Week 3 reading and article

From the reading:

I think the big takeaway I got from the reading is that no matter what there is always information that will be publicly available about a company that could be pieced together into a larger picture of vulnerabilities. I liked the example of how you can find out the software that a website runs on through the website banner but a detail as simple as keeping the version off the banner can be the difference maker between harmful and safe public data to be disclosed.

A question for the class or just general question would be:

Is there a way that a company can set up a fake server with public information like the information found in our readings as a way to divert attention away from the actual systems the company uses for day to day operations?

In the news:

http://www.zdnet.com/article/avast-qualcomm-tag-team-to-protect-devices-at-the-kernel-level/

Qualcom and Avast are teaming up to hopefully be ahead of the game with mobile device security. Qualcom is releasing a new Snapdragon Smart Protection system that learns from the behaviors of the machines it is on. From this information and use patterns it is able to detect what is normal vs abnormal activity on a device. The goal is to block malicious applications from being installed onto devices. The article mentions that as of now malicious app activity on mobile devices isn’t nearly as prevalent as with PCs but it draws a comparison to Mac computers and how malicious activity on their systems increased with market share. This is an attempt to avoid a similar issue with mobile devices.