Tag: hardware

The Internet of Things: Legal Woes for CIOs | CIO

Stephanie Overby over at CIOs  has an interesting piece today on the legal pitfalls that Internet of Things adoption may hold for chief information officers (CIOs). While the prospect of more, intelligent devices holds great promise for organizations across the economy, Overby notes that there are also risks – especially when it comes to the wholesale harvesting of customer data. “Many of the legal issues are not well understood even by sophisticated privacy practitioners,” the article quotes Christopher Wolf, a partner at the law firm Hogan Lovells saying. “In the world of sensors rather than computer screens, the legal issues are challenging.” CIOs are advised to consider “self-regulating” around issues like privacy, security and consent, to stay on the right side of the evolving law. CIOs should scrutinize every decision to collect user information and ask whether the benefits to collecting the data outweigh the potential costs, especially in the event of […]

Continue Reading

Was An IPMI Flaw Behind 300Gbps DDoS Attack? – ComputerworldUK.com

Computerworld UK has an interesting story that digs into a massive, 300 Gbps DDoS attack that used a flaw in the IPMI protocol to compromise 100,000 unpatched servers, which were then used to send junk traffic to the victim site. The attack was documented by the security firm VeriSign in its quarterly threat report. The flaw, in the Intelligent Platform Management Interface (IPMI) is a well-documented security hole that affects a wide range of devices. The attack in question took place in June and targeted what Verisign described as a content delivery network (CDN) in the media and entertainment sector. The attack combined a variety of techniques, including SYN, TCP and UDP protocols to flood a target data center. The attacks reached a peak traffic volume 300 Gbps and lasted more than a day, prompting Verisign to balance the load across its global network. Verisign attributed the massive volume of the attack to a botnet made up […]

Continue Reading

PasswordsCon Preview: Passwords Are Dead. Long Live Passwords.

I had an opportunity to sit with Per Thorsheim, co-founder of PasswordsCon about next week’s Passwords14 Conference in Las Vegas, Nevada. If you haven’t checked it out before, PasswordsCon is the world’s premiere technical conference that is just focused on the security of passwords and pin codes. PasswordsCon is a one-of-a-kind event: bringing together folks whose specialty is cracking and defeating password security with security experts whose interest is in shoring up protections for sensitive data. This year’s conference, which is sharing space with the B-Sides Las Vegas Conference on August 5 and 6. PasswordsCon has earned a reputation for being the launching pad for some eye-popping new tools for password cracking. Back in 2012, we reported on a 25 GPU device that radically lowered the bar to cracking even the strongest passwords protected with weaker encryption algorithms, like Microsoft’s LM and NTLM, obsolete. Among other things, the Conference will feature […]

Continue Reading

ARM Eyes Role as Supplier to the Internet of Things

Writing for Fortune this week, Katherine Noyes has an interesting piece that looks at how ARM is looking to parlay its success in the mobile phone market into a dominant role as a supplier for the Internet of Things (IoT). “There’s a real opportunity here,” Noyes quotes Ian Ferguson, ARM’s vice president of segment marketing saying. AMD licenses designs to silicon makers like Qualcomm and AMD. Already, some of those designs are showing up in IoT products like fitness bands. That could expand – and mobile phones are the management interface for many IoT products, which also stokes ARM’s business. But the company thinks the real opportunity lies in commercial technology for verticals like infrastructure (smart cities), manufacturing and oil and gas exploration. “You’ve got highly valued assets, so preventative mechanical services can help improve efficiency by detecting problems before they break down,” Ferguson said. ARM acquired Sensinode Oy in August, 2013. Sensinode pioneered software and […]

Continue Reading

Report: Thieves Can Hack and Disable Your Home Alarm System | WIRED

Wired’s Kim Zetter reports on (independent) reports by two researchers that show how home alarm setups can be hacked remotely, from as far away as 250 yards. The vulnerabilities could allow a malicious actor to suppress alarms or create multiple, false alarms that would render the system unreliable (and really annoying). Zetter profiles the work of Logan Lamb, a security researcher at Oak Hill Ridge National Lab who conducted independent research on  three top brands of home alarm systems made by ADT, Vivint and a third company that asked to remain anonymous. She also cites work by Silvio Cesare, who works for Qualys who studied common home alarm systems sold in Australia, including devices manufactured by Swann, an Australian firm that also sells its systems in the U.S. Both discovered a litany of similar problems, Zetter reports: The systems use radio signals to report when monitored doors and windows are opened, but fail to encrypt or authenticate the signals being […]

Continue Reading
1 42 43 44 45 46 62