Jim Rapoza


Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

See more from this blogger

Black Hat Will Once Again Show Our Security Weaknesses

Posted by Jim Rapoza
August 01, 2011

The Black Hat conference, which is happening this week in Las Vegas, has long been one of my favorite security conferences. Part of the appeal is being around all of the interesting hackers and security researchers as they demo cool new ways to exploit holes in our technology infrastructure.

But the most important thing about Black Hat is the reality check it provides on just how insecure everything really is, from computers to networks to mobile devices to industrial and other systems that are now increasingly connected and exposed. And this week’s Black Hat will be no exception, as several scheduled demos will display just how scary some of these security holes can be.

One of the most potentially dynamic demos will be from two researchers at iSec Partners, who will show how they can remotely unlock and start a car protected by a modern security system using only SMS text messages. That’s right--someone can steal your car without even being there. Maybe what we don't see in that commercial where the woman remotely controls a car while boarding a plane as two friends look on is that the three are really high-tech car thieves and the two friends are actually about to steal the car.

What's even scarier about the hack that iSec has discovered is that it isn't limited to modern cars. Many of these same GSM-enabled control systems are also found in industrial and physical security locations. So instead of just being able to remotely unlock and start a car, bad guys could potentially remotely control power plants, security systems at businesses and maybe even lock down controls at prisons.

How is this kind of thing possible? Simple. In security today, there is a constant push to enable and add cool new features that make things easy. And who doesn’t like easy?

But the problem is that, in comparison, security is barely being considered at all when adding these cool new features. Before remotely manageable components were added to sensitive control systems, didn’t anyone say, "Hey, shouldn’t we make sure that this is secure and can’t be taken over by bad guys?"

Most likely no one did. And who can blame them? In modern product cycles, the guy who brings up security issues and potentially holds up cool new features looks bad in front of his bosses (even if he does end up being right in the long run).


Page:  1 | 2  | Next Page »


Related Reading

News

Commentary

Most Popular

More Insights

White Papers

More >>

Webcasts

More >>

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

WAN Security Reports

Research and Reports

August 2013
Network Computing: August 2013

Video


WATCH: Bob Metcalfe Plans Ethernet's 40th

WATCH: CES 2013: It's A Wrap!

WATCH: Intel touts tablets, smartphones at CES 2013


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Upcoming Events

Featured Whitepapers

 
 
What's this?
More >>


Featured Reports

 
 
What's this?
More >>


BlogRoll

TechWeb Careers