I came across an interesting post over on Wearable World News today titled “The Danger of Smart Spam In the Internet of Things.” The article, by Jessica Groopman, ran yesterday and provides a kind of conceptual overview of the security and IoT space. I think Goodman gets it mostly right: she talks about the proliferation of device types and platforms that will (or already does) characterize the Internet of Things. With hundreds of billions (compared with hundreds of millions) of Internet connected endpoints, cyber criminals, hacktivists and other bad actors have an even greater ability to create armies of compromised endpoints and harness their collective power in attacks. Goodman also gets it right when she notes that many “smart” devices run commodity operating systems like Linux and don’t require lots of special effort to reverse engineer. Finally, IoT devices frequently are low power and embedded systems that lack the processing […]
Search Results for "Privacy"
Save The Date: The Security of Things Forum May 7
A little more than 18 months ago, I launched The Security Ledger, a news and analysis blog devoted to exploring cyber security and its intersection with the growing world of intelligent, Internet-connected “stuff.” My goal all along has been to shine a light on some of the security and privacy issues that arise as ‘computers’ (for lack of a better term) morph from devices on our desk to things that we wear, drive, carry in our body or watch us from the sky. More than that, though, I wanted to build a community of subject matter experts, thought leaders and decision makers who could help shape the conversation about how to navigate the transition from the Internet of computers to the Internet of Things. [Register Now for an Early Bird Discount!] But, let’s face it, there’s only so much interaction that can happen through a web site or e-mail newsletter. That’s […]
RSA Perspective: Outrage With A Side Of Salsa
Let the record show that one of the most dramatic expressions of discontent over rampant government surveillance of U.S. citizens and private companies during last week’s RSA Conference in San Francisco went down at a taco joint. As the world’s cyber security elite gathered in San Francisco’s Moscone Center for the RSA Security Conference, a group of privacy and online rights activists that go by the name “Vegas 2.0” used donated funds to rent out Chevy’s, a popular Mexican food restaurant located next to the exhibit halls and frequented by conference goers. As reported by ZDNet’s Violet Blue, paying RSA attendees and speakers – identifiable by red badges – were refused entry to Chevy’s and handed flyers explaining the protestors’ grievances against the Conference’s parent company, RSA Security, which is alleged to have colluded with the NSA to weaken encryption standards in its products. Among those reported to have been […]
Repo Scan: License Plate Readers Fuel Private Surveillance Industry
The privacy issues surrounding the use of license plate scanners isn’t exactly a new story. After all, none other than the ACLU published a report on the topic last year. The title of that report: “You Are Being Tracked” left little to the imagination. But The Boston Globe presents a troubling picture of how far and fast license plate scanning has come, and how the combination of super-efficient scanning with cloud based applications and Big Data analytics are empowering private companies to surveil law abiding citizens across much of the country. OnTuesday, reporter Shawn Musgrave reported on the phenomenon of automobile repossession firms in Massachusetts using powerful, car-mounted license plate readers to troll mall parking lots and commuter stations for cars whose owners are behind in their payments. The cameras scan the plates of all vehicles that they pass – delinquent or not – and send the images to […]
Security and The Internet of Things: An RSA Roadmap
The RSA Security Conference starts next week in San Francisco: the central event of a week-long orgy of IT security wheeling and dealing in the Bay Area. Though its roots are as a small and clubby gathering of cryptographers, RSA long ago stopped being that, and started resembling a kind of speed dating event for technology and IT security firms. Sure – there are plenty of interesting talks at RSA, but the important work takes place in private suites of adjoining hotels and chance encounters in the halls of the Moscone. If there’s a big IT security deal in the offing – like IBM’s $1 billion acquisition of Trusteer, or FireEye’s purchase of the firm Mandiant – chances are good that the conversation started at RSA. Long and short: RSA is a snapshot of the security industry at a particular place and time. As such, it tends to be a […]
