HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Only 500 People in the World Understand Security

NO RATINGS
View Comments: Newest First|Oldest First|Threaded View
Page 1/2  >  >>
AnandY
User Rank
Gold
RE: IDENTIFY WITH YOUR INDISTRIAL SECURITY SYSTEM BETTER
AnandY   8/11/2013 3:54:21 AM
NO RATINGS
It is true that many security breaches have taken place owing to the lapses inherent in outdated software. I am of the idea that users incessantly keep their applications up to date and to also ensure that they run only the latest versions of whatever software they are using. Just as a precaution, it would be safer if the users stuck to high end software only as opposed to trying anything that comes to their way

AnandY
User Rank
Gold
RE: 500 and growing
AnandY   8/8/2013 3:24:05 AM
NO RATINGS
I agree with Rob that Marc may be right in that there are only five hundred people who have an in depth knowledge on matters concerning security. There is no doubt that this number was considerably lower some few years ago. This therefore implies that in the coming years the number will grow ensuring a more elaborate security system.

bobjengr
User Rank
Platinum
SECURITY
bobjengr   8/6/2013 5:55:48 PM
NO RATINGS
 

Excellent post Rich.   We have become so dependent upon the internet and search engines available it would be very difficult to work within a structure where there were no internet connections.   I do feel this would provide additional security and if you could eliminate "memory sticks" you could go a long way towards ultimate security.  This past week, my two grandsons downloaded a version of "Mine Craft" (or something).  You guessed it--the game had embedded within code the "blaster virus".  For the life of me, I could not eliminate the "bug".  $156.00 later and a trip to the "computer store", I come back relieved no apps or personal documents were affected in a detrimental manner.  Problem--this is the computer I use for my company.   Even though protected by passwords, they somehow got around the security.  (Ultimate hackers.)  Stuff happens even in the best of environments.

kenish
User Rank
Platinum
Re: IT Security
kenish   8/5/2013 1:42:59 PM
NO RATINGS
Reminds me of a cyber security expert talking about ways the Stuxnet virus may have been implanted into a network that was physically not connected to any other network.   One speculation is "seed" the parking lot or a sidewalk at the facility with a USB flash drive.  An employee might take it into their office and plug it in to figure out which colleague "dropped" it......

Ann R. Thryft
User Rank
Blogger
Re: On Software and Hardware Security: Newer is not always better
Ann R. Thryft   8/5/2013 1:11:52 PM
NO RATINGS
In 2005 I was working with a major mainframe software supplier on a security writing project when all kinds of security breaches were hitting the news, many regarding missing laptops or online breaches. The supplier had a top team of security experts I got to interview for the project. The federal agency intelligence guy said that the onset of online access to everything was the first major security hole, followed by employees bringing in their own consumer mobile devices like phones and laptops. I thought it was interesting that he placed online access first.

Critic
User Rank
Platinum
IT Security
Critic   8/5/2013 9:07:54 AM
NO RATINGS
Updating software is one way to introduce viruses or new vulnerabilities.  Updating more frequently can adversely impact security.

One way to improve security is to disconnect from the network and physically secure the equipment.  Obviously you have to restrict access to trusted employees, and don't give the IT guys access to everything.  If the number of trusted employees is small, then it's easier to figure out who sabotaged the machine.

The philosophy that all machines on the network are the same is a dangerous one.

Zippy
User Rank
Platinum
Re: On Software and Hardware Security: Newer is not always better
Zippy   8/5/2013 8:57:29 AM
NO RATINGS
There is no such thing as complete security; you just have to decide how much is enough, what you are willing to pay for it, and what you will give up in eficiency and convenience to get it.  Adobe Acrobat is a notorious security problem because everyone uses it (it's free), and therefore it is an attractive target for internet hackers.  You can avoid this by taking your control systems off the internet, like the military does, but then you have to live with the inconvenience of loss of ERP, remote access, etc.  You are still susceptable to authorized but disgruntled individuals with thumb drives, but as I said, there is no such thing as complete security.

Battar
User Rank
Platinum
Re: On Software and Hardware Security: Newer is not always better
Battar   8/5/2013 8:48:48 AM
NO RATINGS
Oldtimer,

             On the DEC VAXstation 3x00 series that prom you mentioned was mounted on a socket, and it wasn't read-protected...but we had better not take this discussion any further...

oldtimer8080
User Rank
Gold
On Software and Hardware Security: Newer is not always better
oldtimer8080   8/3/2013 6:05:17 PM
Back in the earlier days of microprocessor hardware, you used to have to " blow " ( program ) a UV prom or eeprom and on the eeprom you had to blow those fuses to prevent reprogramming the BIOS control of a device.  The improvement was to add a physical jumper if you needed to program a device.

Now you can alter basic programming on-line. THAT is the biggest security hole ever created!

My security cred comes from both the microprossor and supercomputers; I have worked with both. I also did security on our link to DARPAnet; Cray bought my copy of " The Cuckoo's Egg ".

Something else to consider: you never hear about the truly successful security breaches.

 

I'm either one of the 500 or one of the people who never make headlines; make your choice...

 

 

Charles Murray
User Rank
Blogger
Re: Understanding Security
Charles Murray   8/2/2013 6:59:35 PM
NO RATINGS
This makes sense. It's probably why experts often say that just about any security system can be breached.  

Page 1/2  >  >>
Partner Zone
More Blogs
Advertised as the "Most Powerful Tablet Under $100," the Kindle Fire HD 6 was too tempting for the team at iFixit to pass up. Join us to find out if inexpensive means cheap, irreparable, or just down right economical. It's teardown time!
The increased adoption of wireless technology for mission-critical applications has revved up the global market for dynamic electronic general purpose (GP) test equipment. As the link between cloud networks and devices -- smartphones, tablets, and notebooks -- results in more complex devices under test, the demand for radio frequency test equipment is starting to intensify.
Much of the research on lithium-ion batteries is focused on how to make the batteries charge more quickly and last longer than they currently do, work that would significantly improve the experience of mobile device users, as well EV and hybrid car drivers. Researchers in Singapore have come up with what seems like the best solution so far -- a battery that can recharge itself in mere minutes and has a potential lifespan of 20 years.
Some humanoid walking robots are also good at running, balancing, and coordinated movements in group settings. Several of our sports robots have won regional or worldwide acclaim in the RoboCup soccer World Cup, or FIRST Robotics competitions. Others include the world's first hockey-playing robot and a trash-talking Scrabble player.
Automation technology advances matched with expanded fracking and the growing urbanization of Asia, South America, and the Middle East, are fueling a boom in the automation industry.
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service