"wifi" entries

Batten down the hatches

Four core questions that every security team must ask itself to develop its strategy in dealing with attacks.

Massive software vulnerabilities have been surfacing with increasingly high visibility, and the world’s computer administrators are repeatedly thrust into the cycle of confusion, anxiety, patching and waiting for the Next Big One. The list of high profile vulnerabilities in widely used software packages and platforms continues to rise. A recent phenomenon has researchers borrowing from the National Hurricane Center’s tradition, to introduce a vulnerability with a formal name. Similar to hurricanes and weather scientists, security researchers, analysts, and practitioners observe and track vulnerabilities as more details unfold and the true extent of the risk (and subsequent damage) is known.

Take for example the Android vulnerability released at the beginning of August, 20151. This vulnerability, named “Stagefright” after its eponymous application, can lead to remote code execution (RCE) through several vectors including MMS, Email, HTTP, Media applications, Bluetooth, and more. These factors coupled with the fact that at its release there were no approved patches available for upwards of 95% of the world’s mobile Android footprint means the vulnerability is serious — especially to any organization with a significant Android population.

Read more…

How to identify a scalable IoT network topology

Range, power consumption, scalability, and bandwidth dominate technology decisions.

HVAC Air Group in an airlift. Source: Hvac en kabelgoot

HVAC Air Group in an airlift. Source: Hvac en kabelgoot

Editor’s note: this article is part of a series exploring the role of networking in the Internet of Things.

Three types of networking topologies are utilized in the Internet-of-Things: point-to-point, star, and mesh networking. To provide a way to explore the attributes and capabilities of each of these topologies, we defined a hypothetical (but realistic) application in the building monitoring and energy management space and methodically defined its networking requirements.

Let’s pull it all together to make a network selection for our building monitoring application. As described previously, the application will monitor, analyze, and optimize energy usage throughout the user’s properties. To accomplish this, monitoring and control points need to be deployed throughout each building, including occupancy and temperature sensors. Sensor data will be aggregated back to a central building automation panel located in each building. A continuous collection of data will provide a higher resolution of temperature and occupancy information, thus rendering better insight into HVAC performance and building utilization patterns. Comparison of energy utilization throughout the portfolio of properties allows lower performing buildings to be flagged.
Read more…

Four short links: 21 July 2014

Four short links: 21 July 2014

Numenta Code, Soccer Robotics, Security Data Science, Open Wireless Router

  1. nupic (github) -GPL v3-licensed ode from Numenta, at last. See their patent position.
  2. Robocup — soccer robotics contest, condition of entry is that all codes are open sourced after the contest. (via The Economist)
  3. Security Data Science Paper Collection — machine learning, big data, analysis, reports, all around security issues.
  4. Building an Open Wireless Router — EFF call for coders to help build a wireless router that’s more secure and more supportive of open sharing than current devices.