PKI

Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities

Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities

Podcast: Play in new window | Download (Duration: 34:12 — 39.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element in scaling the Internet of Things without creating a giant security mess. 

Protection concept. Protect mechanism, system privacy. Vector illustration

Spotlight: Deepika Chauhan of Digicert on the Challenges of Securing the Internet of Things

Podcast: Play in new window | Download (Duration: 25:57 — 29.7MB)Subscribe: Android | Email | Google Podcasts | RSSThere’s an epidemic of insecure Internet of Things devices. But why? And what is the shortest path to ending that epidemic? In this Spotlight Edition* of The Security Ledger Podcast, we speak with Deepika Chauhan, the Executive Vice President of Emerging Markets at DigiCert. Her job: forging new paths for the use of public key encryption to secure Internet of Things ecosystems.

Firmware used by BLU smart phones was observed transmitting sensitive data to a firm in China.

Experts Propose Standard for IoT Firmware Updates

Bleeping Computer reported that a new proposal submitted to the Internet Engineering Task Force (IETF) defines a secure framework for delivering firmware updates to Internet of Things (IoT) devices. Insecure software updates for embedded devices (aka ‘firmware’) have been a frequent source of security lapses on mobile and embedded devices like Internet connected webcams. Filed on October 30, the “IoT Firmware Update Architecture,” establishes security requirements for device makers to implement when designing firmware update mechanisms for connected devices. A familiar list of features The proposed rules include features that have long been recommended by security experts to permit safe handling of software updates. Among them the use of cryptographically signed updates and public key cryptography to provide end-to-end security and verify firmware images, as well as the ability to work with low-power and resource constrained IoT devices. Firmware has been the source of widespread security issues. For example, low-cost […]

Podcast: The Internet of Things’ Entropy Problem and why it matters

Podcast: The Internet of Things’ Entropy Problem and why it matters

In-brief: Governments may worry about the democratization of strong encryption. But a bigger problem may be that the encryption we think is strong really isn’t, says Richard Moulds of the firm Whitewood. In this podcast, we talk about the.growing difficulty of generating truly random numbers in cloud environments and on the Internet of Things and how ‘entropy as a service’ may be the answer.