Is the App store really safe?

Most people who lifted their shiny iPhones and pressed upgrade to iOS5 button, were looking for a better battery life that can get them more rounds of Angry Birds. The reality is that Apple’s latest updated was dealing with something a lot more important.

A week ago Accuvant LABS computer security researcher Charlie Miller uncovered a major security flaw that gives hackers a way to build apps that look and act legit but then downloads unproved code to your phone. Apple have always been known for having a tight grip on their app store and such incident shows that no system is fully secure from hackers attacks.

Miller even demonstrated by creating his own app that does that and got it fully approved by Apple and then did a video of what the app can do. His app have been now removed and his license revoked.

Cloud storage and the new realities for IT departments

IT departments love control and for a good reason. Security is a major concern for large corporations with thousands of employees, but even a small business like your local bakery also wants to be protected from cyber crimes.

The challenge is a lot of people are switching to a new breed of web applications like dropbox and which are very easy to use. Employees already use these tools at home for their everyday lives and they love it, so why not at work!

The problem is security and lack of control over these application. IT departments need the ability to tackle issues and attacks in real time and depending on a service such as Dropbox might not be their ideal solution.

Dropbox and other services are noticing the trend and started offering business packages and more control for teams.

To me the main thing to understand here, is the power of good design and development. People use applications like Dropbox because they are so easy to use and there are no crazy setup preferences to make you call a younger son or daughter to teach you how to do something.


Cyber Spying

We love and hate china all at the same time. Why? Obviously, we hate their communist government but we love their cheap labor and market potential. So like any other troubled couples, the United States and China have their fights.

Some times we accuse China of lowering its currency and jeopardizing our competitive edge, but this time the accusations went to cyber space.

According to Reuters: “The U.S. intelligence report said on Thursday China and Russia are using cyber espionage to steal U.S. trade and technology secrets to bolster their own economic development, which poses a threat to U.S. prosperity and security.”

Obviously china denied any wrong doing and accused the United States of being irresponsible. An expected move from our friendly giant from the east.

The real issue is, why its so easy for foreign agents to infiltrate the U.S. networks and what should we do about it?

Is it even possible to create a network that is 100% resistible to hackers attacks? Should the United States counter attack with its own cyber army of computer programmers?

A lot of questions that makes us wonder, where is the world going and could the next big war be over a cyber attack?

CAPTCHA Defeated!

Have you ever tried to post a comment on your favorite blog or tried to creat an entry on Wikipedia and you had to type in these strange distorted letters? These letters are called CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”

Its an annoying system that most of us have come to hate but had to use to block spam bots that automate tasks like account registration and comment posting.

A team of researcher have defeated the system with a process called segmentation where they were able to separate the letters and through a special process, clear up the image and automate a method of reading them.

The only system that was not defeated was that used by Google. Are we going to look for alternative solutions? Are the new solutions going to be even more annoying? Why do you think?

Separate, more secure Internet!

Have you ever imagined what would happen if hackers gained access to an electricity grid or a nucular power plant computer system? What if through their access they could connect with physical controls within these spaces? Experts are saying this is very possible.

After a seemingly sophisticated attack on the unfinished Iranian nuclear power program last year. A lot of people thought this is the work of a foreign agents or something a long those line. However, this was replicated recently by researches using simpler methods. “Yet for all its science fiction sophistication, key elements have now been replicated in laboratory settings by security experts with little time, money or specialized skill.” -Associated Press

That is why, there are ideas being tossed around suggesting the creation of a separate, more secure network for critical infrastructure systems.

What are the implications of such creation? and would something like that cripple technical innovation for integrating infrastructure to expanding technological systems? I am not sure but I think in the end it’s better to have a safe and sound infrastructure and think deeply about how should we move forward in a world plagued with cyber criminals.