Recent Posts

US Allows More Talk About Surveillance Orders

The U.S. Department of Justice has acceded to requests from some large, technology firms, allowing them to post more specific information about government requests for data on their users, according to a report by The New York Times. In a statement released on Monday, Attorney General Eric Holder and James R. Clapper, the Director of National Intelligence, the new rules allowing some declassification followed a speech by President Obama calling for intelligence reform. “The administration is acting to allow more detailed disclosures about the number of national security orders and requests issued to communications providers, and the number of customer accounts targeted under those orders and requests including the underlying legal authorities,” the joint statement reads. “Through these new reporting methods, communications providers will be permitted to disclose more information than ever before to their customers.” [Read more Security Ledger coverage of the NSA surveillance story.] Previously, companies were prohibited from […]

Continue Reading

Are Wearables The Future Of Authentication?

CIO Magazine has an interesting round-up piece that looks at the enterprise impact of wearable technology, which you can read here.   Much of this is what you’d expect: FitBit, Google Glass and the (coming) tsunami of smart watches that will soon wash over us. The Cliff’s Notes version is that adoption of wearables will be rapid in verticals that are positioned to leverage the technology early on – such as healthcare and retail. But the piece argues that enterprises risk ‘missing’ the wearable wave in the same way that they ‘missed’ (or at least didn’t plan for) the mobile computing revolution. What might planning entail? Pilots, apparently – maybe of Google Glass or a competing technology. [Read more Security Ledger coverage of wearable technology. ] An interesting side note concerns a possible enterprise ‘killer app’ for wearables; authentication. The article quotes Forrester Analyst J.P. Gownders saying that wearable technology, with integrated biometric […]

Continue Reading

You Can Build An Open Source NEST Clone In One Day? Uh Oh!

I’ve been amazed at the herds of Johnny Come Lately’s who have glom’d onto the amazing Nest thermostat since Google purchased the company that makes it, Nest Labs, for a whopping $3.2 billion last week. Nest – and even its sister Protect smoke alarm – were hardly new, but that didn’t stop CNN from posting a ‘gee whiz’ video in the days that followed that had all the ‘we were here first’ excitement of a hand-held broadcast from the floor of CES. That – even though Nest is coming up on its third birthday and its cousin, the Protect, was released to considerable fanfare in October. The question for Google, of course, is ‘how is Nest really worth?’ I use one at my house, and I think it’s gorgeous and smart – but $3.2 billion? That’s why I was interested to check out this article over at Postscapes.com about an open source […]

Continue Reading

Cisco Eyes Security Services For Connected Cars

Connected vehicles are a big new area of investment. We saw evidence of that at the recent Consumer Electronics Show (CES) and we’re  hearing a lot more about it this week, as carmakers strut their stuff at the North American International Auto Show.   Security isn’t generally part of the conversation, but as we’ve noted here on more than one occasion: connected vehicles introduce a myriad of challenging security problems, from authentication to communications and system integrity, not to mention data privacy. [Read more Security Ledger coverage of connected vehicles here.] Now networking giant Cisco says that it sees a role for its technology in protecting vehicle area networks (VANs), just as the company’s networking equipment enabled and protected local and wide area networks (LANs and WANs) over the last two decades. In a blog post, Cisco said it is rolling out “a range of products and services” that it […]

Continue Reading

When The Internet of Things Attacks! Parsing The IoT Botnet Story

I spent most of last week at a conference in Florida going deep on the security of critical infrastructure – you know: the software that runs power plants and manufacturing lines. (More to come on that!) While there, the security firm Proofpoint released a statement saying that it had evidence that a spam botnet was using “Internet of Things” devices. The company said on January 16 that a spam campaign totaling 750,000 malicious emails originated with a botnet made up of “more than 100,000 everyday consumer gadgets” including home networking routers, multi media centers, televisions and at least one refrigerator.” Proofpoint claims it is the “first time the industry has reported actual proof of such a cyber attack involving common appliances.” [Read: “Missing in action at Black Hat: the PC.”] Heady stuff – but is it true? It’s hard to know for sure. As with all these reports, it’s important […]

Continue Reading
1 339 340 341 342 343 396