As smart devices find their place in the majority of modern homes, users must begin taking an active approach in protecting themselves and their homes from potential security breaches.
Privacy
Moving Beyond 1024-Bit Encryption
An increase in computing power suggests that 1024-bit encryption is no longer secure enough to protect company private keys.
A Look at Google’s Accelerated Mobile Pages
The benefits of Google’s new project AMP are obvious, but the concerns warrant careful attention as well.
Securing Enterprise Keys and Certificates Should Be a Priority
Maintaining the secrecy of private keys and certificates can save businesses millions of dollars in losses.
IoT Security: When Fiction Becomes Reality – Part II
In a follow-up to my last post, I’d like to address how infosec professionals can help non-security folks understand the need for security basics.
Google Pushes HTTPS with Google Canary Feature
On the heels of an announcement last summer that websites using HTTPS will receive a SEO boost, Google is taking more steps to encourage a more encrypted web. Google created a version of Chrome with a feature designed to warn users when they visit unencrypted web pages. For now, this feature is only available on […]
IoT Security: When Fiction Becomes Reality – Part I
It’s up to the infosec community to reach out to engineering and manufacturing and to help them understand security risks and best practices. We need to engage in conversation. We need to gain a seat at the table so that security is not an afterthought in the era of connectivity.
Superfish-like Behavior Found Again with Komodia and PrivDog
In the last two weeks, we have seen quite a few poor security practices in use with Superfish, Komodia/Lavasoft, and now PrivDog.
Lenovo’s Superfish Adware and the Perils of Self-Signed Certificates
Lenovo’s violation of security best practices demonstrates the dangers of using self-signed certificates and the importance of the public trust system.