Breaking News
Comments
You must login to participate in this chat. Please login.

Moving on to Part IV...

Author

Better late than never

 

Author

Catching up -- again.

Author

Beter late, than never

Author

hello all from Edmonton, Alberta. Late again today, glad to have the archive available.

Author

I will continue to be here for a while if anyone else has questions

Author

@brianBailey,

 I have no idea. That is a big issue many open source software folks need to tackle. I have to go now though, great talk! See you tomorrow.

Author

And yes - semiconductor companies have to worry about this as well. How do they know that IP they purchase doesn't have backdoors in, or that a developer has not placed weakness in a design on purpose. Attacks from within again.

Author

How do we change that thinking? Open source is the only way forward on many of these issues. No company can contain the same level of expertise as working in these communities.

Author

@brianBailey, it is ironic, but it is also extremely common in many businesses. The lack of accountability = lack of security in their eyes.

Author

It is ironic that open source is not trusted when it has so many eyes looking at it, and yet they will trust internally developed software that could have people putting back doors in which would remain hidden.

 

Author

Oh yeah, in your security seminar, please include some time looking at http://www.shodanhq.com

 

Author

And I bet that is a trust issues. Lawyers never trust anyone even though they are often the least trustworthy.

Author

i am involved with data protection layer

Author

@J321784, I can't make that happen but I can pass along the idea to those who can.

Author

@brianBailey, governement requires software of certain specifications, and often requests specific vendors. Many companies have policies in place blocking open source out of fear of back doors. There's a perceived lack of accountability or security on the creation side.

Author

Thanks guys!  I have to head out.

As for not allowing Open Source, it's often more a legal issue than a technical one.  Laywers!  :-)

Author

Thanks all and good day.

Author

CalebKraft: Could we get a security-specific course with Brian created?

Author

Interesting question Caleb: why would a company not allow open source software?

Author

Certianly interested in a security seminar if you host it.  As for open source in our company, it's a long road to get it in use if at all.  Our biggest issue is the rate of mobile adoption and the willingness of people to wait until there's an issue instead of preventing issues.

Author

Thanks Brian great presentation.

Author

If there are enough of you that would like such a copurse, then we may be able to suggest creation of one.

Author

Security is a topic on it's own - I would be interested in that

Author

BrainBailey -> Absolutely!

Author

All security standards have to be constantly reviewed. The hacker commnity is working hard to exploit any and all weaknesses.

Author

Fantastic point: security should not be bolted-on.  Too many times in various types of systems, security is an afterthought.  We no loner have the luxury of designing systems that way.

Author

to the listeners:  Have any of you harnessed open source for any security?  Does your company even allow it?

Author

Security is a subject that we could have concentrated on for hours. Perhaps it should have its own course? How many of you would be interested in that?

Author

2 security issues of late:  Java bug w/ encryption algorithm and resenct SSL bug exposed (i.e. even long-standing security standards are becoming vulnerable w/ time)

Author

Very informative - thanks for providing some real-world scenarios of security issues

Author

@Brian, can you tell me security concerning to big data? What's big concerns and how to protect?

Author

Thanks Brian, great presentation

Author

I am sure ou have 10,000 more questions and I will answer as many as I can.

Author

We need most security all days !!

Thank for presentation.

 

Author

I was here typing and forgot I muted my microphone!

Author

Thanks Brian.  Good info.

Author

Thanks Brian for nice presentation

Author

OAuth is a data mining issue for social engineering.  We struggle with it and even getting customers to see that true security does involve some level of inconvience.  It's the same issue as getting people to use strong passwords.

Author

Have any of you harnessed open source for security?

Author

when the principle developer judges that the standard is no good..you should too!

Author

@krhohio, are you having to protect against physical access?

Author

I'm involved with the hardware layer...

Author

The most common fix is litterally a plastic plug in the update port!

Author

Have you seen them? I have. You can often tell by the open port on the bottom

Author

I'd like to know more about how intel is implementing this. I'm curious if any of the other big companies are doing similar as well.

Author

What are your thoughts on sites like http://www.shodanhq.com

The story behind it is very interesting.  If you devices are not protected, they may show up here!

