Category: security

Reducing big data risks by collecting less

Just because you can collect data doesn’t mean you should

“To my knowledge we have had no data breaches,” stated Tim Morris at the Tech Leaders conference in the Blue Mountains west of Sydney on Sunday.

Morris, the Australian Federal Police force’s Assistant Commissioner for High Tech Crime Operations, was explaining the controversial data retention bill currently before the nation’s Parliament which will require telecommunications companies to keep customers’  connection details – considered to be ‘metadata’ – for two years.

The bill is fiercely opposed by Australia’s tech community, including this writer, as it’s an expensive   and unnecessary invasion of privacy that will do little to protect the community but expose ordinary citizens to a wide range of risks.

One of those risks is that of the data stores being hacked, a threat that Morris downplayed with some qualifications.

As we’re seeing in the Snowden revelations, there are few organisations that are secure against determined criminals and the Australian Federal Police are no exception.

For all organisations, not just government agencies, the question about data should be ‘do we need this?’

In a time of ‘Big Data’ where it’s possible to collect and store massive amounts of information, it’s tempting to become a data hoarder which exposes managers to various risks, not the least that of it being stolen my hackers. It may well be that reducing those risks simply means collecting less data.

Certainly in Australia, the data retention act will only create more headaches and risks while doing little to help public safety agencies to do their job. Just because you can collect data doesn’t mean you should.

Similar posts:

The IoT’s shaky security

Analysis of the Samsung smart TVs data shows the Internet of Things has a long way to go.

Samsung’s spying TV sets attracted headlines that worried many people but until yesterday no-one had looked at exactly what data was being sent by the devices to Samsung.

Pen Test Partners looked at the data flowing too and from Samsung smart TVs and found that yes, the devices are listening and transmitted data back to their – and other company’s – servers.

That is pretty well what is expected, the real concern though is the quality of what’s being transmitted with Pen Test describing it as a mishmash of code with not even a gesture towards security, “what we see here is not SSL encrypted data. It’s not even HTTP data, it’s a mix of XML and some custom binary data packet.”

One of the concerns about the Internet of Things has been the quality and security of the data being transmitted, the Samsung TV shows both are lacking.

For the IoT to deliver the benefits it promises, connections need to be secure and data reliable. Right now it appears the vendors of consumer products aren’t delivering the basics necessary to make the technologies dependable.

Similar posts:

  • No Related Posts

Your TV is watching you. ABC Nightlife February 2015

For the February 2015 Nightlife we look at spying TVs, the internet of rubbish bins and robot hotels

Paul Wallbank joins Tony Delroy on ABC Nightlife nationally from 10pm Australian Eastern time on Thursday, February 19 to discuss how technology affects your business and life.

If you missed the show, the program is available for download from the ABC site.

For the February 2015 program Tony and Paul look at robot driven hotels, the internet of rubbish bins and how your TV could be listening to you.

Last year a lawyer read the terms and conditions of his new Samsung TV and discovered that the company recommended people don’t discuss sensitive information around it. This has lead to widespread, and justified, concerns that all our smart devices – not just TVs but smartphones and connected homes – could be listening to us. What happens to this data and can we trust the people collecting it?

The internet of rubbish bins

It’s not only your TV or smartphone that could be watching you, in Western Australia Broome Shire Council is looking at tracking rubbish bins to make sure only council issued ones are emptied.

Shire of Broome waste coordinator Jeremy Hall told WA Today  the council’s garbage truck drivers had noticed more bins than usual were getting emptied and a system needed to be put in place to identify “legitimate” bins.

While Australian councils are struggling with rubbish bins a hotel in Japan is looking to replace its staff with robots and room keys with face recognition software. The Hen-na Hotel is due to open later this year in Nagasaki Prefecture, the Japan Times reports.

Join us

Tune in on your local ABC radio station from 10pm Australian Eastern Summer time or listen online at www.abc.net.au/nightlife.

We’d love to hear your views so join the conversation with your on-air questions, ideas or comments; phone in on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

You can SMS Nightlife’s talkback on 19922702, or through twitter to @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.

Similar posts:

  • No Related Posts

Carbanak raises the information security stakes

The Carbanak financial heist shows how high the stakes in information security have become

“The most sophisticated attack the world has seen to date” is how Kaspersky Lab’s North American managing director Chris Doggett describes the massive Carbanak electronic bank fraud that could have cost victims up to a billion dollars.

Using a range of techniques, the Carbanak gang cracked their targets’ networks, right down to monitoring financial firm officers through their computers, and stole money through through the banks’ own ATM networks.

