In-brief: IBM and Samsung are collaborating on a platform they say will help billions of connected devices interact securely. The technology, “blockchain,” is borrowed – in part -from the online currency Bitcoin, but has better applications as a transaction processing system.
Last week, home broadband router maker ASUS was the latest vendor to issue an emergency patch for a critical vulnerability in its products. This, after proof-of-concept exploit code was released for the so-called “Inforsvr” vulnerability that affects several ASUS home routers. That vulnerability -if left unpatched – would allow anyone with access to a home- or small business network that used an ASUS broadband router to, essentially, commandeer the device. The “infosvr” feature is typically used for device discovery by the ASUS Wireless Router Device Discovery Utility, but the service also allowed unauthenticated users to execute commands through it using the “root” permissions, according to researcher Friedrich Postelstorfer, who created a proof of concept exploit for the security hole and released it on January 4. The exploit code finally prompted a patch from ASUS on January 13. The company had spent months analyzing the issue and working on a fix. Patch aside, it has been a worrying month for the […]
The New York Times claims that the U.S. National Security Agency used intelligence gleaned from a clandestine operation to compromise North Korea’s cyber warfare unit to pin the blame for the Sony Pictures Entertainment hack on the reclusive Communist country. According to the story by David Sanger and Martin Fackler, the Obama Administration’s decision to quickly blame the hack on the DPRK grew out of a four year-old National Security Agency (NSA) program that compromise Chinese networks that connect North Korea to the outside world. The classified NSA program eventually placed malware that could track the internal workings of the computers and networks used by the North’s hackers and under the control of the Reconnaissance General Bureau, the North Korean intelligence unit, and Bureau 121, the North’s hacking unit, which mostly operates out of China. It has long been recognized that North Korea, which lacks a mature information technology infrastructure, does much of […]
In brief: The Open Interconnect Consortium (OIC) introduced a new, open source framework to connect billions of smart devices from a wide variety of vendors. But has the IoT standards horse already left the barn?
In brief: Google’s decision not to patch a security hole in versions of Android used by hundreds of millions of consumers is a bad omen for the Internet of Things and will likely push some Android users to alternative versions of the operating system.
