my days speaking with customers and colleagues about all of the nefarious ways “the bad guys” can wreak havoc and how we can best defend ourselves. The topics we discuss often include situational awareness, defense-in-depth, threat intelligence, and new cyber security paradigms we may find ourselves adopting as the Internet of Things (IoT) evolves. I would assert that these are extremely important topics to sort out. But there’s a very important element not being discussed: the question of who will sort them out. Simply put: what difference does it make if you have the world’s greatest technology if nobody in your organization knows what to do with it? Cisco estimates that there will be a deficit of one million skilled cyber security professionals over the next five years. By 2015, 90 percent of jobs in the developed world will require some set of […]
New York City Phone Booths Add Beacons, Stoke Controversy
The web site Buzzfeed has a scoop today about a stealthy deployment of beacon technology in Manhattan that has some privacy experts concerned. According to the exclusive report, by Buzzfeed’s Joseph Bernstein and Jeremy Singer-Vine, Titan a media company that sells ad space in more than 5,000 phone kiosk panels in New York City’s five boroughs, has installed about 500 beacons on its ad panels. The company went forward with the deployment with the blessing of New York City’s Department of Information Technology and Telecommunications (DoITT), but without any public input, Buzzfeed reported. Beacons are wireless devices that interact with mobile phones and other portable electronics. They’re used to provide location-specific data and interactions, such as advertisements linked to nearby businesses or to track the movements of an individual within a defined space (such as a show floor). In the case of the phone booth beacons, Titan and Sbordone, the company that provides the display […]
Online Authentication Group FIDO Alliance Grabs A Big Bone: Alibaba
The FIDO Alliance, an up-and-coming industry consortium aimed at simplifying online identity and doing away with passwords added IPO darling Alibaba to its Board of Directors, according to a statement on Tuesday. The FIDO (or “Fast IDentity Online”) Alliance announced that Alibaba Group’s payments business, Alipay will be among the first to deploy FIDO technology for secure payments authentication. On September 17, the company announced that it will use Nok Nok Labs’ FIDO-compliant NNL™ S3 Authentication Suite to enable secure online payments via the Fingerprint Sensor (FPS) technology on the Samsung Galaxy S5. Alipay customers will be able to make payments and transfers using Alipay’s mobile application, Alipay Wallet by applying their fingerprint to the Galxy’s fingerprint sensor. “We look forward to participating on the FIDO Alliance board, and assuring that commerce and authentication are uniquely cooperative and seamlessly compatible,” said Ni Liang, Alibaba group, senior director, department of security, in a statement. Mobile payments […]
The Key to Security in the Internet of Things – IEEE Spectrum
IEEE Spectrum has an article that provides a nice overview of security and privacy issues on the Internet of Things. The article by Mark Anderson highlights a number of the issues that have cropped up on these pages as well, namely: the rush to market in the consumer IoT space (much of it driven by crowd funding sites like IndieGoGo and Kickstarter) the lack of a strong business case for (consumer) manufacturers to build security into IoT products the tendency of large manufacturers to pursue siloed security standards that thwart efforts to build devices interconnect with other IoT infrastructure (other devices, routers, etc.) So far efforts to coordinate IoT development around a single platform or set of standards have been reduced to predictable turf battles: Google’s Thread versus multi-vendor efforts like TheAllSeen Alliance, The Open Interconnect Consortium, The Industrial Internet Consortium versus Apple HomeKit and HealthKit and others. In the […]
