Tag: data privacy

Prediction: Rough Road Ahead in 2014 For Security and Internet of Things

With the New Year fast approaching, it’s (unofficially) ‘prediction season,’ when everyone worth their salt stares into the crystal ball and tries to imagine what the world will look like 12 months hence. To sort through our 2014 predictions, we called on Mark Stanislav, the chief Security Evangelist at Duo Security. Mark is a seasoned security researcher who has taken an interest in the security of the Internet of Things. Earlier this year, we wrote about research Mark did on the IZON Camera, an IP-enabled home surveillance camera that is sold by big-box retail stores like Best Buy, as well as by the Apple Store. Beneath the IZON’s polished exterior, the IZON was a mess of sloppy coding and poor security implementation, Stanislav discovered. Like many IoT devices, IZON cameras punted security to those responsible for the wireless network that it was deployed on – essentially trusting any connection from […]

Continue Reading

A Christmas Hangover From Smart Devices

Editor’s note: This is reposted from Veracode’s blog. Just in time for the holidays, I received an e-mail by way of Electric Imp. If you’re not familiar with the “Imp,” (my phrase, not theirs), it’s a PaaS that makes it easy to build and connect smart devices. Among the cool gift ideas Electric Imp was promoting: a whole line of products produced by the company Quirky along with GE under the “Wink: Instantly Connected” products banner and available at Best Buy and other stores. There’s Egg Minder, an Internet-connected egg tray that tracks how many eggs you have left in your fridge, and how fresh each of them is. Not your thing? How about Nimbus? It’s a “customizable Internet-connected dashboard that lets you “track the data that affects your life, from commute times and weather to social media and more.” Nimbus looks like someone ripped the gauges out of a […]

Continue Reading

How Connected Consumer Devices Fail The Security Test

The Internet of Things leverages the same, basic infrastructure as the original Internet – making use of protocols like TCP/IP, HTTP, Telnet and FTP. But the devices look and act very differently from traditional PCs, desktops and servers. Many IoT devices run embedded operating systems or variants of the open source Linux OS. And many are low-power and many are single function: designed to simply listen and observe their environment, then report that data to a central (cloud based repository).   But IoT devices are still susceptible to hacking and other malicious attacks, including brute force attacks to crack user names and passwords, injection attacks, man in the middle attacks and other types of spoofing.  Despite almost 20 years experience dealing with such threats in the context of PCs and traditional enterprise networks, however, too many connected devices that are sold to consumers lack even basic protections against such threats. […]

Continue Reading

Thingful is a Facebook for Smart Devices

The data on exactly how many Internet of Things devices will be online by the end of the decade is a matter of debate. Cisco famously put the number at 50 billion by 2020, though Morgan Stanley thinks it could be as high as 75 billion. The analyst firm IDC estimates the number at 50 billion. But others have put the number lower. Gartner puts the number of connected things at around 30 billion by 2020. We might all be better off taking a cue from McDonald’s and just start using the phrase “billions and billions” by the end of the decade. As with McDonald’s hamburgers – the exact number doesn’t really matter, so long as everyone agrees that it’s going to be big. Really big. But all those devices – and the near-limitless IPV6 address space that will accommodate them – do present a management and governance problem: how […]

Continue Reading

Experts: ‘Infinite’ Attack Surface of IoT Demands New Approach

If the growth of the Internet of Things has been a curiosity to enterprises and the IT security industry that serves them, it won’t stay that way for long, experts warned at a gathering in San Francisco. The rapid adoption of Internet of Things (IoT) technology is poised to transform the IT industry, vastly expanding the opportunities for cyber attacks against a much wider range of targets: from implantable medical devices to manufacturing plants to automobiles, according to participants in a panel discussion on “Shaping The Internet of Things” at The Amphion Forum event in San Francisco. While media attention on The Internet of Things has focused on products like the Nest Thermostat and connected automobiles, the IoT encompasses an almost limitless population of devices – many far more mundane, said Ralph Broom a Principal Engineer at the firm Noblis, and one of three panel members. The Internet of Things, in […]

Continue Reading
1 111 112 113 114 115 131