security
Three roads to product security
- Albert Zenkoff
- 2014-10-16
- Management, advice, choice, Common Criteria, consult, definition, management, OpenSAMM, path, process security, product security, road, security, three, way
I mentioned previously that there are three ways to secure a product from the point of view of a product manufacturing company. Here is a little more detailed explanation. This is my personal approach to classifying product security and you do not have to stick to this but I find it useful when creating or ...
Read More
Secure the future – have a change of mind!
- Albert Zenkoff
- 2014-09-24
- Management, atomization, civilization, costs, economics, justify, long term, management, mindset, necessity, profit, profitable, secure future, security, separation, short-sighted, survival
The future of the enterprise can be secured provided that it is properly organized and operated with full understanding of its economics. The current concentration on “profit here and now” is extremely harmful to the survival of the economy of the world as a whole and every given enterprise in particular. Why is that? There ...
Read More
Dark alleys of cybersecurity
- Albert Zenkoff
- 2014-09-01
- Society, assessment, awareness, cybersecurity, cyberspace, danger, dark alley, internet, security, situation
The security of the so-called “cyberspace” has deteriorated beyond belief. Some people tell me that my stories are far-fetched and that I view the security and computer industry with some sort of a depressing negativism. I disagree. The problem is, I am trying to stay positive and optimistic. My tales rarely go to the full ...
Read More
Strategy towards more IT security: the road paved with misconceptions
- Albert Zenkoff
- 2014-07-23
- Society, component, conference, future, government, ignorance, internet, IT, management, manufacturing, misconception, network, restrict, secure, security, software, strategy, system
The strategy towards more IT security in the “Internet of Things” is based a little more than entirely on misconceptions and ignorance. The policy makers simply reinforce each other’s “ideas” without any awareness of where the road they follow is leading. As I listened on in the K-ITS 2014 conference, it became painfully obvious that ...
Read More
Cheap security in real life?
- Albert Zenkoff
- 2014-06-30
- Management, advice, audit, cheap, customer, management, penetration testing, practice, product, quick and dirty, security, security by obscurity, security program, systematic, white box
Security concerns are on the rise, companies are beginning to worry about the software they use. I received again a question that bears answering for all the people and all the companies out there because this is a situation that happens often nowadays. So here is my answer to the question that can be formulated ...
Read More
TrueCrypt disappears
- Albert Zenkoff
- 2014-06-02
- Society, audit, container, disk encryption, encryption, security, society, suspicious, Tools, truecrypt
Quite abruptly, the TrueCrypt disk encryption tool is no more. The announcement says that the tool is no longer secure and should not be used. The website provides a heavily modified version of TrueCrypt (7.2) that allows one to decrypt the data and export it from a TrueCrypt volume. Many questions are asked around what ...
Read More
Software Security vs. Food Safety
- Albert Zenkoff
- 2014-02-13
- Management, changes, costs, crisis, customer perception, food industry, industry, lessons, security, software
My friend works in a large restaurant chain in St-Petersburg. She is pretty high up in the command after all these years. We talk about all sorts of things when we meet up and once she told me about how they have to deal with safety and quality inspections and how bothersome and expensive they ...
Read MoreFraud Botnet Controls Sales Terminals
- Albert Zenkoff
- 2013-12-05
- Society, botnet, credit card, Dexter, fraud, malware, point of sales, POS, security, StarDust
Ah, the humanity. ArsTechnica reports that researchers came across a proper botnet that controls 31 Point Of Sales (POS) servers with an unknown number of actual sales terminals connected to them. The botnet is operational, i.e., it is running and collecting the credit card data. The data is transmitted during idle times in an encrypted ...
Read More
Camera and microphone attack on smartphones
- Albert Zenkoff
- 2013-11-13
- Technology, attack, attack path, camera, microphone, mobile, PIN, security, side-channel, smart phone, technology
The researches at the University of Cambridge have published a paper titled “PIN Skimmer: Inferring PINs Through The Camera and Microphone” describing a new approach to recovering PIN codes entered on a mobile on-screen keyboard. We had seen applications use the accelerometer and gyroscope before to infer the buttons pressed. This time, they use the ...
Read MoreWhat are NFC cards and how are they protected?
- Albert Zenkoff
- 2013-06-18
- Technology, contactless smart cards, countermeasures, embedded, ISO 14443, NFC, NFC cards, perfect security, Physical security, protection, security, smart card security, smart cards, sony felica, wireless
Ever since I posted an initial article “Hack NFC Door Locks” I see a steady stream of people that come with queries like “what’s the protection of an NFC card” and “how do you hack a protected NFC card”. Obviously, there is something out there interesting enough for people to begin inquiring. What is an ...
Read MoreAbout the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.
Share and stay updated
Share and stay updated
About the author
Albert Zenkoff
Managing corporate security in both technical and business sense in the context of long-term business strategy and sustainability.
For security consulting, training, certification and audit mail albert@aruberusan.com.