Trusted Platform Module Archives

Trusted Platform Module

WSJ: Samsung Looks To Iris Scans To Secure Mobile Devices

May 19, 2014 Paul Roberts

Min-Jeong Lee has an interesting article over at The Wall Street Journal Digits blog on how mobile device maker Samsung is looking to expand its use of biometric sensors in mobile devices beyond the finger-print scanners that are now the state of the art. According to the article, Samsung is considering “various types of biometric [mechanisms]” in addition to fingerprint scanners. Samsung’s senior vice president Rhee In-jong told analysts and investors at a forum in Hong Kong on Monday that iris scanners are a top consideration. “One of things that everybody is looking at is iris detection,” Rhee said. The biometric features are part of Samsung’s enterprise-focused mobile software, dubbed “Knox.”According to Rhee, only a small portion of some 80 million Samsung devices that shipped with the Knox software, which provides additional security functions for use by businesses, such as hardware based “TrustZone” technology to isolate sensitive data, virtualization for data- […]

Amphion Forum: Spotlight on Security and Internet of Things

December 12, 2013 Paul Roberts

A little more than a month from now, the world’s attention will shift to San Francisco for the annual RSA Security Conference – perhaps the biggest single IT security industry event of the year. But this week, at a much smaller venue, the focus will be about what’s amounting to the ‘next big thing’ in the security world: the Internet of Things. The Amphion Forum focuses on a growing part of the computer security landscape that still struggles for attention in a security market still focused on the needs of large companies. Namely: the security challenges posed by mobile devices – phones and tablets and a menagerie of newly-connected endpoints, from wearable computers to implantable medical devices to household appliances. The privacy and security challenges facing organizations that wish to embrace the IoT are legion. Intelligent devices have been shown to lack basic protections against unauthorized access, such as strong […]

Hack Uses Phone’s Camera and Mic To Best Anti-Keylogger

November 13, 2013 Paul Roberts

Smart phones these days are bristling with sensors. Forget about the camera and microphone – there are accelerometers, Global Positioning System components, not to mention Bluetooth and NFC transmitters. All those remote sensors enable all kinds of cool features – from finding the nearest Starbucks to mobile payments. But they also pose a risk to the privacy of the phone’s owner – as malicious actors (and the occasional national government) look for ways to turn cameras and other sensors into powerful, cheap and convenient spying tools. Now researchers at The University of Cambridge have demonstrated one possible, new attack type: harnessing the built-in video camera and microphone on Android devices to spy on an owner’s movements and guess his or her password. The technique could be a way for cyber criminals to defeat anti-keylogging technology like secure “soft” keyboards used to enter banking PINs and other sensitive information. The work […]

Podcast: Securing The Internet of Things

September 20, 2013 Paul Roberts

One of the most vexing problems created by the fast-evolving Internet of Things is how to secure the massive trove of data that is transmitted and then stored by smart devices such as automobiles, consumer and household electronics and personal devices. As we’ve seen, private sector firms have been aggressive in leveraging new technology to connect their products to the Internet. But less thought has been given to the security and privacy implications of doing so. Now people are starting to take notice. In recent weeks, the FTC settled a case with a California firm, TRENDNet over balky home surveillance cameras they sold – cameras that were discovered to be easily discoverable and hackable from the public Internet. But, with so many cooks in the IoT kitchen (so to speak), where does responsibility for securing technology lie? Recently, I chatted with an expert on security and the Internet of Things. […]

SANS’ Pescatore: Security Needs Rethink For Internet Of Things

August 16, 2013 Paul Roberts

Our friends over at InfoSecurity Magazine have an interesting interview with SANS’ Director of Emerging Security Trends John Pescatore about security and The Internet of Things. Pescatore gets a somewhat skeptical hearing from the enterprise-focused IT security publication. (“Granted, it’s unlikely that anyone would be sending a car an email with a malicious executable, but that doesn’t mean there aren’t threat vectors for hackers to exploit,” InfoSecurity opines, by way of an introduction. Oh really?) But Pescatore brings a “deep field” view to this topic, noting that the security issues around IoT are already upon us in the spent almost two decades as Gartner’s Obi-Wan Kenobi for security, where he advised companies and technology vendors on the best way to navigate the shifting sands of the IT security space. Speaking to InfoSecurity, Pescatore says the 100,000 foot message is: ‘let’s learn from our mistakes.’ Specifically, that means not looking at intelligent devices, including […]