Who Is

watching out for you?

In today's world you need to understand a few more things...

Who Is

knocking on your virtual front door?

It could be someone down the block or from the Bloc

Securing mobile leads to securing the Internet of things

Caleb Barlow, IBM

17-September-2015 We need to increase the aperture to look beyond mobile, to the Internet of Things.

Read Part 1 So many Android Devices, so little security


“When those guys hacked into a car, what hit me was the scenario in which they’d crossed over the Internet what was supposed to be a closed system, which affected 104 million cars,” said Caleb Barlow, VP IBM Security.

Is the vulnerability in the car the issue?
No, because building perfect code is unrealistic.

The issue is: How do I make sure that when I make a device, there’s a way to update the code to fix an issue quickly?

And that’s going to cause us to think about the things we design, and build in new ways.”

Over the next year dialog isn’t going to be:
Mobile phones know your marital status, sexual preference, location.
Mobile phones have to lead this charge and everything else is going to have to follow.

“I don’t know if it’s possible to flood a kitchen by hacking a dishwasher,” Barlow said. “You can look up the default passwords of nanny cams, television, conferencing units, whatever, that are connected to the Internet, and log into somebody’s house.”

Some of the advancements are in thermostats and fire alarms. A secondary aspect is backhaul of information that provides all kinds of material about when people come and go, how many they are, and what are their trends, which can be correlated with what is the income of the house, if children present and when.

You can make the argument that lots of bad things can happen if bad guys get a hold of that data.

In the case of the car navigation system it can also hurt more than those whose information has been hacked.

“We’ve gotten used to exchanging apps for our information. Kind of like walking into McDonalds and discovering you’re the cow – with data, you are the product.”
 
•    Where is that data being gathered?
•    How is it being stored?
•    What are the custodial responsibilities of the people gathering it?

“I don’t think I’m OK with a location app collecting my information… why does my kid’s game need access to the microphone when there’s no audio?” asked Barlow. “We see these all the time. The average user just clicks thru installation. Even if they data is used ethically, what happens when it’s hijacked?”

The classic example is Ashley Madison. People of certain backgrounds, religions, and beliefs are vulnerable when data is hacked.

He predicts activism is going to occur, like when people were protesting by standing in front of nuclear power plants in the 1970s.

“At the end of the day we have to get past the sensational aspects, and see the fundamental core root issue – when we find a problem we’ve got to have a method of updating in real time, so we can fix the vulnerability.”