Posts Tagged ‘security’
Monday, July 26th, 2010
The number of software vulnerabilities found in the first half of 2010 has nearly eclipsed last year’s total figure, and topping the list are machines running Apple operating systems, according to a new report by security firm Secunia. Studies were conducted on PCs equipped with a standard set of third-party software applications and across multiple operating systems.
Apple ranks first, ahead of runner-up Oracle, and Microsoft in the number of security bugs found in all their products in 1H 2010. During the first six months of 2010, Secunia logged 380 vulnerabilities within the top-50 most prevalent packages on typical end-user PCs, or 89 per cent of the figure for the entire year of 2009.
This is the first time since 2005 that Apple has topped the list of vendors in Secunia’s yearly security vulnerability report. According to Secunia, the rising number of total vulnerabilities can be partially attributed to the wide variety of mechanisms required to keep software updates current. Additionally, more risks were found in systems with a higher number of third-party applications installed.
Tags: apple, security
Posted in Uncategorized | No Comments »
Sunday, July 25th, 2010
Mocana today announced that Good Technology has licensed its NanoCrypto cryptographic engine for use on supported mobile platforms, including iOS, Android, Symbian, Windows Mobile, and Palm webOS. Good for Enterprise enables IT administrators to easily define and distribute configuration profiles and enforce compliance policies for devices using the web-based Good Mobile Control console. With solutions that combine a great user experience with the tools that IT needs to manage and protect its mobile enterprise, Good Technology will implement Mocana’s NanoCrypto as their universal security client, protecting against increasingly sophisticated attacks directed specifically at non-PC smart devices.
Good Technology–whose solutions can be found in some of the most sensitive government and business settings–needed a portable, universal crypto solution and the proven expertise of a smart device security leader. They chose Mocana. NanoCrypto is Mocana’s super-fast, super-small, government-certified cryptographic engine, purpose-built for the entire ecosystem of smart devices, of which smartphones are just one category.
Click here to view the full press release.
Tags: android, cryptography, enterprise, good technology, iOS, iphone, mobile, security, symbian, windows mobile
Posted in Uncategorized | No Comments »
Wednesday, July 21st, 2010
Whether you’re new to the smart grid concept, a developer looking for technical documentation, or involved in any aspect of planning for the grid, there is now a central online resource for information on all things “smart grid”. The Smart Grid Information Clearinghouse (SGIC) will officially go live in Fall 2010, but for the time being it’s available publicly in beta form:
“It is envisioned that the SGIC portal will be the essential gateway that connects the smart grid community to the relevant sources of information that are currently scattered and distributed on the worldwide web. The portal will also direct its users to other pertinent sources or databases for additional data, case studies, etc. It will serve as a decision support tool for both state and federal regulators in their deliberations for rule-making and evaluating the impact of their investments in the smart grid technologies and software.”
This site will likely prove to be an invaluable reference library for those involved in any aspect of the smart grid, with information available on a wide variety of subjects all aimed at providing awareness and furthering the development of the smart grid community.
Tags: security, smart grid security, smart meter
Posted in Uncategorized | No Comments »
Tuesday, July 20th, 2010
As mobile devices continue to pull ahead of PCs in widespread connectivity, a new emphasis on security has been embraced by the development community. In line with this recent trend come two new major upgrades from prominent mobile players Google and Research In Motion.
Earlier this week, Google unveiled new device management features for its Google Apps suite aimed at the enforced use of data encryption and password security. Implemented for a variety of platforms such as Windows Mobile, iPhone, and Nokia Series E, the Apps will now wipe passwords after a series of failed attempts, mandate new passwords periodically and automatically trash old passwords. These changes will also reach Google’s own Android platform later this year.
Similarly, Research In Motion introduced an upgrade for its BlackBerry smartphones that targets enterprise use. Included in its 7th release of BlackBerry Enterprise Server Version 5.0.2 is the new Individual-Liable Devices Policy, which enables segregation of corporate and personal BlackBerry use. The new revision also enables remote wiping of corporate data.
Tags: app, blackberry, devices, google, iphone, mobile, security, smartphone
Posted in Uncategorized | No Comments »
Monday, July 19th, 2010
Commonly regarded as a more tweak-friendly alternative to Apple’s iPhone OS, Google’s Android OS has carved out a loyal market niche among power mobile users looking to get tricky with their smartphones as well as developers of third party apps that wouldn’t make the cut on Apple’s more stringent App Store. But those who love Android phones for their tweakability may want to think twice before shelling out for Motorola’s Droid X, the new flagship phone released today.
As reported by Venturebeat, the new Droid phone contains “eFuse” technology designed to render itself inoperable, should the smartphone be user-modified.
[eFuse] runs when the phone boots up, and it checks to make sure that the phone’s firmware, kernel information, and bootloader are legit before it actually lets you use the device….If the eFuse failes [sic] to verify this information then the eFuse receives a command to “blow the fuse” or “trip the fuse”. This results in the booting process becoming corrupted and resulting in a permanent bricking of the Phone. This FailSafe is activated anytime the bootloader is tampered with or any of the above three parts of the phone has been tampered with.
Motorola insists that eFuse is a customer-focused security measure that helps to protect user data.
