By Apurva Peri, Redpine Signals Although the foundations for secure communication have been laid down, the prevailing vulnerabilities are a major cause for concern. With a forecast of over tens of billions of connected devices, security is a complex but imperative responsibility that all device makers must take on.The world is at the brink of a new digital era. The concepts of a connected world, artificial intelligence, virtual reality, and disruptive speeds of communicationare on the rise. No matter how advanced the technology, matters of security and privacy are fundamental and of unconditional priority. Security is not one of those components that can be left for a later date, or categorized as a ‘coming soon’ feature. It is an intrinsic element of communication, be it at the device level, wireless level or the cloud level. This article outlines some current methods for security through different layers of communication, pointing … [Read more...] about How Secure is the Future of Communication? Tech Videos Featured Products Site Sponsors Featured Tech Videos
Security is a valid concern
By Apurva Peri, Redpine Signals Although the foundations for secure communication have been laid down, the prevailing vulnerabilities are a major cause for concern. With a forecast of over tens of billions of connected devices, security is a complex but imperative responsibility that all device makers must take on.The world is at the brink of a new digital era. The concepts of a connected world, artificial intelligence, virtual reality, and disruptive speeds of communicationare on the rise. No matter how advanced the technology, matters of security and privacy are fundamental and of unconditional priority. Security is not one of those components that can be left for a later date, or categorized as a ‘coming soon’ feature. It is an intrinsic element of communication, be it at the device level, wireless level or the cloud level. This article outlines some current methods for security through different layers of communication, pointing … [Read more...] about How Secure is the Future of Communication? Tech Videos Industry Trends Featured Products Site Sponsors Featured Tech Videos
In a world where Quality and Brand Protection is King, as certainly is the case for the automotive and medical device industries where strict minimal DPPM (defective parts per million) requirements are a common constraint, new methods for “escape” prevention and outlier detection are constantly being evaluated and implemented by semiconductor vendors to prevent any defective or marginal parts from leaving their manufacturing facility and later being flagged as an RMA (return material authorization) and possibly damaging the brand reputation of their customer.With best practices being deployed to detect and discard all defective devices, it is assumed that all parts are actually tested on an ATE system before being deemed good or bad. But what if that assumption is incorrect and parts you thought were properly tested and labeled as good were never actually tested, or tested incompletely due to some software or hardware anomaly within the ATE system? Is that even possible … [Read more...] about Is It Safe To Assume That All “Passed” Die Are Actually “Good” Die?
Docker this week announced the rollout of security scanning technology to safeguard container content across the entire software supply chain.Docker Security Scanning is an opt-in service for Docker Cloud private repository plans. It provides a security assessment of the software included in container images.It enables detailed image security profiles, continuous vulnerability monitoring, and notifications for integrated content security across the entire software supply chain, Docker said. It also provides binary-level scanning that generates a detailed security profile for each Docker image.The service provides details that allow IT operations to assess whether the software meets security compliance standards. It works seamlessly with existing development and IT workflows and scans every time a change is shipped, adding a checkpoint before deployment, the company said."The scanning process creates an image signature much like a contents label on a can of soup," said Nathan McCauley, … [Read more...] about Docker Ramps Up Container Security
If you’ve read Stephen King’s book or seen the movie, you know Cujo is a rabid Saint Bernard who really wants to eat that kid from Who’s the Boss (not Alyssa Milano… the other one). It’s an interesting name to choose for a smart-home device, especially because Cujo is all about defense.The video for the device’s Indiegogo campaign is a bit like a horror movie. “If you own a smartphone, baby monitor, or even a thermostat, you are an easy target for cybercriminals,” warns the voiceover as ominous music plays in the background. The concerns Cujo raises are valid. Last year, an HP study revealed every Internet-connected home security system the researchers tested had encryption issues, a lack of lockout features, no requirements for strong passwords, or a mix of all three.Cujo helps by monitoring all your connected devices through your router and looking for anomalies. It protects against hackers, viruses, malware, and dangerous sites … [Read more...] about Cujo is a smart-home device that promises to defend against hacks and attacks
In a move influenced by Edward Snowden's revelations about the NSA's email snooping, Yahoo and Google last week announced that they were cooperating on end-to-end encrypting their webmail products."We will release source code this fall so that the open source community can help us refine the experience and hunt for bugs," said Yahoo Chief Information Security Officer John Stamos.While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though.One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail."If … [Read more...] about SPOTLIGHT ON SECURITY Is Open Source an Open Invitation to Hack Webmail Encryption?
