Skip to main content

Home/ CSIA 459/ Group items tagged on

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Amy Harding

Biometrics and Cyber Security - 8 views

biometrics.org/...e%20Rm14%20Thu%20900-920AM.pdf

shared by Amy Harding on 06 Mar 13 - No Cached
  • Amy Harding on 06 Mar 13
     
    Review the presentation.
  • ...3 more comments...
  • Phil Kemp on 24 Mar 13
     
    This article does mention balancing some weaknesses of biometrics. The one weakness that is common right now among these systems is the use of usernames and passwords to form a secondary means of accessing the system once the biometrics no longer work. With the implementation of multi-modal systems, this could be resolved. The article also discusses international based systems, which could be difficult, personal information is a source of contention between many countries. Where is the information stored, and what laws become enforceable depending on the users point of presence?
  • Seth Molin on 24 Mar 13
     
    Interesting article thank you for posting it. As Phil and the article mentioned where is this information stored. The security of this information is deeply concenring. Not that I am a conspiracy theorist but I really do not want my biometric information to be stored on some database. I remember when my daughter was young there was a push to have your child's DNA sample taken and stored in case it was ever needed in the event the child was kidnapped or lost. After thinking about it back then I just did not see how the government having her DNA sample was a good thing. Of course if she ever comitted a crime I would like to think that I would want her punished for the crime but being a parent I also know that I would do anything to protect her, so why would I give the government a readily available DNA sample for them to identify her with. In the event a sample was needed because of some terrible event happening to her one could be provided through other methods. Just my thoughts.
  • glenn_g on 24 Mar 13
     
    I just posted up an article on fooling biometric fingerprint scanners, Facial scanners can be fooled with photos http://thehackernews.com/2011/11/android-facial-recognition-based.html The Danger is that while one can get a new password or smart card if the old is compromised, You only have one face, two eyes and 10 fingers to use for ID and can't get new ones when someone figures out how to comprimise them.
  • Leo T Garcia on 25 Mar 13
     
    Thanks for the posting especially since my project deals with Ambient Intelligence wherein biometrics can be an integral part of its implementation. One of the most common and frequent incidents in Service Management is authentication. Whether it is with entering secure facilities or logging into computer systems both in the office and remotely, people tend to forget their credentials. Consequently, this causes a loss in productivity as someone tries to regain their access to systems or for system administrators to provide them with temporary access. Ambient intelligence and biometrics may seem as a viable solution since the physical characteristics is intrinsic in each individual. This presentation presents me with the cybersecurity flaws and weaknesses that should be mitigated.
  • Jocelyn Gladston on 25 Mar 13
     
    Biometrics is always something I have found to be fascinating. Because like this article stated no one knows who you are on the other end of that computer so being able to authenticate that in some sort of method is a great thing
Amy Harding

Video - Digital Nation Life on the Virtual Frontier - 25 views

www.pbs.org/...view

shared by Amy Harding on 06 Mar 13 - No Cached
  • Amy Harding on 06 Mar 13
     
    This video is 90 minutes long. However, if you open the link, the video is separated by nine chapters. You can put your cursor on the bottom of the video and see each of the chapters and the topic. Find at least one chapter of interest to you and watch it. Each chapter tells you how long it is after you start it.
  • Phil Kemp on 23 Mar 13
     
    What I found most interesting in this video was the research being conducted regarding students who multitask, and their perceived ability of doing it well. In fact, as the experiments and testing show, the researchers are proving just the opposite. The younger generation that believe they are multitasking well are only able to work in small chunks, and their work tends to show this. Students are unable to carry out long tasks, they get bored, and they put together papers in sections which directly correlates to their on and off study habits. I also found myself relating to the discussion of needing to satisfy a thought at the moment it pops, and change from doing one thing say, watching the video, into another, listening to the video, and looking at the photographs I took today. In either case, not accomplishing either with the same effectiveness that I would have had I completed them one at a time. The internet, and multiple monitors, helps feed this addiction.
samuelrios

