For years, the security community has benefited from a virtuous circle consisting of vendors, researchers and media. Researchers perform a valuable task in working to identify weaknesses in products and technologies that could lead, in theory or in practice, to potentially preventable exploits and attacks. Vendors take that research and use it to make more secure products. Finally, the media reports publicly on the process to help ensure practitioners and product users can accurately assess risks related to these potential vulnerabilities
Newly released malware PlaceRaider sounds like science fiction: It's Android malware designed to build 3-D models of users' apartments for burglars and assassins. But PlaceRaider--developed by a team at Indiana University--is very real. The new malware was built as an academic exercise, and it exposes security flaws that government agencies would love to use. More importantly, it also exposes unintended mobile functionality that large companies like Google could easily monetize.PlaceRaider, which was summarized in a recent arXiv paper, is a piece of “visual malware” which smartphone cameras, accelerometers, and gyroscopes, to reconstruct victims'
NSA head Gen. Keith Alexander speaking in June 2010 at the Center for Strategic and International Studies. Credit: CSIS/Flickr
Gen. Keith Alexander is the director of the National Security Agency and oversees U.S. Cyber Command, which means he leads the governmentâs effort to protect America from cyberattacks. Due to the secretive nature of his job, he maintains a relatively low profile, so when he does speak, people listen closely. On July 9, Alexander addressed a crowded room at the American Enterprise Institute in Washington,
Once upon a time, you knew who to fire when a hack took down your servers: The “little weenies” running around in the basement of your company, as AlienVault’s Russell Spitler put it.Cloud technology is ubiquitous. How many of you just checked Google Docs or put a photo in Dropbox? How many of you looked up a customer on Salesforce or answered a service ticket on Zendesk? I’m writing this article in WordPress, a veritable platform as a service. If your business depends on these kinds of cloud services, you’re in a scary world, my friend — a world where your company depends on servers you don’t control, with security policies you may not know,
The information security problem will never be completely solved unless the internet is fundamentally changed for the worse, according to Sourcefire senior research analyst Alex Kirk.
Speaking to ZDNet, Kirk said it was naive to think that crime could be eliminated from the internet, and anyone who thought so didn't understand technology.
"Anyone who makes specific date predictions about technology is a fool, in my opinion. You're not going to solve the problem of security on the internet on a large scale, without completely changing the fundamental underpinnings of the internet â and not in a positive way."
- Information Streams - Going Beyond the Activity Stream - E2 Conference Boston
- How to Choose a SaaS Vendor - E2 Conference Boston
- The E2 Social Business Leaders - E2 Conference Boston - E2 Conference Boston
- Mobile Connect - E2 Conference Boston - E2 Conference Boston
- Evaluating Emerging Technologies for the Enterprise - E2 Conference Boston
- Building a Hybrid Cloud in Government: It's not that Complicated
- Mobile DevOps: Achieving continuous delivery with multiple front ends and complex backends in Banking, Financial Services, and Insurance
- Maximize the benefits of virtualization for greater ROI
- Cloud Security: It’s Not Just for IT Anymore
- How Cloud Facilitates an Agile Contact Center
This Week's Issue
Free Print SubscriptionSubscribe
Current Government Issue
- The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
- Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
- Read the Current Issue