application security Archives

application security

Building an Unhackable Autonomous Vehicle – CityLab

September 11, 2014 Paul Roberts

The folks over at The Atlantic have an intriguing take on the subject of “connected vehicles” and autonomous driving. Now this is a vision that we’ve been chasing for more than 50 years (consider all the technicolor “highway of tomorrow” films from the 50s and 60s). And we’re on the cusp of realizing it. Google’s self-driving car is racking up the miles and automated features like hands free cruise control and collision avoidance are making their way into production vehicles. As Alexis Madrigal at The Atlantic’s (cool) CityLab writes, however, there’s one major fly in the ointment when you consider the super efficient, algorithmically driven road of the future: humans. Specifically: Madrigal, in the course of writing an article on how to build an ‘unhackable’ car poses a scenario that I think is very likely: humans who subvert or otherwise game vehicle automation features to suit their own needs. Imagining the orderly procession […]

Cyber Insurance Is Sexy

September 9, 2014 Paul Roberts

So bland is the insurance business perceived to be, that it’s the stuff of Hollywood comedy. In the 2004 film Along Came Polly, Ben Stiller played a skittish, risk averse insurance adjuster with actuarial data on bathroom hygiene at his fingertips (no pun). Woody Allen famously depicts his hapless criminal Virgil Starkwell locked in solitary confinement with an eager insurance salesman in the 1969 mocumentary Take the Money and Run. Cruel and unusual punishment, indeed. Boring though they may be, insurance markets are incredibly important in helping society manage risks of all sorts. Insurance markets also have a funny way of shaping behavior – both personal and commercial – in ways that serve the public interest. Take the response to Hurricane Sandy as just one example. Law makers in Washington D.C. may never agree on whether that storm was a product of a warming climate. In fact, they may debate the […]

Exploding Gas Tanks: Risk, Liability and Internet of Things

September 5, 2014 Paul Roberts

We like to construct Hollywood friendly plots around a lot of the seminal moments in our collective history. For Civil Rights, we like to picture the integration of Little Rock High School, Rosa Parks’ courageous protest on a Montgomery bus or the March on Washington. For environmentalism, we talk about Rachel Carson’s Silent Spring or, maybe, the burning Cuyahoga River in Cleveland. (This vintage news footage of the 1969 fire calls it the fire that “sparked the environmental movement” without any apparent irony.) For automobile safety, we imagine Ralph Nader and the image of a 1972 crash test that shows the gas tank of the Ford Pinto exploding in a rear impact collision, engulfing both cars in flames. But those memories are often way oversimplified. Little Rock and the Montgomery bus boycott were just two battles in a fight for civil rights that went back to the end of the Civil War. Likewise, the Cuyahoga […]

Report: Home Depot A Common Thread Linking Trove Of Stolen Credit Cards

September 3, 2014 Paul Roberts

Home Depot said it is investigating “some unusual activity” on its networks and working with “banking partners and law enforcement,” after security blogger Brian Krebs named the company as a common thread connecting a trove of stolen credit card accounts that have appeared in underground forums. Krebs reported on Tuesday that “multiple banks” see evidence that Home Depot stores are the source of a “massive new batch” of stolen credit and debit cards that went on sale this morning in underground “carding” forums. The breach is believed to have affected Home Depot stores throughout North America – around 2,500 stores in total. The company has held off from confirming a breach, so far. And as of early Wednesday, Home Depot’s home page made no mention of the incident. In a statement to Reuters, spokesperson Paula Drake said that the company is holding off pending an internal investigation, and is working with law enforcement. […]

Securing Networks in the Internet of Things Era | Help Net

August 22, 2014 Paul Roberts

Cricket Liu, the CIO of Infoblox has an interesting editorial over at Help Net Security today that looks at the challenge of securing the Internet of Things. Among other things, he reveals the results of a commissioned survey of 400 network professionals in the UK and US that revealed that 78 percent already have precursor IoT devices on their networks – including badge readers, networked cash registers, vending machines and so on. Seventy three percent of those surveyed acknowledged using connected surveillance gear like CCTV on their networks. That shouldn’t be surprising. What is surprising is that a strong majority of respondents – 63 percent – also saw those devices and IoT in general as a threat to network security. So: IoT adoption is gaining speed, and worries about IoT security are gaining traction. The survey suggests that few IT organisations have deployed IoT-specific infrastructure, such as dedicated networks for IoT devices or management […]