Court Says C.I.A. Must Yield Some Data on Drones - NYTimes.com - 3 views

www.nytimes.com/...yield-some-data-on-drones.html

ASSIGNMENT #1 Step 1 Support on drones being an emerging technologies

shared by samuelrios on 16 Mar 13 - No Cached
  • samuelrios on 16 Mar 13
     
    Article supports drones as being an emerging technology. ASSignment1, Part1 Support
  • Brandon Kennedy on 21 Mar 13
     
    Interesting article, It seems to me that this is just another one of those cases about flexing the "muscle" of the Freedom of Information Act. In my opinion it is pretty common knowledge that targeted drone strikes are being used to eliminate enemies; so why is it so important here that the C.I.A. has to acknowledge these attacks? What would that accomplish? The media outlets already report on successful drone strikes and now there are even military medals to recognize drone pilots. http://www.fsunews.com/article/20130318/FSVIEW0303/130317001/New-military-medal-stirs-controversy-?odyssey=mod|newswell|text|frontpage|s
  • Phil Kemp on 21 Mar 13
     
    I just wonder how long it's going to take before something comes out of these attacks. Using these drones to fly into other countries like Pakistan, and "take out" suspected enemies is pretty borderline in my opinion. If this were to happen in America, we would certainly not stand for it, and would declare war on the country that carried out the action. Pushing the button from California on a drone missle is alot like conducting cyber warfare from one country to another. The damage that can be done is becoming greater and greater every day as technology is starting to tie together national infrastructures. In my opinion, drones are the some of the first of the cyber warfare machines.
Amy Harding

Video: Flame: Trying to Unravel the Mystery of Spying Malware | Watch PBS NewsHour Onli... - 4 views

video.pbs.org/2240859043

shared by Amy Harding on 06 Mar 13 - No Cached
  • Amy Harding on 06 Mar 13
     
    "Flame: Trying to Unravel the Mystery of Spying Malware"
  • ...1 more comment...
  • Trevor Pyle on 24 Mar 13
     
    Two things I found very interesting about Flame is the size of the malware as well as the ability to utilize Bluetooth to collect data. Considering Bluetooth usage has increased in some countries and is automatically turned on by default on cell phones, this could enable a lot of information to be collected.
  • Phil Kemp on 29 Apr 13
     
    We will see more of this type of modification of Stuxnet and Flame. The bad thing about finding stuff like this, is others who could not have made malware as technically advanced as this, will be able to modify it much easier than if they would have had to design it from scratch.
  • Leo T Garcia on 29 Apr 13
     
    focused on the comment made by the analyst on the differentiation of cyber "war" vs. cyber "espionage" as it appears that Flame is more on cuber espionage since it is desgined to collect infor from specific targets.
Shondre Fort

Researchers Share Useful Lessons Learned in Evaluating Emerging Technologies - 0 views

www.nist.gov/...score-062111.cfm

shared by Shondre Fort on 16 Mar 13 - No Cached
  • Schlenoff and his colleagues used their SCORE approach to evaluate technologies as they progressed under two DARPA programs: ASSIST and TRANSTAC. In ASSIST, DARPA is funding efforts to instrument soldiers with wearable sensors—video cameras, microphones, global positioning devices and more—to continuously record activities while they are on a mission. TRANSTAC is driving the development of two-way speech-translation systems that enable speakers of different languages to communicate with each other in real-world situations, without an interpreter. By providing constructive feedback on system capabilities, the SCORE evaluative framework helps to drive innovation and performance improvements.
  • samuelrios on 16 Mar 13
     
    SCORE (System, Component and Operationally Relevant Evaluations) is a unified set of criteria and software tools for defining a performance evaluation approach for complex intelligent systems. It provides a comprehensive evaluation blueprint that assesses the technical performance of a system and its components through isolating and changing variables as well as capturing end-user utility of the system in realistic use-case environments. The SCORE framework has proven to be widely-applicable in nature and equally relevant to technologies ranging from manufacturing to military systems. It has been applied to the evaluation of technologies in DARPA programs that range from soldier-worn sensor on patrol to speech-to-speech translation systems. It is also currently being applied to the assessing the control of autonomous vehicles on a shop floor.
  • Shondre Fort on 30 Jun 13
     
