Doug Bedell — July 28, 2014, 10:20 am

Caution on a Key-Substituting App

ss_178676195_170-keyme

NakedSecurity advises about the pros and cons of a new app, KeyMe, that’s intended to get folks suddenly without a key into their homes. “…it’s actually designed to help people who do things like wander outside to get their newspaper in their slippers, only to hear the decisive ‘click!’ of a door locking shut behind them.”

But suppose it’s used by “some random jerk who’s managed to photograph your key”? A lot of precautions have been taken to insure the app’s appropriate use, but they’re evidently not foolproof.

 

Doug Bedell — July 25, 2014, 11:11 am

Tiny Surveillance ‘Helicopters’ as Soldiers’ Security Tools

size0

Wow! The U.S. Army is developing “a pocket-sized aerial surveillance “helicopter” drone for soldiers and small units operating on unfamiliar ground.” That word (with the above photo) comes from the DefenseTech blog, and it’s fascinating.

The aim is, even, to enable soldiers to look room-to-room in buildings they might be checking out. Palm-sized, the device would provide real-time video for up to 20 minutes for a soldier controlling it.

Doug Bedell — July 23, 2014, 9:53 am

Terrorism Threat To U.S. Continues Strong, Commission Warns

images

Ten years after its first report, the 9/11 Commission has issued a new one “reflecting the evolving and dangerous terrorist threat facing the nation.” Homeland Security Watch (HSW) notes that the new report reflects “mounting threats from the resurgence and transformation of al Qaeda, the situation in Syria and a rapidly changing cyber landscape.” With the 9/11 commission calling for, in HSW’s words, “a vigorous and proactive counterterrorism effort,” it isn’t getting any friendlier out there folks. The commission’s report is available at http://bipartisanpolicy.org/sites/default/files/%20BPC%209-11%20Commission.pdf

Doug Bedell — July 21, 2014, 10:43 am

At Many Organizations, Cyber Guard Remains Lax

RiskManagementReportCard-01

Tech people in organizations feeding into Information Week’s Dark Reading blog think their CEOs aren’t any too swift at appreciating what it takes to manage cyber security risks effectively.

Citing last year’s hacker attack on Target,  a post notes that, “In the Dark Reading community, according to the results of our latest pool, members…show a stunning lack of confidence in their chief executives’ ability to marshal the talent, financial resources, skills and training to defend their companies from a similar attack.” Only 16 percent of 750 respondents give their CEOs an “A” for making cyber risk management a top priority. Twenty-six percent see organizations moving in the right direction, but lacking critical tools.

And 40 percent say companies are barely meeting cyber security standards or “‘flying blind’ with security teams who lack the latest technology and training.”

Get on board CEOs, this is important stuff, and is becomingly increasingly so.

Doug Bedell — July 18, 2014, 8:52 am

Stakes Being Upped on Computer Security

Information Week’s Dark Reading provides some chilling reading indeed. Malware developed originally for government espionage “is now in use by criminals, who are bolting it onto their rootkits and ransomware.” That means, one can presume, that malware is becoming ever more sophisticated, adding to the computer security challenge.

One form of recently discovered malware, dubbed Gyges, says Sentinel Labs, which discovered this example, “is an early example of how advanced techniques and code developed by governments for espionage are effectively being repurposed, modularized and coupled with other malware to commit cybercrime.”  

Doug Bedell — July 16, 2014, 9:49 am

‘Nuclear Forensics’ Discussed in Vienna

huban-gowadia

Here’s a scary topic: “nuclear forensics”. Eighty-eight member states joined in an International Atomic Energy Agency (IAEA) conference in Vienna last week on Countering the Evolving Threat of Nuclear and Other Radioactive Material out of Regulatory Control. The U.S. Department of Homeland Security (DHS) attended, of course, and provides this report on the meeting.

DHS was represented by its Domestic Nuclear Detection Office (DNDO), which discussed, along with the Department of State, “the development of National Nuclear Forensics Libraries and the results of Galaxy Serpent – an international nuclear forensics exercise conducted by the Nuclear Forensics International Technical Working Group.” One shudders to think of it, but we can appreciate their getting together.

DNDO is headed by Huban Gowadia, shown here.

Doug Bedell — July 14, 2014, 10:19 am

Scooting Through Airport Security

fan-with-headress-near-Qylatron-660x486-1

Here, from Wired.com, is possibly great news about future airport security checks – development of a new hassle-free system for quick, self-actuated scans that wouldn’t require anyone but you to handle your carry-on bag, or even open it.

Developed by Qylatron, the system was tested/demonstrated at a World Cup stadium in Curitiba, Brazil. It’s called the Qylatron Entry Experience Solution, can handle five bags at a time, and people apparently loved it. (Be sure to watch the accompanying YouTube video.)

Doug Bedell — July 11, 2014, 8:28 am

A Security Reading List to Keep You Advised

00bbab9

Philip J. Palin, a risk management practitioner, has put together an online library of  “a reading list for a graduate symposium in homeland security.” It looks like a great resource, headed, no surprise, by the 9/11 Commission Report. Also includes such material as Global Risks 2014, and Global Trends 2030: Alternative Worlds, as prepared by the National Intelligence Council.

While not precisely fireside reading, it looks like the list will make/keep you deeply informed on the security field. Palin is requesting advice on “What else would you insist be on the list? What would you remove from my list without a second thought?” A colleague-oriented guy.

Doug Bedell — July 9, 2014, 12:26 pm

Checking Electronic Devices on U.S.-Bound Flights

Here are two somewhat divergent views of the U.S. Homeland Security Department’s directive that cellphones and other electronic devices need to be turned on for security checks on flights to the U.S.

On In Homeland Security, Glynn Cosker seems more tolerant of the advisability of the precaution than Arnold Bogis on Homeland Security Watch, who fears that “a perverse ‘whack-a-mole’ instinct” may have taken hold at Homeland Security. But, apparently, the precaution has been ordered out of concern that an electronic device might be stuffed with an explosive instead of its circuit board. Such are our times.

Doug Bedell — July 7, 2014, 11:47 am

Privacy Groups Anxious Over a U.S. Cybersecurity Bill

070714.cisa_

Repercussions of Edward Snowden’s digital security – or insecurity – exploits keep bouncing around Washington. Now, Government Security News (GSN) reports, “a group of privacy organizations has written a letter to Congress saying that a newly released draft version of a bill, the Cybersecurity Information Sharing Act of 2014 (CISA), which aims to improve private and public sector sharing of cyber threat information, could pose a major risk to individuals’ privacy.”

It’s been a year since Snowden revealed the existence of U.S. government surveillance programs, and privacy groups like the Center for Democracy and Technology, the American Civil Liberties Union and the Electronic Frontier Foundation are seeking, GSN advises, “meaningful privacy reform and a roll back of the surveillance state created since passage of the Patriot Act.”