Marketplace Analytics … When Knowing Data About You May Benefit You

While reading ComputerWorld’s Fueled by Analytics article in their December 2nd edition I was struck by the company’s use of data collection and analytics to deliver “… cars that most customers want most of the time.” The article immediately thereafter points out that Ford’s Smart Inventory Management System (SIMS) has profited the company thus far by… Continue reading Marketplace Analytics … When Knowing Data About You May Benefit You

Holy Poop! Mandiant. Sold?

NY Times reports ”… Mandiant is being acquired by another major player in the space .. FireEye, Inc. ….” for almost $1bn US dollars. Mandiant is a relatively small company that does HUGE sales to large corporations for security consultation.

News from CCC: NSA can access your iPhone

“… a secret NSA program code named DROPOUTJEEP has nearly total access to the Apple’s iPhones ….” This includes access to cameras and microphones. http://thehackernews.com/2014/01/DROPOUTJEEP-NSA-Apple-iPhone-hacking-tool.html

Fun with flash memory

Multiple posts covered a presentation at the CCC outlined how they could write programs onto flash memory like SD cards. A quote from the ThreatPost article referenced below:“In other words, the maker of these particular chips, and likely a whole slew of others, is not adequately securing the firmware update process. From this point, the… Continue reading Fun with flash memory

Security isn’t just about keeping bad people out

Responsible risk management should assume breaches are inevitable and while effort must be put towards securing boundaries efforts should also be directed to ensuring proper authentication (AuthN) and appropriate authorization (AuthZ) within the system(s). Trust must be extended to employees and authorized parties but stakeholders in a system should regularly review access to ensure that… Continue reading Security isn’t just about keeping bad people out