It sounds tremendously obvious to say it this way, but applications are everywhere. Think about it -- your office suite, your e-mail reader, even the software you're using right now to read this -- these are just a fraction of the thousands (if not hundreds of thousands) of applications you use daily both personally and professionally.For those of us in IT, we recognize that applications are critical to our business. If the right employees can't get access to the right applications at the right time, business stops. When you really boil it down, most of what we do in IT is about making sure that the applications in our firm stay up and available.Given the complete reliance that our firms have on the applications that we use, we would assume that the discipline of application security -- i.e., validating those applications to be free from security-related flaws -- would be somewhere very near the top of the priority list for IT managers and security pros.Unfortunately, that's too … [Read more...] about EXPERT ADVICE Why Application Security Is Often Overlooked
If your company has decided that the time is right for an initial public offering (IPO), it should consider the options available to it. There are ways by which a company can become publicly traded without the lengthy and costly process that usually accompanies an IPO.A common alternative to an IPO is a reverse merger, sometimes referred to as a "reverse IPO." This can be a quick and relatively inexpensive process if done carefully, with the full guidance of securities attorneys and CPAs trained in the IPO process.The most common type of reverse merger is one in which a profitable company wanting to go public acquires an inactive, publicly traded company that has no assets and no liabilities (a so-called shell company). The publicly traded company should be current with all of its filings with the SEC and should have no hidden and/or contingent liabilities.Often, the stock of such a publicly traded shell company is listed at one US cent a share, or even less. The stockholders of such a … [Read more...] about EXPERT ADVICE Reverse Mergers: A Valid IPO Option?
Darknets, Greynets. Dark traffic. The words are frightening. The reality behind them is even more frightening. Increasingly clever hackers, thieves and scoundrels are using the Internet, peer-to-peer products, instant messaging and e-mail to wreak havoc, in ways and for purposes never before seen. Their motivation is clear: They want money, and lots of it. Worst of all, they prey on human nature -- and business infrastructure -- to do their dirty work for them.First, some definitions.Greynet is an offshoot of the term "darknet" which has been used by the entertainment community to denote secret societies that use sophisticated technologies and networks to conduct file sharing, CD and DVD copying, and theft of copyrighted material in general. FaceTime Communications in San Mateo, California coined the modified term to focus attention on network-enabled applications that are installed on a corporate user's system without permission from IT, and that are very good at avoiding detection … [Read more...] about OPINION IT Security: Take a Walk on the Dark Side
While Research In Motion's BlackBerry 10 won't be released until the first quarter of 2013, the platform has already received a highly prized U.S. government security clearance, the company announced Thursday.BlackBerry 10 won the FIPS 140-2 certification that will allow government agencies to deploy devices that run the OS. The clearance also applies to Enterprise Service 10, RIM's new mobile enterprise management solution.The FIPS certification, which is given by the National Institute of Standards and Technology (NIST), is in essence one of the minimum criteria required for products that are used by U.S. government agencies, as well as regulated industries that collect, store, transfer, share and disseminate sensitive information."The FIPS 140-2 is applicable to all federal agencies that use cryptographic-based security systems," said Randall J. Easter, director of the Cryptographic Module Validation Program at NIST."The security requirements cover areas related to the secure design … [Read more...] about BlackBerry 10’s US Security Clearance Is a Lock