Tags: android, app, apple, droid, google, hack, iphone, mobile, security
Posted in Uncategorized | 1 Comment »
Sunday, July 18th, 2010
A recent article in The New York Times looks at a number of new technologies that use ambient radio waves to provide power for wireless, low-power devices and sensors. Harnessing waves from everything in the air — cellphone antennas, radio stations, TV towers, WiFi transmitters — these new technologies are using otherwise wasted energy to power a wide range of low-power sensors.
At Intel, Dr. [Joshua] Smith, working with the researcher Alanson Sample of the University of Washington, created an electronic “harvester” of ambient radio waves. It collects enough energy from a TV station broadcasting about 2.5 miles from the lab to run a temperature and humidity sensor.
The device collects enough power to produce about 50 microwatts of DC power, Dr. Smith said. That is enough for many sensing and computing jobs…. The power consumption of a typical solar-powered calculator, for example, is only about 5 microwatts…and that of a typical digital thermometer with a liquid crystal display is one microwatt.
Dr. Smith and his colleagues have built a second device, powered by radio waves, that collects signals from an outdoor weather station and transmits them to an indoor display. The unit can accumulate enough energy to send an updated temperature every five seconds.
Thanks to the virtually endless supply of radio waves in the air, these technologies could soon create wireless devices that can run continuously on an endless power supply — battery-free.
Tags: radio waves, security, wifi, wireless
Posted in Uncategorized | No Comments »
Thursday, July 15th, 2010
Network service provider Ericsson announced Thursday, July 8th that the number of mobile subscriptions active worldwide has reached 5 billion. The recent surge in mobile usage, which include both basic cellular phones and “smart” devices, has been attributed to growth in emerging markets such as China and India.
Ericsson reports that mobile broadband subscriptions are also growing at a rapid pace, and are expected to reach over 3 billion by 2015, a massive increase from the 360 million subscriptions active in 2009. Experts now believe that soon 80% of all people connecting to the internet will doing so from a mobile device.
Tags: devices, internet of things, mobile, security
Posted in Uncategorized | No Comments »
Wednesday, July 14th, 2010
Have you received an unusual amount of strange phone calls on a mobile or land line recently? If so, you should be aware of a scam that uses automated phone calls to gain access to users’ accounts, leaving its victims with drained bank accounts. It’s a rare example of Telephony Denial of Service (TDOS) attacks being used directly against consumers.
The FBI website describes the phony phone call scheme:
During these TDOS attacks, online trading and other money management accounts are being accessed by the perpetrators who are transferring funds out of those accounts. The perpetrators will obtain account information of their victims in some way and then contact the financial institutions to change their victims’ profile information such as email addresses, telephone numbers and bank account numbers. The purpose of the malicious phone calls is to occupy the victim phone numbers on record with the financial institutions managing the accounts so that when the institutions contact the victim to verify the changes and transactions, the institution is unable to reach the victim. Consequently, the victim has no idea what has really transpired until it’s too late.
The calls, typically made in such a volume as to overwhelm the targeted line, can be identified as dead air (silence on the other end), an ‘innocuous recorded message’, advertisement or even a phony telephone sex menu. The FBI recommends anyone who suspects they may be the target of such an attack should contact their telephone service provider in addition to alerting their financial institutions.
Tags: FBI, scam, security, tdos
Posted in Uncategorized | No Comments »
Monday, July 12th, 2010
As mobile computing continues to grow with the frequent introduction of new devices worldwide, the mobile application development market becomes an increasingly significant portion of the software industry. However, with the multitude of mobile platforms and delivery options, the field is as fragmented and varied as it is vast.
A new report from VisionMobile aims to demystify the current mobile development landscape, with a comprehensive study based on research conducted with over 400 developers for various platforms such as iPhone, Symbian, Android and Windows Mobile. According to the report,
Android stands out as the platform most popular among mobile developers. Survey results suggest nearly 60 percent of all mobile developers recently developed on Android, assuming an equal number of respondents with experience across each of eight major platforms. Second in terms of developer mindshare is iOS (iPhone), outranking Symbian and Java ME, which were in pole position in 2008.
In addition, the research document contains data regarding:
- the number of apps available for various platforms and in various markets
- the differences in the learning curves that developers face for different platforms
- the effect of app stores and advertising on sales and revenue
Tags: android, apps, devices, iphone, java, mobile, security, symbian
Posted in Uncategorized | No Comments »
Monday, July 12th, 2010
To combat the rising incidence of counterfeit medical products, medical device manufacturers can implement removable memory tokens that contain product authentication keys and other security features. However, the continued reuse of these small, detachable tokens in demanding hospital and healthcare settings can be problematic.
With this in mind, Datakey Electronics produces an anti-counterfeit memory token system that is not only rugged, but can survive repeated sessions of high temperature sterilization without failure, while retaining data. And according to Datakey,
[Using] removable memory for product authentication/anti-counterfeit…opens up a host of other capabilities, including: tracking (and limiting) the number of times an attachment has been used, automatically identifying the model of the attachment and uploading any model-specific parameters, uploading any calibration information that is unique/specific to that particular attachment, and recording settings and other usage data to ensure the device was used properly according to the manufacturer’s instructions.
In addition, the Receptacle on the base controller can be used for secondary uses, including: in-field firmware updates, medical personnel access control, rights management, and more!
Tags: authentication, device security, medical devices, security
Posted in Uncategorized | No Comments »
