Risk

Exploding Gas Tanks: Risk, Liability and Internet of Things

We like to construct Hollywood friendly plots around a lot of the seminal moments in our collective history. For Civil Rights, we like to picture the integration of Little Rock High School, Rosa Parks’ courageous protest on a Montgomery bus or the March on Washington. For environmentalism, we talk about Rachel Carson’s Silent Spring or, maybe, the burning Cuyahoga River in Cleveland. (This vintage news footage of the 1969 fire calls it the fire that “sparked the environmental movement” without any apparent irony.) For automobile safety, we imagine Ralph Nader and the image of a 1972 crash test that shows the gas tank of the Ford Pinto exploding in a rear impact collision, engulfing both cars in flames. But those memories are often way oversimplified. Little Rock and the Montgomery bus boycott were just two battles in a fight for civil rights that went back to the end of the Civil War. Likewise, the Cuyahoga […]

Continue Reading

Hack Tool Authors Deny Link To Celeb Photo Leaks

With some of Hollywood’s biggest stars issuing statements on Monday condemning the leak of personal photographs online, attention has turned to identifying the source of the leaks. But more than 24 hours after the photos appeared, there are more questions than answers about its source. Early attention has focused on an automated tool that exploited an apparent vulnerability in Apple’s FindMyiPhone feature. But by Monday, there were denials from the makers of that tool that it played any role in the massive privacy breach that saw photos of A-list celebrities like Jennifer Lawrence, Kate Upton and others leaked online. Within hours of the photos’ appearance on the image sharing site 4chan, attention shifted to the cause of the leak and the coincidence of the leaked photos with the publication of iBrute, a simple tool available on GitHub in recent days. According to this published report by Owen Williams over at TheNextWeb,  the […]

Continue Reading

Securing Networks in the Internet of Things Era | Help Net

Cricket Liu, the CIO of Infoblox has an interesting editorial over at Help Net Security today that looks at the challenge of securing the Internet of Things. Among other things, he reveals the results of a commissioned survey of 400 network professionals in the UK and US that revealed  that 78 percent already have precursor IoT devices on their networks – including badge readers, networked cash registers, vending machines and so on. Seventy three percent of those surveyed acknowledged using connected surveillance gear like CCTV on their networks. That shouldn’t be surprising. What is surprising is that a strong majority of respondents – 63 percent – also saw those devices and IoT in general as a threat to network security. So: IoT adoption is gaining speed, and worries about IoT security are gaining traction. The survey suggests that few IT organisations have deployed IoT-specific infrastructure, such as dedicated networks for IoT devices or management […]

Continue Reading

The Internet of Things: Legal Woes for CIOs | CIO

Stephanie Overby over at CIOs  has an interesting piece today on the legal pitfalls that Internet of Things adoption may hold for chief information officers (CIOs). While the prospect of more, intelligent devices holds great promise for organizations across the economy, Overby notes that there are also risks – especially when it comes to the wholesale harvesting of customer data. “Many of the legal issues are not well understood even by sophisticated privacy practitioners,” the article quotes Christopher Wolf, a partner at the law firm Hogan Lovells saying. “In the world of sensors rather than computer screens, the legal issues are challenging.” CIOs are advised to consider “self-regulating” around issues like privacy, security and consent, to stay on the right side of the evolving law. CIOs should scrutinize every decision to collect user information and ask whether the benefits to collecting the data outweigh the potential costs, especially in the event of […]

Continue Reading

Update: Facebook awards $50K Internet Defense Prize for Work on Securing Web Apps

Saying that research dollars for cyber security are disproportionately devoted to work on “offensive” techniques (like hacking), social media giant Facebook has awarded two researchers  a $50,000 prize for their work on cyber defense. The company announced on Wednesday that Johannes Dahse and Thorsten Holz, both of Ruhr-Universität Bochum in Germany for their work on a method for making software less prone to being hacked. The two developed a method for detecting so-called “second-order” vulnerabilities in Web applications using automated static code analysis. Their paper (PDF here) was presented at the 23rd USENIX Security Symposium in San Diego. In a blog post announcing the prize, John Flyn, a security engineering manager at Facebook, said the Internet Defense Prize recognizes “superior quality research that combines a working prototype with significant contributions to the security of the Internet—particularly in the areas of protection and defense.” Dahse and Holz’s work was chosen by a panel […]

Continue Reading
1 19 20 21 22 23 36