Pages: 1 2 4 ...6 ...7 8 9 10 11 12 ... 14

  2015-02-11

Data about you is never thrown away

  11:01, by Hagai Bar-El   , 114 words
Categories: Personal News, Security Policies
I was quoted by The Enquirer saying that we shall all assume that data (from wearables and otherwise) that is collected by service providers will never be deleted. The data collected by wearables is only as protected as the network that holds it – and… more »

  2015-01-05

Shodan makes us all more secure

  05:46, by Hagai Bar-El   , 792 words
Categories: IT Security, Security Policies
Shodan is a search engine for computers.It allows to search for hosts on the Internet not by the text they serve but by their technical properties as they reflect in responses to queries. So is Shodan bad? Not at all. These are exactly the forces that make us all more secure. more »

  2014-12-06

The ease of hacking surveillance cams

  20:43, by Hagai Bar-El   , 30 words
Categories: Personal News, Security Engineering
An article and interview with me by Byron Acohido of ThirdCertainty about why surveillance cams are trivial to hack. The discussion also moves towards IoT in general. more »

  2014-11-13

Prime numbers and security

  02:28, by Hagai Bar-El   , 607 words
Categories: Security Engineering
Without much relation to anything, I wrote this short essay about the role prime numbers play in Internet security. In a nutshell, security relies on the ability to form leverage for the defender over the adversary. Such leverage can be of one of two… more »

  2014-10-15

Poodle flaw and IoT

  17:53, by Hagai Bar-El   , 457 words
Categories: Security Engineering
The Poodle flaw discovererd by Google folks is a big deal. It will not be hard to fix, because for most systems there is just no need to support SSLv3. Fixing those will only imply changing configuration so not to allow SSL fallback. However, this flaw brings to our attention, again, how the weakest link in security often lies in the graceful degredation mechanisms that are there to support interoperability. Logic that degrades security for the sake of interoperability is hard to do right and is often easy to exploit. Exploitation is usually carried out by the attacker connecting while pretending to be "the dumbest" principal, letting the "smarter" principal drop security to as low as it will go. All this is not new. What may be new is a thought on what such types of flaws may imply on the emerging domain of the Internet-of-Things. more »

  2014-10-11

Snapchat leak -- who is to blame?

  10:52, by Hagai Bar-El   , 242 words
Categories: IT Security, Security Engineering
Snapchat is in the headlines again for allegedly leaking out nude photos of users. They strictly deny that there was any breach of their servers, and blame third party applications for leaking this data. This might be the case, but it is not enough to take them off the hook, especially given that their product is mostly about ​confidence​. more »

  2014-09-23

A gift from Snowden to the European economy

  21:48, by Hagai Bar-El   , 463 words
Categories: Security Policies
When we buy products and services, we trust their provider to follow the norms we believe it follows. When such trust breaks, we need to think what next. In my opinion, the situation that follows the Snowden leaks forms an opportunity for Europe to catch up. more »

1 2 4 ...6 ...7 8 9 10 11 12 ... 14