Author

obscurity and geographic localization

@john Matwyshyn, security through obscurity only works for so long!

Author

Financial systems - all layers (data encryption and leakage), mobile apps, servers, PCI compliance, device level (secure trusted options for data storage, etc.)

Author

I have not addressed any security  issues in designs to date. There haven't been any network connections beyond an immediate wifi without a UI that would give a clue what was on the wifi.

Hardware, Data and Application layers.  Not too concerned with legacy systems.

Author

I am at Platform an Software layer.

Author

platform protection is a must.

Author

For our listeners: Which layers are you most involved with? Hardware? Data? applications? Legacy security?

Author

As a side note on slide #7, in the payments space, the device is being tied to the person as part of the two factor authentication/authorization methods.  It's full of issues and headaches!

Author

yes, false positives are a big pain

Author

For those just joining us, if you don't hear any audio, try refreshing your browser. We've found Firefox and Chrome have the best results.

Author

Any considerations for entry points beyond desktop computers/servers? What about sensors?

Author

unathorised access is the main thing we worry about

Author

Unauthorized access.

Author

Security and privacy issues:  unauthorized access, undesireable network traffic (malware, and other)

 

Author

What are the biggest security issues you are facing now?

Author

Audio is up!!  Here we go Day 3!

Author

Well it's actually 'Goodafternoon' from Nigeria

I am ready and hope I get a good transmission today

Theo from Toronto

Author

"Good Morning" from Albuquerque...

Author

Good morning from CA

Author

Hello, from Doral Fl

 

Author

Lets hope it works better for everyone today.

Author

keep in mind that if the streaming audio absolutely doesn't work for you, you can listen to the archive in about a minute after we end the stream. We've been told it works fine, even if you were having streaming issues.

Author

hello everyone , vishal from india...:)

 

Author

Good morning from Calgary, AB

 

Author

No but it seems like every large institution cerrtainly has!

Author

Hello from Binghamton, NY

Author

Good morning - today from Albuquerque.

Author

Theo Kowdrysh Hi TAKE THREE

Author

Anyone have any security issues?

Author

Good morning Brian!

 

Author

Good morning everyone.

 

Author

Also, be sure to click 'Today's Slide Deck' under Special Educational Materials above right to download the PowerPoint for today's session.

Author

The streaming audio player will appear on this web page when the show starts at 12:00 pm  Eastern today. Note however that some companies block live audio streams. If when the show starts you don't hear any audio, try refreshing your browser. We've found Firefox and Chrome have the best results. 

Author

Good Morning from Sunny Boston!

Author

Good morning from Rockwell Automation's Advanced Technology Lab in Mayfield Hts. Ohio.

Author

Good morning from Panama City FL.

Author

Good Morning from Tennessee

Author

Good morning from GA

Author

I'm very concerned for embedded systems security, particularl for critical infrastructure.

Author


Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Radio
LATEST ARCHIVED BROADCAST

What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.

Brought to you by:

Like Us on Facebook
Special Video Section
Once the base layer of a design has been taped out, making ...
In this short video we show an LED light demo to ...
The LTC2380-24 is a versatile 24-bit SAR ADC that combines ...
In this short video we show an LED light demo to ...
02:46
Wireless Power enables applications where it is difficult ...
07:41
LEDs are being used in current luxury model automotive ...
With design sizes expected to increase by 5X through 2020, ...
01:48
Linear Technology’s LT8330 and LT8331, two Low Quiescent ...
The quality and reliability of Mill-Max's two-piece ...
LED lighting is an important feature in today’s and future ...
05:27
The LT8602 has two high voltage buck regulators with an ...
05:18
Silego Technology’s highly versatile Mixed-signal GreenPAK ...
The quality and reliability of Mill-Max's two-piece ...
01:34
Why the multicopter? It has every thing in it. 58 of ...
Security is important in all parts of the IoT chain, ...
Infineon explains their philosophy and why the multicopter ...
The LTC4282 Hot SwapTM controller allows a board to be ...
This video highlights the Zynq® UltraScale+™ MPSoC, and sho...
Homeowners may soon be able to store the energy generated ...
The LTC®6363 is a low power, low noise, fully differential ...