Hardware

Podcast Episode 115: Joe Grand on Unicorn Spotting and Bloomberg’s Supply Chain Story

In this week’s episode (#115), noted hardware enthusiast and hacker Joe Grand (aka “Kingpin”) told reporters from Bloomberg that finding an in-the-wild supply chain hack implanting malicious hardware on motherboards was akin to witnessing “a unicorn jumping over a rainbow.” They went with their story about just such an attack anyway. Joe joins us in the Security Ledger studios to talk about whether Bloomberg got it right. Also, Adam Meyers of Crowdstrike comes into the studio to talk about the U.S. Department of Justice indictment of seven Russian nationals. Adam talks about the hacks behind the charges and what comes next.

Continue Reading

Spotlight Podcast: Synopsys’ Dan Lyon on the Challenge of Securing Connected Medical Devices

In this Spotlight Podcast, sponsored by Synopsys: In the wake of a presentation at Black Hat about security flaws in implantable pace maker devices, Synopsys Principal Consultant Dan Lyon joins us to talk about why medical device makers struggle to make their connected medical devices more secure. Dan and I discuss some of the flaws in the approach that medical device makers take to security, and how manufacturers can take a page out of their own book: applying the same standards to cyber security as they do to – say- device safety. 

Continue Reading

Breaking the Ice on DICE: scaling secure Internet of Things Identities

In this Spotlight Podcast, sponsored by Trusted Computing Group*, Dennis Mattoon of Microsoft Research gives us the low-down on DICE: the Device Identifier Composition Engine Architectures, which provides a means of  solving a range of security and identity problems on low cost, low power IoT endpoints. Among them: establishing strong device identity, doing device attestation and safe deployment at scale and verifying software updates. 

Continue Reading

Episode 103: On the Voice-Controlled Internet, How Will We Authenticate?

Voice based interfaces are growing in popularity, complexity and influence. But securing these interfaces has, thus far, been an afterthought. If we are destined to interact with the smart systems around us using our voice, how exactly will we manage to authenticate to those devices? In this podcast we speak with Ben Rafferty of the firm Semafone about the challenges of securing voice-based systems. Semafone won the recent PAYMNTS.com Voice Challenge with a way to use Amazon’s Alexa voice assistant as an out of band authentication mechanism.

Continue Reading

Episode 101: Ink Jet Nation? Doctorow on a Dystopian IoT and City of Atlanta Employees phished on Rogue Wi-Fi

In this episode of the podcast (#101): will the Internet of Things enable a glorious future of intelligent and subservient “things”? Or will it birth “ink jet nation:” a dystopia of closed and expensive technology silos that use patents, software licensing and lawsuits constrain the use, reuse and repair of connected things? We talk to author and activist Cory Doctorow following his keynote at last week’s Security of Things Forum. Also: the city of Atlanta has made headlines after a ransomware outbreak crippled city services. But the city may have more to worry about: wireless phishing attacks targeting government employees and elected officials. We speak with Dror Liwer of the firm Coronet about what they found. 

Continue Reading
1 10 11 12 13 14 100