1 / 8

Security Insecurity

Security Insecurity. By Curt Priest. Connectivity and Security are always two opposites. Internet accessible devices hard to secure Computers Ip cameras Complete security systems (dashboards) Open transmission systems Wireless access points Radio / television communications

kristy
Download Presentation

Security Insecurity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Insecurity By Curt Priest

  2. Connectivity and Security are always two opposites • Internet accessible devices hard to secure • Computers • Ip cameras • Complete security systems (dashboards) • Open transmission systems • Wireless access points • Radio / television communications • Network connections • Easier to secure • Closed circuit television • Twisted pair telecom • Secured intranet (no outside connection to internet)

  3. Vulnerability is the intersection of three elements • System susceptibility or flaw • Attacker access to the flaw • Attacker capability to exploit the flaw http://en.wikipedia.org/wiki/Vulnerability_(computing)

  4. Onity Security Systems • Manufacturer of door security lock systems for government buildings and major hotel chains. • About 4 to 5 million Onity locks are installed on hotel room doors around the world. • A service port allows a technician to power a dead lock and use a master code to unlock.

  5. Onity’s flawed Security lock “According to Brocious, who should be scolded for not disclosing the hack to Onity before going public, there is no easy fix: There isn’t a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed.” Cody Brocious demonstrating his unlocking tool on an Onity lock in a New York City hotel. http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/

  6. TrendnetSecurity Cams • Manufacturer of security cameras for home and business use. • Security flaw found in camera firmware • Company issued firmware update • Discontinued products not able to be updated • Many people do not register products (not aware of problem)

  7. Security flaw allows unauthorized access to security system • Access to CGI (common gateway interface) folder at ROOT. • Access to camera video by simply adding cgi request with the IP address. • IP location can be found using whatismyipaddress.com/ip-lookup

  8. Security systems are not always secure. • Questions?

More Related