Saving the Internet of Things (IoT)

screen-shot-2016-11-17-at-12-10-00-amThis is my promised column on data security and the Internet of Things (IoT). The recent Dyn DDoS attack showed the IoT is going to be a huge problem as networked devices like webcams are turned into zombie hoards. Fortunately I think I may have a solution to the problem. Really.

I’m an idiot today, but back in the early 1990’s I ran a startup that built one of the Internet’s earliest Content Distribution Networks (CDN), only we didn’t call it that because the term had not yet been invented. Unlike the CDNs of today, ours wasn’t about video, it was about the daily electronic delivery of PDF editions of […]

The FBI v. Apple isn’t at all the way you think it is

cookjpgThe FBI holds an iPhone that was owned by one of the San Bernardino terrorists, Syed Rizwan Farook, and wants Apple to crack it. Apple CEO Tim Cook is defying the FBI request and the court order that accompanied it, saying that cracking the phone would require developing a special version of iOS that could bypass passcode encryption. If such a genetically modified mobile OS escaped into the wild it could be used by anyone to crack any current iPhone, which would be bad for Apple’s users and bad for Amurica, Cook says. So he won’t do it, dag nabbit.

That’s the big picture story dominating the tech news this […]

Your PBX has been hacked!

phreakThis past week a very large corporation on the east coast was hacked in what seems to naive old me to be a new way — through their corporate phone system. Then one night during the same week I got a call from my bank saying my account had been compromised and to press #4 to talk to their security department. My account was fine: it was a telephone-based phishing expedition. Our phone network has been compromised, folks, and nobody with a phone is safe.

Edward Snowden was right we’re not secure, though this time I don’t think the National Security Agency is involved.

Here’s how this PBX hack came down. Step one begins with looking for […]

Executive ego and the Sony Pictures network hack

sonyhackReaders have been asking me to write about the recent network hack at Sony Pictures Entertainment. If you run a company like Sony Pictures it has to be tough to see your company secrets stolen all at once — salaries, scripts, and Social Security numbers all revealed along with a pre-release HD copy of Annie, not to mention an entire database of unhappy Sony employees who want to work anywhere Adam Sandler doesn’t. But frankly my dear I don’t give a damn about any of that so let’s cut to the heart of this problem which really comes down to executive privilege. Sony was hacked because some president or vice-president or division head […]

To stop data theft, pull the plug

moneyBack in the 1980s, when I was the networking editor at InfoWorld, one of my jobs was to write profiles of corporate networks. One of those profiles was of the Adolph Coors Brewing Company of Golden, Colorado, now known as Molson Coors Brewing. I visited the company’s one brewery at the time, interviewed the head of IT and the top network guy, then asked for a copy of the very impressive network map they had on the wall.

“Sorry, we can’t give you that,” they said. “It’s private.”

“But we always print a map of the company network,” I explained.

“Fine, then make one up.”

And so I invented my own map for the Coors network.

There’s a lesson here, trust […]