 

“That’s where the money is.” Was 1930s bank robber Willie Sutton’s response to being asked why he robbed banks and that is what’s driving the Carbanak gang.

For every Willie Sutton or Carbanak gang there’s a million opportunistic street muggers and script kiddies looking for stealing a few dollars from weak targets though and this is what the average small business or individual needs to be careful about.

Last week Kaspersky reported that nearly a quarter of all phishing attacks targeted financial data. The amounts being stolen are minuscule compared to Carbank’s ill gotten gains but far less work is required to crack a home or small business account.

For any large organisation that hasn’t learned from the Sony or Target hacks, the Carbank heist should be warning that information security is now a responsibility of executives and boards. All of us though have to take care with our data and systems.

Similar posts:

  • No Related Posts

Links of the day – hanging Churchill, resisting Russia and expensive places to live

Charlie Hebdo, Lithuania’s passive aggressive invasion plan and how Winston Churchill was not always Britain’s most admired figure.

Today’s links include a look at the complexities of the Charlie Hebdo discussion, how Lithuania intends a passive aggressive response to a Russian invasion and how Winston Churchill was not always Britain’s most admired figure.

Should we hang Mr Churchill?

The New Statesman has delved into its archives to find its articles on Winston Churchill, it’s an interesting article that shows the complexities of the Churchill myth and legend.

Lithuania’s plan of passive resistance

Having the Russians occupy your country is a living memory in Lithuania. With the troubles in the Ukraine, the Lithuanian authorities are planning for a future invasion. Their advice is to be passive aggressive.

The world’s highest cost living

Which countries are the most expensive for a British expat to live in? Switzerland and Norway top Movehub’s list with the UK coming in tenth, New Zealand seventh and Australia sixth.

No, I am not Charlie

A British cartoonist’s view on the Charlie Hebdo murders illustrates the complexities beyond the facile soundbites.

The popping of the tech startup seed bubble

Has the tech startup mania peaked? The funds being invested into startups at seed stage seems to falling away, which may not be a bad thing suggest Alex Wilhelm.

What’s your password?

The Jimmy Kimmel show went onto the streets asking people what their passwords are. The results, sadly, are not surprising.

Similar posts:

  • No Related Posts

Daily links – Chinese property developers go onto internet

Chinese internet use and smart phone manufacturers dominate today’s links along with Microsoft and Uber’s latest business changes

Today’s links have a distinctly Chinese flavour around them with a look at how the country’s smartphone manufacturers are coming to dominate their market, Tencent’s plans for global domination and how property developers are looking to the internet to save their falling sales.

Uber and Microsoft make their regular appearances to round out the links in their changes to billing and security.

Chinese property developers turn to the web

Faced with declining sales, Chinese property developers embrace – the Internet!

How Chinese smartphone makers are beginning to dominate the market

The rise of China’s smartphone makers: 10 of the top 17 smartphone manufacturers now come from China.

An interview with Tencent

Business Insider has an intriguing interview with one of the VPs of Chinese internet giant Tencent.

In his Q&A, S. Y. Lau discusses how Chinese communities are seeing their incomes rise due to the internet. One of the famous case studies of connectivity are India’s Kerala fishermen who used SMS to arbitrage their market. We may be seeing a similar story with Chinese tea farmers.

Microsoft restrict warning of patches to paying customers

In a short term money grabbing exercise, Microsoft have unveiled a plan to only inform enterprise customers of upcoming security patches. My prediction is this won’t last.

Uber cuts prices

Car hiring service Uber has cut its fares in thirty US cities while guaranteeing drivers their incomes. This is probably a move to keep competitors like Lyft at bay.

Similar posts:

  • No Related Posts

Will Sony ever learn its security lessons?

Once again Sony remind us of the importance of IT security.

For the last week the gossip and tech industry websites have been full of revelations gleaned from a massive hack into the network of entertainment company Sony.

Sadly it isn’t surprising that Sony that targeted in that hack, 2011 was described by this site as the ‘year of the hack’ and at the time I wondered when corporate managers would start taking IT security seriously.

As the most recent security breach shows, Sony’s managers certainly weren’t taking their information security seriously as alleged North Korean hackers gleefully disabled systems and downloaded confidential documents.

While Sony’s woes are deeply damaging to the company, not least for the executives caught out gossiping about movie stars, the stakes are far higher for other companies.

In Turkey its alleged a 2008 oil pipeline explosion was caused by Russian hackers while in the US, Palestinian sympathisers are accused of causing massive damage to the IT systems of the Sands Casino group.

Sony may be one of the most digitally incompetent business in history – at least in respect to IT security – but it’s important for every business to making sure their information systems and critical business systems are hardened against attacks.

Similar posts: