Symmetrical encryption is far quicker and less resource-intense than public/private key encryption, but has the downside that the symmetrical key needs to be distributed among parties. For this reason, we use public/private key encryption to secure the transfer of the symmetrical key, and then use symmetrical encryption to secure the actual data that needs to be transferred. But what if our symmetrical key was somehow available to the other party without us transmitting it to them? That could make the encryption process faster, less resource-intense and safer.
Continue reading
Untangling quantum entanglement
AI – the upcoming transformation of digital security
Earlier this year I wrote some thoughts on Artificial Intelligence (AI). The concept of AI first originated in the mid-1950s as attempts to develop machines more like humans. Machine learning is a subset of AI and emerged in the mid-1980s. Deep learning techniques have only been refined over the past three or four years, and are a subset of machine learning.
Continue reading
Killer Robots
Earlier this month, a Dallas police SWAT team used a Remotec Andros robot to deliver half a kilogram of C-4 explosive to eliminate a crazed sniper. The problem was resolved without exposing even more police lives to danger. The age of the Terminator is here. The Andros robot is also designed to be fitted with accessories such as a 12-guage semi-automatic shotgun. This incident raises questions about the use of killer robots.
Continue reading
Brexit and InfoSec
Last week’s EU referendum was the most important political decision of the UK in many decades. In the aftermath of a surprise result, the past few days have been tumultuous with the resignation of Britain’s Prime Minister, a plummeting of the currency and stock exchange values, turbulent situations for both main political parties, and renewed pressure on the breakup of the UK itself. The full consequences of the EU decision is largely unknown at this point. As these dramatic events unfold, Britain and Europe are clearly in a state of flux and much about the future remains uncertain.
Continue reading
Ransomware gets businesses over a barrel
While ransomware has been around since 2005, recent variants released over the past three years represent a resurgence resulting in the fairly widespread extortion we see today. Due to its ease and speed of converting successful infiltrations into cash, ransomware is the current weapon-of-choice for online criminal gangs. Criminal syndicates are extorting millions of dollars. CryptoLocker generated $30m in 100 days. CryptoWall made $18m from only 1000 victims. Angler ransomware earns $5m per month for its operators. That’s a lot of loot, and it is spurring online gangs on. This past week, the US House of Representatives started blocking YahooMail due to the large number of ransomware attacks coming through the network.
Continue reading
Securing the Industrial Internet of Things (IIoT)
The rush to connectivity in manufacturing, critical infrastructure, energy, transport, utilities, and aerospace, has exposed significant security vulnerabilities. Implications of security failures in the IIoT are potentially far more serious than in the home and consumer IoT. While pursuing benefits of remote control and management of devices, IIoT manufacturers have lacked the security awareness, skills and experience needed to ensure secure environments. Security has not been the top priority in the scramble to bring connected devices to market.
Continue reading
Biometric data security
With iPhone and laptop fingerprint access, facial scanning and fingerprint border controls, DNA crime scene analysis, biometrics are all-pervasive. In the recent popular BBC series, The Night Manager, Tom Hiddleston uses facial recognition on his phone to access a bank account. As the trend is increasing utilisation of biometrics for identification and authentication, we need to examine security implications.
Continue reading