    From NIST Tech Beat: June 21, 2011 Most industry executives, military planners, research managers or venture capitalists charged with assessing the potential of an R&D project probably are familiar with the wry twist on Arthur C. Clarke's third law*: "Any sufficiently advanced technology is indistinguishable from a rigged demo."
samuelrios

Homeland Security Drones Designed to Identify Civilians Carrying Guns - 4 views

www.breitbart.com/...entify-Civilians-Carrying-Guns

shared by samuelrios on 23 Mar 13 - No Cached
  • samuelrios on 23 Mar 13
     
    Recently uncovered government documents reveal that the U.S. Department of Homeland Security's (DHS) unmanned Predator B drone fleet has been custom designed to identify civilians carrying guns and track cell phone signals. "I am very concerned that this technology will be used against law-abiding American firearms owners," said founder and executive vice president of the Second Amendment Foundation, Alan Gottlieb.
  • ...2 more comments...
  • James Thomas on 24 Mar 13
     
    Good read. After reading this and another related article (http://news.cnet.com/8301-13578_3-57572207-38/dhs-built-domestic-surveillance-tech-into-predator-drones/) There's a fine line which must be established before the full use of this technology, however it does raise concerns for the future in terms of privacy. It's primary purpose for homeland security is the survey the borders of the united states. There are certainlly risks involved in its use. Ensuring that this technology is effectively secured from attacks to its onboard weapons and communications systems is equally important to the issues raised in the articles.
  • Jawaun Luckey on 24 Mar 13
     
    Good post I've heard chatter about drones being flown over the USA before. I could see the benefits of using drones for recon and counter terrorism, but this opens the door for much larger issues. Where will line be drawn in the sand as far as citizen privacy and avoiding the "big brother" hysteria?
  • glenn_g on 24 Mar 13
     
    The power these drones represent is incredible. I can easily see how the can (and will be) abused. As Jammes pointed out, the Primary purpose of DHS is securing our nations borders, yet I have read of DHS rading peoples homes because of an "improperly" imported car! Not to sound like I am about to put a tinfoil hat on, but I do see the distinct possibility of the banning of firearms in this country as happened in England in 1997. These tools will be in place well before that day.
  • Ben Garey on 24 Mar 13
     
    The use of Drones in the field as a tool to fight the fight on the borders is one thing, using them as a tool to fight terrorism is still another, but using them as tool to spy on the people of the United States is another. I think this is one that the United States Supreme Court will be deciding soon.
paksingtham

Growing Data Security Concerns to Drive Global Market for Keystroke and Typing Dynamics... - 4 views

www.prweb.com/...prweb10540997.htm

shared by paksingtham on 18 Mar 13 - No Cached
  • Michael Austin on 24 Mar 13
     
    I can't see this being used much for single factor authentication, but I could certainly see it being used on top of a username/password setup to bolster the security of that password. Another useful application for this would be to augment an anomaly based IDS running on the user's system. If keystroke patterns/dynamics exceed standard deviation, an alert could be sent to the help desk or security, who could then verify the identity of the user.
  • Trevor Pyle on 24 Mar 13
     
    I could see some companies implementing keystroke and typing dynamics depending on their sector and security posture. However, depending on the sensitivity of the software, they could receive a lot of false positives. I've personally noticed my typing speed fluctuates drastically depending on the time of day. Nevertheless, I could see more companies deploying the software depending of their budget.
  • Seth Molin on 24 Mar 13
     
    It seems that there are way to many variables for this technology to really take off. I agree with trevor that there is potential for a high volume of false positives. I also see potential for a high volume of false negatives. This technology seems as though it could end up being extremely frustrating for the end user.
Phil Kemp

Our Internet Surveillance State - 1 views

www.schneier.com/...our_internet_su.html

Bruce Schneier cyber surveillance security lulzsec

shared by Phil Kemp on 25 Mar 13 - No Cached
  • Phil Kemp on 25 Mar 13
     
    The article was written by Bruce and published on CNN this month. It discusses the fact that almost everything we do can be and is monitored by someone, and eventually is subject to Government purvue. He shows how several key people who have been found their way into law enforcement pathways have taken many precautions, but all eventually were caught by other means which were correlated together to form the big picture.
  • Lee Seranni on 31 Mar 13
     
