Av-Test.org, an organization known for its thorough and independent testing of antivirus products, has found the usual suspects of lack of authentication and encryption — security lapses that are all too common in IoT devices — present in popular fitness bands. Av-Test.org, an organization known for its thorough and independent testing of antivirus products, has found the usual suspects of lack of authentication and encryption—security lapses that are all too common in IoT devices—are also present in popular fitness bands such as those from Fitbit and Acer. While the Jawbone UP24, Polar Loop and Sony Smartband Talk SWR32 scored the best security of those products tested. The researchers admit that counting steps or number of calories burned may not constitute a leak of PII, but acknowledge that in the future that may be different, with manipulation and/or data theft leading to more or less serious threats to user privacy and […]
Search Results for "Android"
Research: IoT Hubs Expose Connected Homes to Hackers
In-brief: A study of common connected home gateways finds lax security that could expose consumers to snooping or even malicious attacks, according to the application security firm Veracode.
Intel: New Approach Needed to Secure Connected Health Devices
In-brief: connected medical devices pose a number of risks to patients, including the threat of “targeted killings,” according to a report by Intel Security. The fix: better application design and more public-private sector cooperation.
Security and Patching Challenge the Industrial Internet| CIO
The magazine CIO has picked up on a report by the firm National Instruments on some of the key challenges facing the industrial Internet of Things. No surprise: security and management are two of them. National Instruments has an interesting perspective on the topic: it makes equipment that is used by heavy industry (energy, oil and gas, automotive, etc.) to monitor industrial processes. As a result, NI is knee deep in the transformation to “smart” industry powered by autonomous, sensing equipment. The company anticipates big challenges as more and more industrial systems come online. From the article: “As massive networks of systems come online, these systems need to communicate with each other and with the enterprise, often over vast distances…Both the systems and the communications need to be secure, or millions of dollars’ worth of assets are put at risk.” Beyond that, NI notes that companies developing products for the industrial Internet of Things […]
Malicious or Obnoxious? Chinese Mobile Vendor CoolPad Uses Secret Backdoors
CoolPad, an up-and-coming Chinese mobile phone maker, is shipping high-end, Android smart phones with so-called “back door” access built into the phone’s software. That, according to research by the firm Palo Alto Networks. Palo Alto researchers Claud Xiao and Ryan Olson released a report identifying the suspicious remote access software, which they dubbed “CoolReaper” on Wednesday. According to the report, the so-called “backdoor” program was shipped with stock operating systems (or ROMs) used by Coolpad’s “high end” phones in China and Taiwan. The software, which appears to have been created and managed by Coolpad, runs on top of the Android operating system and allows the company to remotely manage the phone independent of the wishes of its owner: pushing applications to the device without the user’s consent or notification, wiping data and applications, sending over-the-air (or OTA) updates to the phone, transmitting device data and sending arbitrary phone calls and SMS […]
