Search Results for "Privacy"

IDS And The IoT: Snort Creator Marty Roesch On Securing The Internet of Things

Martin Roesch is one of the giants of the security industry: a hacker in the truest sense of the term who, in the late 1990s created a wide range of security tools as a way to teach himself about information security. One of them, the open source SNORT intrusion detection system, turned into one of the mostly widely used and respected security tools in the world. SNORT became the foundation for Sourcefire, the company Marty helped found in 2001. And Sourcefire went on to fantastic success: first as a startup, then as a publicly traded company and, as of October of last year, as part of Cisco Systems, after the networking giant bought Roesch’s company for $2.7 billion. These days, Marty serves as a Vice President and Chief Architect of Cisco’s Security Business Group, where he’s helping shape that company’s strategy for securing the next generation of enterprise (and post-enterprise) networks. […]

Continue Reading

Web to Wheels: Tesla Password Insecurity Exposes Cars, Drivers

We’ve interviewed security researcher Nitesh Dhanjani before. In the last year, he’s done some eye-opening investigations into consumer products like the Philips HUE smart lightbulbs. We did a podcast with Nitesh in December where we talked more generally about security and the Internet of Things. Now Dhanjani is in the news again with research on one of the most high-profile connected devices in the world: Tesla’s super-smart electric cars. In a presentation at Black Hat Asia on Friday, he  released findings of some research on the Tesla Model S that suggests the cars have a weakness common to many Web based applications: a weak authentication scheme. (A PDF version of the report is here.) Specifically: Tesla’s sophisticated cars rely on a decidedly unsophisticated security scheme: a six-character PIN. Dhanjani’s research discovered a variety of potentially exploitable holes that would give even an unsophisticated attacker a good chance at breaking into […]

Continue Reading

Analysis Finds Blurry Lines Between Rovio, Advertisers

Rovio, the maker of the massively popular Angry Birds, makes no secret about collecting personal data from those who download and play its games. But an analysis from the advanced threat detection firm FireEye is helping to expose the extend of data harvesting, and also to sketch out the blurry line that separates Rovio and third-party advertising networks it contracts with. In a blog post on Thursday, FireEye analysts Jimmy Suo and Tao Wei described the findings of an investigation into the interaction between Rovio’s mobile applications, including the latest version of Angry Birds, and third party ad networks such as Jumptap and Millenial Media. Using FireEye’s Mobile Threat Prevention (MTP), the two gathered and analyzed network packet capture (PCap) information and analyzed the workings of Angry Birds and its communications with third-party ad networks. The two were able to reveal a multi-stage information sharing operation, tracking code paths from the reverse-engineered […]

Continue Reading

Internet of Things and the Enterprise (InfoGraphic)

I’m a big fan of infographics – at least when they’re well done and present insightful facts. That’s why I’m always on the lookout for good ones – especially when the subject is The Internet of Things. So I was interested to come across the latest contribution from IoT firm Xively (part of the company LogMeIn), which pulls together some factoids on IoT’s potential in the enterprise. Among the interesting statistics gussied up in this one: an Economist Intelligence Unit data point saying that 95 % of C-level executives expect their company to be using the Internet of Things in three years time, while 74% of them predicting that it will play a ‘major role’ in their business in that time. That’s kind of astounding when you consider it: executives saying ‘Here is this new kind of technology that we barely use now. But in three years, it will be […]

Continue Reading

Mobile Metadata, Google Dorking Expose Your Secret Life

A study of more than 500 mobile phone owners by researchers at Stanford University suggests that call records and other “metadata” stored on our phones can easily be used to infer a wealth of sensitive information about phone owners – laying bare details of private lives that many would prefer to keep hidden. The findings of the study were outlined in a blog post by researcher Patrick Mutchler on Wednesday. Researchers concluded that the data collected from the phones was very accurate in painting a picture of the phone’s owner, including their work, social interests and medical conditions. That was true even across a small sample population monitored for just a few weeks. In the study, researchers placed an application, MetaPhone, on Android smartphones belonging to 546 participants and collected a wide range of information including device logs, social network information and call records for analysis. In all, researchers collected calls […]

Continue Reading
1 77 78 79 80 81 95