Security problems abound in the mobile device space – and many of them have been well documented here and elsewhere. While mobile operating systems like Android and iOS are generally more secure than their desktop predecessors, mobile applications have become a major source of woe for mobile device owners and platform vendors. To date, many of the mobile malware outbreaks have come by way of loosely monitored mobile application stores (mostly in Eastern Europe and Russia). More recently, malicious mobile ad networks have also become a way to pull powerful mobile devices into botnets and other malicious online schemes. But my guests on the latest Security Ledger podcast point out that mobile application threats are poised to affect much more than just mobile phone owners. Jon Oberheide, the CTO of DUO Security and Zach Lanier, a researcher at DUO, note that mobile OS platforms like Android are making the leap […]
Tag: conferences
Internet of Things and the Enterprise (InfoGraphic)
I’m a big fan of infographics – at least when they’re well done and present insightful facts. That’s why I’m always on the lookout for good ones – especially when the subject is The Internet of Things. So I was interested to come across the latest contribution from IoT firm Xively (part of the company LogMeIn), which pulls together some factoids on IoT’s potential in the enterprise. Among the interesting statistics gussied up in this one: an Economist Intelligence Unit data point saying that 95 % of C-level executives expect their company to be using the Internet of Things in three years time, while 74% of them predicting that it will play a ‘major role’ in their business in that time. That’s kind of astounding when you consider it: executives saying ‘Here is this new kind of technology that we barely use now. But in three years, it will be […]
Is Analog The Answer To Cyber Terrorism?
Ralph Langner is one of the foremost experts on the security of critical infrastructure that we have. So, generally, when Ralph says something – whether its about Stuxnet, or cyberwar or the security of nuclear power plants – folks listen. And these days, Ralph is wondering, out loud, whether our reliance on digital systems to manage critical infrastructure has gone too far. The answer, he suggests, may be to go “back to the future,” as it were: reintroducing analog systems into the control process chain as a backstop for cyber attacks. Case in point: the Department of Homeland Security’s ICS-CERT warned on Friday that firmware for Siemens SIMATIC S7-1500 CPUs (Central Processing Units) contain nine vulnerabilities that could enable attacks such as cross site request forgery, cross site scripting and URL redirection. (Siemens has issued a firmware update that patches the holes.) Langner is among the world’s foremost experts on […]
Google Readies SDK For Wearable Tech
Google will soon release a software development kit (SDK) for adapting its Android mobile operating system to wearable technology such as smart watches, according to statements by Sundar Pichai, Google’s Senior Vice President of Android, Chrome and Apps. Pichai was speaking over the weekend at the South by Southwest (SXSW) festival in Austin, Texas. He said that the SDK for wearables will be available sometime in the next two weeks and is intended to help flesh out the company’s vision for how wearable technology should work. The news was first reported here by The Guardian. Wearables are just another “platform” on which small, powerful sensors will be deployed, he said. “Sensors can be small and powerful, and gather a lot of information that can be useful for users. We want to build the right APIs for this world of sensors,” he is quoted saying. [Read more Security Ledger coverage […]
RSA Perspective: Outrage With A Side Of Salsa
Let the record show that one of the most dramatic expressions of discontent over rampant government surveillance of U.S. citizens and private companies during last week’s RSA Conference in San Francisco went down at a taco joint. As the world’s cyber security elite gathered in San Francisco’s Moscone Center for the RSA Security Conference, a group of privacy and online rights activists that go by the name “Vegas 2.0” used donated funds to rent out Chevy’s, a popular Mexican food restaurant located next to the exhibit halls and frequented by conference goers. As reported by ZDNet’s Violet Blue, paying RSA attendees and speakers – identifiable by red badges – were refused entry to Chevy’s and handed flyers explaining the protestors’ grievances against the Conference’s parent company, RSA Security, which is alleged to have colluded with the NSA to weaken encryption standards in its products. Among those reported to have been […]