    Phil, I have to say after reading this I am glad I still have a flip phone with no smart technology on it. I have read were your smart phones embed the lat/long into pictures if that function is turned on and that data can be retrieved from facebook if you have the right software. It just goes to show that what we see on TV has an impact on what we have in real life. Lee
Lee Bry

Enterprise Network Guide - 1 views

www.azzurricommunications.com/...networking-trends-2014.aspx

shared by Lee Bry on 24 Jun 13 - No Cached
  • Lee Bry on 24 Jun 13
     
    White paper describing impacts and benefits to new technologies and the requirments and pressures for organizations to implement them (Cyber nightmare?)
  • ...1 more comment...
  • Bob Lloyd on 24 Jun 13
     
    Interesting read. I came across BYOD on other school projects. I think the idea is insane. I could not believe how many organizations were encouraging the bring your own device concept to cut costs. The healthcare industry was one of the biggest advocates from the research I came across.
  • Michael Madrzykowski on 24 Jun 13
     
    Hmmm I agree with you both, this seems like a horrible idea. I cannot imagine the amount of people who do not properly update, patch and run security scans on their personal devices, I for one would not want to be connected to that in anyway, especially on a business function. I also have to think heavily about the government and contractors dealing with highly sensitive material and I cannot see these trends happening with them. Not just BYOD but also getting rid of the wired LAN's. Good/interesting post.
  • Amy Harding on 26 Jun 13
     
    Testing
Amy Harding

National Webcast: Cyber Security Emerging Trends and Threats for 2013 - 40 views

msisac.cisecurity.org/...2013-02

shared by Amy Harding on 06 Mar 13 - No Cached
  • Amy Harding on 06 Mar 13
     
    This webcast is part of your Week 4 required reading/watching. Click on Archived Recording Now Available link and the video will open. On the right side of the screen you will see segments and you can click through the video and/or have to break the video down into smaller chunks.
Michael Madrzykowski

2013 Emerging Cyber Threats Report - 2 views

www.gtcybersecuritysummit.com/...2013ThreatsReport.pdf

shared by Michael Madrzykowski on 24 Jun 13 - No Cached
  • Michael Madrzykowski on 24 Jun 13
     
    Georgia Tech's security summit report
  • ...1 more comment...
  • cpanagopulos on 29 Jun 13
     
    Nice find and I'm glad you posted this. On the topic of mobile malware, the report states that more smartphones were purchased in 2012 than PC's, and the Internet was accessed more on smartphones than any other device. The article mentions this, and I agree that the mobile malware threat will increase as the android and iOS ecosystems stretch wider and wider. It was also interesting to read about cloud storage, and how authorization will be one of it's major vulnerabilities as it becomes more widely used for business.
  • Gilbert Rivera on 30 Jun 13
     
    Great article. Thing like this are very interesting to me. The section on Cloud Computing was by far my favorite. This type of technology is emerging and at the same time it has turned into a challenge for attackers to try to break. Security is going to be very vital for this service to work and more likely will be the subject of any topic related to cloud technology. Cloud service providers need to make a stronger statement and provide some type of assurance to the customer. Thanks!
  • Cheryl Hoffman on 30 Jun 13
     
    I had actually read this article before, but it was good to read it again. While they are many elements that are concerning I find the "filter bubbles" troubling. A user has the right to know that their search results have been filtered. You think you're conducting an open search, only to read this and find out your results may be limited.
Jessica Riedel

How to run your own NSA spy program - 2 views

www.itworld.com/...w-run-your-own-nsa-spy-program

shared by Jessica Riedel on 26 Jun 13 - No Cached
  • Jessica Riedel on 26 Jun 13
     
    With everything going on in the news about this I found this to be a humorous approach to the whole thing. This article basically describes the NSA program on a fundamental level and how an everyday Joe (if they had enough data storage that is) could create their own spy program using these tactics.
  • Lee Bry on 26 Jun 13
     
