Intel Authenticate
Week 11 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
This week we read about “IEEE 802.11 wireless specifications” & “How 802.11 Wireless Works”… important wireless security issues include “many hotspot or free wireless networks frequently allow anyone within range, including passersby outside, to connect to the Internet.”
*NOTE: Test your wireless security knowledge…
searchsecurity.techtarget.com/quiz/Lesson-1-quiz-Risky-business
- Question to classmates (facilitates discussion) from assigned reading…
Question: How to best secure your wireless network?
*Answer: Here is my answer… ensure your WiFi router & other network devices have been updated lately, use latest WPA2-based wireless security technologies with AES encryption & EAP-PEAP authentication using Radius server, and always use complex & lengthy passwds on all systems & accounts. Additionally see latest “Protecting Your Wireless Network” from USA-FCC on 2/8/2016…
www.fcc.gov/consumers/guides/protecting-your-wireless-network
Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
The new Log In? Intel Focuses on Strengthening Authentication on Windows PCs (reported recently within the Redmondmag.com on 2/26/2016)…
redmondmag.com/articles/2016/03/01/the-new-log-in.aspx
“The new technology, called Intel Authenticate, is available in preview for any PC outfitted with the company’s newest 6th Generation Core processor (code-named ‘Skylake’). Intel Authenticate provides hardware-based authentication, meaning the user’s credentials and an organization’s system access policies are stored within the processor’s firmware. By Intel’s own estimates there are 117,000 cyber attacks on corporate systems every day and 750 million PCs are currently vulnerable to credential theft. Intel Authenticate can prevent credential theft in ways traditional passwords, Windows Hello, and other forms of authentication can not provide. It’s hardened multifactor authentication… what we’re providing is an even better security capability because it’s rooted in hardware and therefore all the software classes of attack like simple phishing techniques or key-loggers, or screen scrapers, those kind of more traditional attacks will not work with Authenticate, because the credentials themselves are all stored in hardware. The challenge is the upgradeability, the manageability, the serviceability, because you end up with a level that is rarely upgraded by end users.”
*NOTE: What about user credentials still present in volatile memory possibly available to attacks (custom Metasploit-Meterpreter attack scripts)?