Security

Easy Hacks on Telephone Entry Systems

Leave a comment

A presentation I did for The Next HOPE (2010) has just been posted online:

Friday, July 16, 2010: 7:00 pm (Lovelace): Telephone entry systems are practically everywhere in the city. An investigation after a series of break-ins uncovered several shockingly simple bypass techniques currently used by criminals. This presentation explains how the common keypad box will grant full access to a building in under ten seconds using only basic tools. The presentation will also give details on a series of countermeasures that can significantly reduce the vulnerabilities.

Security

Hadoop Geographic Adoption

Leave a comment

The 451 Research group has an interesting presentation called “What is the Point of Hadoop”, which includes three slides on global adoption. I’ve mashed them into a simple animated GIF for illustration:

Watch the cities of NYC, LA and SF shrink as countries India and China grow. Why the difference in granularity? Does this imply anything about a shift in controls and authorization (e.g. local versus remote, full-time versus contractors)?

Security

Internet of Things Under Attack!

Leave a comment

Symantec has unwrapped their latest speculation engine and fired a huge salvo across all our bows with a blog post titled “Linux Worm Targeting Hidden Devices“. Note the crisp analysis:

We have also verified that the attacker already hosts some variants for other architectures including ARM, PPC, MIPS and MIPSEL…. The attacker is apparently trying to maximize the infection opportunity by expanding coverage to any devices running on Linux. However, we have not confirmed attacks against non-PC devices yet.

In other words, the only known attacks are on PCs. Other devices are just speculation. Given the Symantec report details, it seems quite clear the attacker is NOT TARGETING HIDDEN DEVICES.

Thank you for your attention.

Energy, Security

How Google Will Destroy Stoplights

Leave a comment

I attended a strange meetup the other night. It is one of the amazing benefits of being in San Francisco. You can go in person to meet people on the cutting edge of technology and hear their vision (pun not intended) of the future. In this case I met someone from ski.org who was game for discussing my theories about the future focus being differently-abled, from Google maps to automated cars.

Unfortunately I lack time to blog in full our discussion. In brief, here’s some of what I’ve been speaking on lately, building upon my earlier posts, and what will be in my new book on Big Data security:

Stoplights are a stop-gap (pun not intended) measure that resulted from the inferiority of high-speed automobiles to anticipate danger. We used to be able to keep flow when traveling under 15mph. Adding a speed differential made stop-lights necessary to protect pedestrians and horses from cars, let alone protect cars from other cars; and it was a concept poorly interpreted from sailing.

We should get rid of them. But how do we do that? Automation. Once cars can anticipate other cars at speed, we don’t need to stop and sit at red lights. We’re smarter than the lights, but we can’t see risk fast enough at high speed to get rid of them. Automation can “see” faster.

Similarly, we should stop looking at maps. Look at race cars for the face of innovation. Rally cars do not have visual displays of directions, they have audio navigation. That’s what we should look towards. All we need to do is improve the confirmation or validation of automated navigation devices. Get rid of unnecessary information (e.g. no street-view, no satellite view until the last mile) and allow two-way dialog. Let’s not get stuck on big screens for navigation any more than we were stuck on stop-lights for predicting risk.

Google is leading the world in these areas, especially with Kurzweil on board, so I’m hopeful we can move towards eliminating the wasteful and poorly-thought out stop-light model.