    A spy kit to go. Virtually everything you need to set up shop to gather information and spy on something ( corporate or private). All the hacking tools are nearly " off the shelf" and are most likely used for spying. Great post and article.
  • Bob Lloyd on 26 Jun 13
     
    This article gave me a headache thinking about all the data collection. I am not surprised by this at all Google and Facebook are the biggest privacy violators out there. At what point do people drop off the grid to hide from this potential? The reality is that most people have no idea that this potential is out there except for the ones that want to exploit it.
Gilbert Rivera

Secure, Dependable and High Performance Cloud Storage. - 0 views

www.utdallas.edu/...UTDCS-51-09.pdf

Annotated Bibliography

shared by Gilbert Rivera on 07 Jul 13 - No Cached
  • Gilbert Rivera on 07 Jul 13
     
    Cloud Data Storage: Annotated Bibliography The authors in the document provide technical details on securing data on the cloud. It shows guides system administrators on the use of Access Control Lists (ACLs), program scripting, and how to implement several methodologies and techniques to maintain a high level of security of data in the cloud. This is a very technical report but is helpful to show insight on how system administrators maintain a secure backbone in the cloud.
Gilbert Rivera

Emerging Technologies are Changing the IT Job Market - 0 views

www.wired.com/...ologies-changing-it-job-market

shared by Gilbert Rivera on 30 Jun 13 - No Cached
  • Gilbert Rivera on 30 Jun 13
     
    This article is pretty interesting. It is about how emerging technologies are changing the IT job market. With the emergence of technologies such as: the world of SDN, Converged Infrastructure, BYOD, Virtualization, ITaaS, SDS, and PAaaS, and of course, "The Cloud," changing the industry pace, many employers are seeking highly competitive personnel to fill these positions. It also provides information on these new IT technologies and the importance to U.S. vendors and employers on these functions.
  • greg mack on 30 Jun 13
     
    As a member of the general IT crowd at the moment I know exactly what this article is talking about. Many companies, including my own, are moving toward virtualization and cloud everything. Soon enough, I think just about everything will be "as a service", as it is far more cost effective to operate on the client end, and more cost effective to support on the provider end.
  • Christopher Salinas on 30 Jun 13
     
    I find the BYOD moment interesting; personally I would be weary of people connecting their own devices to my network. I know right now it is about providing life style perks to prospective employees, but at some point a mistake will be made and the internal networks could be compromised.
Cheryl Hoffman

Search Engine Optimization (SEO) Poisoning - 1 views

finance.yahoo.com/...-probably-think-150643365.html

SEO poisoning

shared by Cheryl Hoffman on 29 Jun 13 - No Cached
  • Cheryl Hoffman on 29 Jun 13
     
    SEO Poisoning manipulates search engine results to make sites that are malicious in nature place higher in the results list. According to the article in 2011 40% of all cyberattacks resulted from SEO poisoning.
  • sarahterry on 30 Jun 13
     
    I know that when I'm doing a Google or Bing search, I am looking for a specific item or topic and sometimes don't even think about reviewing the link that I'm clicking on. The high amount of malware that is in search engines is scary. The pointers that were in the article were very true and very easy for the every day user to do when they are doing a search. And anyone that does not have an anti-virus or anti-malware on their system is just asking for their system to be attacked.
  • cpanagopulos on 30 Jun 13
     
    I use AVG security on my laptop and it uses an add-on called link scanner. When I search, the results are rated as safe or not, with a check mark or an "X" accordingly. So you immediately know which sites to avoid. It's worth trying since this could essentially save you the time and headache of undoing malware or spyware you might contract otherwise. It's a nice "peace of mind" tool.
Amy Harding

Security Requirements for Cryptographic Modules - 4 views

csrc.nist.gov/...fips1402.pdf

shared by Amy Harding on 06 Mar 13 - No Cached
  • Amy Harding on 06 Mar 13
     
    This standards publication (FIPS 140-2) is a key standard's document. Skim through it and see if you can find some ideas for emerging threats against the standard(s).
  • ...1 more comment...
  • Dan Schulman on 20 Mar 13
     
