Noah J Berson

Using a non-prime number for security is like pretending closing a screen door protects a home. Usually having a shared workspace prevents anyone from inserting backdoors easily, but this went unnoticed for years. Maybe other developers accepted the authority of Zhigang Wang. Another possibility is that with poor management no one wants to do the…[Read more]

The motivations behind selling or releasing a hack are very different. We’ve seen users try to auction off tools for bitcoins in order to profit. Releasing a hack seems like a sign of anger and wanting to see how much damage the hack can do. Hopefully the next step is reverse-engineering and finding a way to patch the vulnerabilities. I think…[Read more]

I first learned about the EMP from the movie, Ocean’s Eleven. They used the device to take out all the electronic devies in Las Vegas to break into a casino. While this is fiction as the device they used is probably too small to take out an area that large, I don’t doubt that the EMP can be shrunk to do damage to key technology inside a company.…[Read more]

Physically covering the webcam doesn’t stop the microphone recording, which often will have juicier details. Even if you have a Mac, you need to run antivirus and frequent scans. The article also mentions a 3rd party tool that monitors what programs try to access the webcam or mic. If you suspect you have an issue, don’t start Facetime or any…[Read more]

White House Vows ‘Proportional’ Response for Russian DNC Hack

The precursor to this story is that the Democratic National Committee emails as well as other organizations have been hacked and leaked by unknown sources. The files have been posted by WikiLeaks, DCLeaks.com, and Guccifer 2.0, who also may have been a hacker. The U.S. int…[Read more]

When deciding a location in the country, it is important to consider the environmental factors that could affect the data center. The danger of each hazard fluctuates throughout the country. This includes earthquakes, floods, hurricanes, tornadoes, and even volcanoes. To determine the safest location we can consider if any location is at high…[Read more]

Malware in android may be able to become an admin or root easier than the user it seems. In desktop OS’s knowing who the admin is usually clear and defined. Android has been improving this but I can’t recall an area that is focused on admin tools in the settings. Settings like sideloading apps or app permissions is usually per account. The tablets…[Read more]

Newsweek recently published the breaking story of Donald Trump’s money trail that went around America’s embargo on spending money in Cuba. Soon after the story went national, they were hit by a massive DDoS. Initially it could’ve been unexpected heavy traffic but the pattern became clear as a DDoS. The IT Chief of Newsweek found out that the main…[Read more]

Balancing the financial equation is very important if we want companies to take security seriously. Since the company is only beholden to its stakeholders, regulations are introduced to try to forcibly balance the goals with the good of society. As companies hoard more and more personal data, penalties for losing it should increase. If a company…[Read more]

Mobile devices are extremely vulnerable right now especially combined with the fact that they are in the hands of employees. Over time people have been burned by viruses ruining their computers so many practice security their naturally. Phones do have antivirus apps available but their install numbers are rather low.

I’m also impressed with…[Read more]

Google has the difficult position of balancing user experience with security. If other browsers don’t follow, users may notice they can use a site just fine in their competitor and switch, ignoring the fact that Google is just trying to keep them safe. Google for example could demand two step verification if it knows you own a smartphone but for…[Read more]

It is interesting about reading the history of this style of coding referred to as formal verification. Most code is written to work, and if its tested, to work most of the time. This opens the bugs as its difficult to test all cases like if someone tries to stack or buffer overflow. The strongest way to implement this would probably be to have…[Read more]

This hack isn’t that worrying I believe since other methods of getting into a car are easier. If you are parking in public, if you lock the door as you leave the car then it doesn’t matter if they sniff the signal when you wirelessly unlock the car. Since they can’t start the car there isn’t much they can do besides take items from it.…[Read more]

The HDFC Bank at the time of the article has just begun to set up online banking for their customers. While this bring with it all the issues attached to securing regular online banking, there are some issues that only arise because they are based in India.
One unique security issue to India is that the lack of internet connectivity has led to…[Read more]

This article was pretty helpful to list the process hackers may be following. It shows that even the hackers follow a routine like a real job.
I like that you targeted a company that has connections to larger companies. Companies are outsourcing multiple parts of their infrastructure to contractors that often have more access than they should.…[Read more]

This makes me think that since everything is moving to the Internet of Things, each device we have will have its own cyber security company. There will be CyDishwasher, CyCoffee, and CyThermostat. It is important to stay ahead of those who would try to exploit vulnerabilities in devices and systems. At least reduce the danger to them just making…[Read more]

It is interesting to consider the race in DDOS power vs. DDOS protection. I think DDOS volume being down is at least a good thing since multiple companies are popping up to help defend companies. There is a danger of this becoming a protection racket however.
The bad news is as we require faster connections and shorter latency times, DDOS…[Read more]

There are a few ways to try to stay safe with apps so you can keep catching Pokemon (there are a lot around campus). Do not “sideload” apps onto your device and keep debug mode off. Don’t download apps that are fairly new as Google and Apple do catch them eventually. Deny permissions to apps that request extra access that what you know they should…[Read more]

The 6,000 is the number they were able to record. The biggest android anti-virus apps probably don’t have the huge a base as many people don’t even consider it an issue on phones yet. This is probably what keeps their number low for detection. When malware is successful, imitators always spring up and try to follow them. There are already…[Read more]