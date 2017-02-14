Security Leftovers
Mobile apps and stealing a connected car
The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. The case in point is not only multimedia systems (music, maps, and films are available on-board in modern luxury cars) but also car key systems in both literal and figurative senses. By using proprietary mobile apps, it is possible to get the GPS coordinates of a car, trace its route, open its doors, start its engine, and turn on its auxiliary devices. On the one hand, these are absolutely useful features used by millions of people, but on the other hand, if a car thief were to gain access to the mobile device that belongs to a victim that has the app installed, then would car theft not become a mere trifle?
[Video] Keynote: Security and Privacy in a Hyper-connected World - Bruce Schneier, Security Expert
RSA Conference: Lessons from a Billion Breached Data Records
Troy Hunt sees more breached records than most of us, running the popular ethical data breach search service "Have I been pwned." In a session at the RSA Conference this week, Hunt entertained the capacity crowd with tales both humorous and frightening about breaches that he has been involved with.
One of things that Hunt said he is often asked is exactly how he learns about so many breaches. His answer was simple.
"Normally stuff just gets sent to me," Hunt said.
He emphasized that he doesn't want to be a disclosure channel for breaches, as that's not a role he wants to play. Rather his goal is more about helping people to be informed and protect themselves.
How Google Secures Gmail Against Spam and Ransomware
Google's Gmail web email service is used by millions of companies and consumers around the world, making it an attractive target for attackers. In a session at the RSA Conference here, Elie Bursztein, anti-fraud and abuse research team lead at Google, detailed the many technologies and processes that Google uses to protect users and the Gmail service itself from exploitation.
IBM Reveals Security Risks to Owners of Previously Owned IoT Devices
hen you sell a car, typically the new owner gets the keys to the car and the original owner walks away. With a connected car, Charles Henderson, global head of X-Force Red at IBM Security, found that the original owner still has remote access capabilities, even years after the car has been sold.
Henderson revealed his disturbing new research into a previously unexplored area of internet of things (IoT) security at the RSA Conference here on Feb. 17. In a video interview with eWEEK, Henderson detailed the management issue he found with IoT devices and why it's a real risk.
"As smart as a connected car is, it's not smart enough to know that it has been sold, and that poses a real problem," Henderson said.
