Pages: 1 2 ...3 ... 5 ...7 ...8 9 10 11 12 ... 16

  2015-03-01

My blog's 10th anniversary

  By Hagai Bar-El   , 287 words
Categories: Personal News

Today it is ten years since the first post on this blog was published. This blog superseded an email bulletin that I maintained for seven years beforehand.

I am not the best blogger ever. I write much less frequently than I planned and wanted. Writing takes time that I do not always have; but more importantly, I try not to write unless I have something unique to say, and by doing this I feel I differentiate this blog from hundreds of others.

Read more »

  2015-02-16

TEDTalk review: "Why Privacy Matters" by Glenn Greenwald

  By Hagai Bar-El   , 324 words
Categories: Security Policies, Sources

TED published an excellent talk: Why Privacy Matters, by Glenn Greenwald.

Seldom do I call an online lecture “a must for all audience", but the TED lecture by Glenn Greenwald is worth such an enforcement. Glenn Greenwald is one of the key reporters who published material based on the leaks of Edward Snowden. He also wrote a good book about it called “No Place to Hide"; a book on which I wrote a review about 6 months ago.

If you know that privacy is important, but cannot explain why people who’ve done nothing wrong need it, or worse yet, if you really do not see why a surveillance state is bad also for law-abiding citizens, then you must listen to this. It packs hours of social, psychological, and public policy discussions into a few minutes.

Read more »

  2015-02-15

Top challenges of securing IoT

  By Hagai Bar-El   , 917 words
Categories: Security Engineering

As much as there is hype about the Internet of Things (IoT) and protecting it, there is no such thing as “IoT Security” per se. There is just the usual security engineering that is applied to IoT. Security engineering is about determining assets, threats to assets, and cost-effective means of mitigation. There are many models and ways for carrying out such analysis, but for the most part they all boil down to those key elements. Such security analysis applies to networks, it applies to servers, it applies to cars, and it also applies to IoT. That said, security engineering in IoT does pose a few unique challenges, which I would like to discuss now.

Read more »

  2015-02-11

Data about you is never thrown away

  By Hagai Bar-El   , 114 words
Categories: Personal News, Security Policies

I was quoted by The Enquirer saying that we shall all assume that data (from wearables and otherwise) that is collected by service providers will never be deleted. The data collected by wearables is only as protected as the network that holds it – and it is likely to be stored indefinitely.

“The trend today, given the ever-decreasing cost of storage, is to store data forever. A CIO will prefer to pay a bit more for a little more disk space than risk his job and company prosperity by deciding to discard data that is one day determined to have been useful.”

EDITED TO ADD: This story was also pubished by USA Today, and others.

  2015-01-05

Shodan makes us all more secure

  By Hagai Bar-El   , 792 words
Categories: IT Security, Security Policies

Shodan is a search engine for computers. It allows to search for hosts on the Internet not by the text they serve but by their technical properties as they reflect in responses to queries. The crawler Shodan uses to build its index does not read text that websites emit when visited, but instead it reads the information that the machine provides when probed.

Like most other technologies, this is another dual-use technology. It has both legitimate and malicious uses. The tool can be used for research, but it can be, and indeed has been, used for vicious purposes. Shodan will readily map and report Internet-accessible web-cams, traffic lights, and other IoT devices, including those with lax protection, such as those using default passwords or no passwords for log-in.

So is Shodan bad? Not at all. Those are exactly the forces that make us all more secure. 

Read more »

  2014-12-06

The ease of hacking surveillance cams

  By Hagai Bar-El   , 30 words
Categories: Personal News, Security Engineering

An article and interview with me by Byron Acohido of ThirdCertainty about why surveillance cams are trivial to hack. The discussion also covers the stance of IoT security in general.

  2014-11-13

Prime numbers and security

  By Hagai Bar-El   , 607 words
Categories: Security Engineering

Without much relation to anything, I wrote this short essay about the role prime numbers play in Internet security. In a nutshell, security relies on the ability to form leverage for the defender over the adversary. Such leverage can be of one of two types:

  1. Leverage through the ability to code the system behavior.
  2. Leverage through math, where the good guy knows something that the adversary does not.

Prime numbers are used as part of at least one mathematical mechanism that serves #2.

Read more »

1 2 ...3 ... 5 ...7 ...8 9 10 11 12 ... 16


Form is loading...

  XML Feeds

Search

License

All contents are licensed under the Creative Commons Attribution license.