In-brief: an article on O’Reilly’s Radar site raises important questions about what kinds of connections and data sharing should be allowed on the Internet of Things – and how consumer privacy can be protected.
privacy
Android in the Coal Mine: Open Source, Patching and Internet of Things
In brief: Google’s decision not to patch a security hole in versions of Android used by hundreds of millions of consumers is a bad omen for the Internet of Things and will likely push some Android users to alternative versions of the operating system.
On the Internet of Things, Cheap may Cost You | VentureBeat
Venturebeat has a nice, contributed blog post by Michael Daly, of Raytheon on the lurking problem of device insecurity within the consumer Internet of Things. As Daly sees it, mass adoption of Internet of Things technologies seems destined to leave us with environments populated by low-cost and vulnerable devices whose makers don’t consider their wares valuable enough to maintain. From the article: “Offering a constant stream of security patches and updates to keep low-cost devices safe and functional for the long-term requires money. If vulnerabilities are discovered, patches or updates might be issued, but only in the first year or two. The vendor expectation is that users will need to buy a full replacement or live with the risks — not to mention that users are not very likely to manage patches and updates for non-critical devices.” In contrast to the kinds of managed networks we’re used to – with vendors […]
Malicious or Obnoxious? Chinese Mobile Vendor CoolPad Uses Secret Backdoors
CoolPad, an up-and-coming Chinese mobile phone maker, is shipping high-end, Android smart phones with so-called “back door” access built into the phone’s software. That, according to research by the firm Palo Alto Networks. Palo Alto researchers Claud Xiao and Ryan Olson released a report identifying the suspicious remote access software, which they dubbed “CoolReaper” on Wednesday. According to the report, the so-called “backdoor” program was shipped with stock operating systems (or ROMs) used by Coolpad’s “high end” phones in China and Taiwan. The software, which appears to have been created and managed by Coolpad, runs on top of the Android operating system and allows the company to remotely manage the phone independent of the wishes of its owner: pushing applications to the device without the user’s consent or notification, wiping data and applications, sending over-the-air (or OTA) updates to the phone, transmitting device data and sending arbitrary phone calls and SMS […]
Wearable Cameras Birth A New Biometric
Wearable technology is a burgeoning category, and products like Google Glass and smart watches are just the beginning. As with mobile phones, on-board cameras are sure to be de rigueur. But, as this article over at The Verge notes, those cameras will present new challenges (for privacy) and new opportunities (for security). Specifically: cameras coupled with your body seem to create new kinds of opportunities to uniquely identify you. One example: gait biometrics. The Verge notes recent research published by Professor Shmuel Peleg and Yedid Hoshen of the Hebrew University of Jerusalem. Those researchers created a way to identify first-person filmmakers based on the signature wobble of their cameras. The identity of the user can be determined “quite reliably from a few seconds of video,” the researchers write in their paper. [Interested in biometrics and wearables? Check out our article “Are Wearables the Future of Authentication?“] “The idea of distinguishing one person from […]
