According to a research published in The Register yesterday, the biggest security threat in your home/office is your network attached device (link to report).
The proliferation of devices that connect to the network/internet, such as network printers, wireless cameras, multimedia devices, NAS, etc. brought with it a new dimension of insecurity we haven't considered before. Moreover, the research shows most manufactures don't care much about security, and their web interfaces are highly hackable, by he simplest methods out there.
Script-kiddie level hacks applied to your device's web interface, such as JavaScript strings in place of user names, and cross-site scripting (XSS) can turn your camera into a spy, or have your printer send a copy of every scanned document to an external address.
The report does not name names (sadly), but hints that 4 out of the 5 big NAS manufacturers have been neglect in their duty to protect your data. The full results of the research will be presented later this month at the Black Hat security conference in Las Vegas (meaning that pretty soon, every hacker on Earth will hear about this).
We can only hope that device manufacturers take the research to heart and publish updates to their software and firmware that blocks such simple attacks. Knowing some of the players though, suggests it would take a long time for them to do so, if at all - there's no money in fixing things.
In the meantime, I recommend using your router to make sure network-attached devices are not accessible to the outside world. If you must access them, DO NOT use their built-in web interfaces, but some secure protocol like VPN or SSH.
|
||
|
“Whenever I found out anything remarkable, I have thought it my duty to put down my discovery on paper, so that all ingenious people might be informed thereof.” - Antonie van Leeuwenhoek (inventor of the microscope) |
||
Friday, July 17, 2009
Thursday, July 16, 2009
Send Your Name to Mars!
Last year NASA offered you to send your name to the moon on the LRO. The LRO rocket took off successfully on 6/18. But if you missed that ride, NASA now offers you to send your name to Mars on the Mars Science Laboratory Rover.The rover is scheduled to take off sometime in 2011. My recommendation is to add your geo-location coordinates, so the aliens can locate you more easily (I doubt they use our zip system)
Saturday, July 11, 2009
Services on the Go
As some of you may already know, I officially launched my very own consulting company - The Traveling Tech Guy.
I offer consulting services on several levels: from project management and process optimization, to actual software development. I intend to leverage my knowledge and experience to assist my customers with almost any software environment, product or methodology out there. My full range of services, and resume is available on the site.
So far, I have 2 customers, and I'm negotiating right now with 2 more. Past referrals have been great and I'm learning that the most important word in the services biz is Networking.
One thing I've seen other bloggers who sell something do very often, is turn their personal blog into a marketing resource. It has gotten so it's almost impossible to see the trees for the forest. (e.g. the blog Joel on Software, that I used to enjoy and quote from in the past, have turned into a long ad for his company and products).
I promise to not turn this blog into a billboard. I will continue to share my technology and travel experiences here, but will attempt to keep marketing to a minimum - right after this mandatory notice from our sponsor:
There. Got that out of my system. Just my way of sharing some revenue with dedicated readers. Expect some news from my venture now and again, but mostly - expect this blog to remain as it was: all about travel, tech and fun.
I offer consulting services on several levels: from project management and process optimization, to actual software development. I intend to leverage my knowledge and experience to assist my customers with almost any software environment, product or methodology out there. My full range of services, and resume is available on the site.
So far, I have 2 customers, and I'm negotiating right now with 2 more. Past referrals have been great and I'm learning that the most important word in the services biz is Networking.
One thing I've seen other bloggers who sell something do very often, is turn their personal blog into a marketing resource. It has gotten so it's almost impossible to see the trees for the forest. (e.g. the blog Joel on Software, that I used to enjoy and quote from in the past, have turned into a long ad for his company and products).
I promise to not turn this blog into a billboard. I will continue to share my technology and travel experiences here, but will attempt to keep marketing to a minimum - right after this mandatory notice from our sponsor:
Announcing the Traveling Tech Guy Referral Promotion:
Finder's fee: for any referral that will turn into an actual project, I will pay the referrer 10% of the final contract sum.
Blog discount: any customer who gets to me through this blog will receive a 10% off his final charge.
Small print: these 2 offers are mutually exclusive (i.e. you either get a 10% fee for referring someone, OR the referred customer gets a 10% discount, OR we can split it evenly between the referrer and the customer).
There. Got that out of my system
. Just my way of sharing some revenue with dedicated readers. Expect some news from my venture now and again, but mostly - expect this blog to remain as it was: all about travel, tech and fun.
Friday, July 10, 2009
Consumer Rants: United Breaks Guitars
I may bitch and moan in my blog about the crappy way customer relations departments in companies (especially airlines and rental cars) treat us passengers, but Dave Carrol went several steps further.
Dave, a musician by trade, wrote a song documenting his entire year-long ordeal with United Airlines - who broke his Taylor guitar, but refused to pay for it.
After more than a million people turned this song into a viral hit, United contacted Dave and offered to compensate him. Here's his reply:
I just wish I were this talented. But most of all i wish more stories would come out like this, in a humorous, entertaining way, and give those "relations" people some food for thought: it takes millions of dollars to buy a reputation, and one guy with a guitar to ruin it.
On that note: can someone teach me some chords?
And thanks to my friend Yaniv for sending me the original story.
Dave, a musician by trade, wrote a song documenting his entire year-long ordeal with United Airlines - who broke his Taylor guitar, but refused to pay for it.
After more than a million people turned this song into a viral hit, United contacted Dave and offered to compensate him. Here's his reply:
I just wish I were this talented. But most of all i wish more stories would come out like this, in a humorous, entertaining way, and give those "relations" people some food for thought: it takes millions of dollars to buy a reputation, and one guy with a guitar to ruin it.
On that note: can someone teach me some chords?
And thanks to my friend Yaniv for sending me the original story.
Saturday, July 4, 2009
Happy 4th of July!
Still July 4th for the next hour or so (and definitely still the 4th in Hawaii ), so I want to wish my American readers a happy Independence Day.I just came back from a 4th of July concert at Shoreline Amphitheater in Mountain View.
The SF Philharmonic played space-related classical pieces, and George Takei (Sulu from Star Trek) narrated. The evening ended with a nice fireworks show, to the tune of John Williams' Star Wars theme (coincidentally, Skywalker Ranch, where the movie was created, is 50 miles north of here).
It was fun to watch and fun to take part in. Happy 4th!
PS: I'm uploading the videos and pictures as I write this. Will update later with links.
PPS: Here are the videos:
1. George Takei and Star Trek
2. Fireworks to the tune of Star Wars
Subscribe to:
Posts (Atom)