Canadians lax about cellphone security

Lax Security

It seems that Canadians are much more lax about their cellphone security that most people.

This article found that:

• One third of Canadians use public Wi-Fi at places such as coffee shops and airports where online communications are not always protected by encryption.

• One in five users of social networking sites do not adjust privacy settings to control who can see photos and information about them online.

I think perhaps they have just accepted the fact that protecting yourself at times can be futile because they can infiltrate you regardless.

Weak Internet security

http://www.nytimes.com/2011/08/10/technology/hacker-to-demonstrate-weak-mobile-internet-security.html

There has been a security breach In terms of Internet web security and mobile carriers. Karsten Nohl managed to infiltrate many different mobile Carriers web data networks in different places in Europe and was able to do so with an outdated motorola cell phone.

He even found out that some companies such as TIM do not secure their data networks at all. He provided the information to carriers to boost their security.

US government looks to form cybersecurity code of conduct

http://www.engadget.com/2011/09/23/us-government-to-beat-back-botnets-with-a-cybersecurity-code-of/

With all the recent botnet attacks organizations are looking to find ways to combat these attacks and create a unified guideline for ISP’s to follow. The national institute of standards and technology has published a request for information to help create a voluntary code of conduct that would include internet as well as IT companies and would provide “best practices” for these companies.

As of now suggestions are still being collected and will continue until November 4th. It has been said however that NIST is considering two models which were used overseas. These programs are Australia’s iCode program and Japans Cyber clean center. While these programs are meant to help prevent attacks as well as provide immediate action after attacks take place, they do provide cause for concern to many.

While some of these systems monitor traffic for attacks some are concerned they can be a privacy risk themselves. These very same monitoring systems have access to user information and could be susceptible to manipulation by would be attackers. Many ask the question, are these measures truly keeping us safe? or are they providing future means for attacks to occur?

 

http://www.engadget.com/2011/09/23/us-government-to-beat-back-botnets-with-a-cybersecurity-code-of/

Online Gaming Security Uncertain

http://online.wsj.com/article/SB10001424052748703421204576328982377107892.html

The article that I read for this weeks blog post involved a security breach that plagued Sony’s Playstation Network. The network was infiltrated and remained infiltrated for several weeks and the information of more than 100 million users was compromised. The attack left the network crippled and offline for several weeks and also affected the streaming of music and video services.

Chief Executive has come to a realization that has become quite easy to see in this technological climate. That is, he can not guarantee the security of the company’s video game network. With the rise in cyber crime and hacking, companies are starting to realize that they are at the mercy of the online attackers when it comes to their security. Although steps are taken to ensure security for many online gaming networks it is virtually impossible to stop a well planned attack.

What makes situations like the one Sony currently finds itself in is that not only is the network in jeopardy but the information of the users is as well. This goes for any online gaming network that uses sensitive information for purchases on that network and things of that nature. When they are confronted with a security problem they have to think about all their users and what it means to them as well. Will people continue to trust these online gaming networks with their sensitive information? We shall see what the trend becomes in these upcoming years.

Jail Security Flaw

http://www.huffingtonpost.com/2011/08/09/hackers-help-inmates-break-out_n_921554.html

I read an article regarding flaws in a security system in a jail. After a power surge the guards were surprised to find all of the cells on death row opened. They did some investigating and found that the security system could be manipulated to actually control these cells and possibly release inmates. These findings were due in part to the fact that guards were not following proper protocol when it came to using computer stations which controlled the closing and opening of cell doors.

This fortifies my beliefs that no matter how good your security system is it is only as good as your weakest link. Most of the time the biggest security flaws come from human error. Something as simple as a guard checking his e-mails on a computer which is connected to the cell doors could have led to a cyber intruder gaining control of those very same cell doors keeping dangerous inmates under control.

I find that the more complex security systems are the easier it is for problems to arise and human error to become an issue. Proper training and direction trumps complexity from my personal experience in several jobs. A security engineer had this to say regarding security procedures: “If the prisons change their security procedures, they could probably fix the problem 98 percent on their own.”