Security

These days many companies are looking to IoT to enable their products. In the case of commoditized items, some see an opportunity to differentiate themselves and increase their margins; and with the help of some good marketing, may convince people that they need a smart kettle to get the water boiling 5 minutes before they... View Article

Here’s a quick rundown from a tech perspective of what Google announced last week at its I/O conference: Google.ai Google bases most of its service model on artificial intelligence (AI). In this year’s I/O, they announced some really cool new data-center clusters called Tensor Processing Units (TPUs): huge, heavy-duty number-crunching machines that each provide up... View Article

Secure your IoT devices with robust cryptography and access control. Learn best practices for HIPAA compliance, encryption, and secure communication in this in-depth guide!

I was recently invited to give a presentation on security for Internet of Things networking at infocomm 16. While I discussed the topic and scope with the organizers, I didn’t have a good catchy title prepared, so the organizers took it upon themselves to submit one for me: “Hacker-Proof IoT.” Easy, right? While I would... View Article

Another day, another public hack: Today we learned that a “cyber-espionage operation” has used a previously unknown flaw in Adobe Flash to gain information from NATO governments and others. And also 87% of Android devices are vulnerable to numerous known hacks because there’s no good business model to distribute patches on that platform. That’s just... View Article

Discover how SSL/TLS fortifies embedded devices against modern security threats in our latest ECN magazine article. Stay protected.

Hash-based message authentication code, or HMAC, is an important building block for proving that data transmitted between the components of a system has not been tampered with. It is a widely used cryptographic technology. I recently came across its use in an RFID system.

The kind folks at EDN have asked Cardinal Peak to author an occasional blog about streaming video. The first post went live this morning and discusses streaming video securely: Until recently, the accepted wisdom in the industry was that end users didn’t care about encrypting this type of video, as long as it was a... View Article

Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.

I’ve got a new blog post up today at EE Times, discussing how to secure devices on the Internet of Things: It used to be academically interesting, perhaps, that an attacker could compromise an unconnected home thermostat. Today, it’s another thing entirely that an attacker can potentially target thousands of home thermostats from afar, determine... View Article

Finding memory leaks and other problems in your code can be challenging, but there are tools available to help simplify that process. Remember to add time to your schedule so that you can apply the available tools for finding memory leaks and other problems.

I just spent the last three days at the IACP show in Denver — the annual conference and expo for the International Association of Chiefs of Police. For anyone who was once a 12-year-old boy, IACP is about as cool as it comes because there are all sorts of cop paraphernalia on display — from... View Article