    FIPS 140-3 is on its way and is needed as 140-2 is quite old now. Interestingly however, crypto is one of the slower moving changes in information security. Many of our algorithms have been around for many years; we have moved forward by increasing key size rather than changing the algorithms. AES and 3DES are still FIPS approved, whereas RC4 is not (which is used by many internet giants such as google and facebook).
  • Phil Kemp on 02 Apr 13
     
    Any time you are allowed to introduce code into a program, you have a chance for error. By allowing cryptographic software and firmware to be updated, I think you will always have the chance for emerging threats to be introduced in the form of malware. Recently, the U.S. has stopped allowing the use of Chinese built hardware for certain DOD/ Federal agencies. if we allow the enemy to build the devices we use to form our security foundations, we have already lost the war.
  • samuelrios on 03 Apr 13
     
    I believe the frequency of review of this policy is untimely to the speed technology advances in. If they could move the review from 5 years to 2 years will suffice. At times, once the policy is published folks are already working on the revision to keep up with technology growth. "Since a standard of this nature must be flexible enough to adapt to advancements and innovations in science and technology, this standard will be reviewed every five years in order to consider new or revised requirements that may be needed to meet technological and economic changes."
Lee Seranni

Hands On - IEEE Spectrum - 1 views

spectrum.ieee.org/...hands-on

RFID biometrics cyber

shared by Lee Seranni on 28 Mar 13 - No Cached
  • Lee Seranni on 28 Mar 13
     
    I came across this article when researching for another class. I know at least one person has chosen RFID for their paper and thought this may help. An individual had RFID tags placed in his hands and operates many aspects of his life throught this technology.
Jeremy Croghan

Mandiant - 0 views

intelreport.mandiant.com

shared by Jeremy Croghan on 24 Mar 13 - No Cached
  • Jeremy Croghan on 24 Mar 13
     
    Independent security company Mandiant releases a report on one of China's cyber espionage units. The report is a little over 70 pages and describes, in detail, the five W's on an active persistent threat. The appendix also shows the tools available from the Mandiant to conduct the same type of "research". In all it is a great read.
Leo T Garcia

Near Field Communications Primer - 1 views

www.youtube.com/watch

Near Field Communication NFC

shared by Leo T Garcia on 25 Mar 13 - No Cached
  • Leo T Garcia on 25 Mar 13
     
    Here is a primer on Near Field Communications (NFC) which is a set of standards for smartphones that establishes radio communication between similar devices which are in close proximity. It is a subset for RFID (radio-frequency identification) and is being integrated into our daily lives as in most technology. The low-cost NFC tags practical uses are limited only by imagination, the challenge will be is to mitigate the cybersecurity risks it poses.
  • Leo T Garcia on 25 Mar 13
     
    Here is another video presentation on NFC. http://www.youtube.com/watch?v=_RBbuGwC7Eg
  • Lee Seranni on 31 Mar 13
     
    I have to say this was a very interesting video to watch, and I see now how these things work and what we can do with them. I do like the fact that they have a shorter range than Bluetooth as well as less power consumption. I would still be worried about losing information when say on a crowded train or bus. People could brush up against your phone and you may not realize it. thanks for sharing. Lee
Ben Garey

US military gets into the 3D printing business - 0 views

www.newscientist.com/...-the-3d-printing-business.html

Bibliography

shared by Ben Garey on 31 Mar 13 - No Cached
  • Ben Garey on 31 Mar 13
     
    This is great and the Army is on to something.
  • samuelrios on 31 Mar 13
     
    Ben, I was listening to a story on the radio the other day can you imagine someone having the capability to print a gun with all its components. Wow scary…. Article: 3D-Printed Guns and Violent Video Games Tuesday, January 29, 2013 http://www.wnyc.org/shows/newtechcity/2013/jan/29/ Additional Article on 3D printing copyright concerns: As 3-D Printing Becomes More Accessible, Copyright Questions Arise by Steve Henn February 19, 2013 3:01 AM http://www.npr.org/blogs/alltechconsidered/2013/02/19/171912826/as-3-d-printing-become-more-accessible-copyright-questions-arise Sam Rios
1 - 20 of 121 Next › Last »
Showing 20 items per page