Nyheter

Quantum Computers

As we further our technology, the processing power of computers keeps improving and in the future we will have quantum computers. With the release of quantum computers, processes that used to take years could be done in seconds and with that comes many positives and negatives. Companies will be able to use these quantum computers to optimize their electronic processes but also it will put immense power and speed in the hands of hackers.

With this enormous computing power, hackers will be able to crack algorithms and passwords within a fraction of the time it previously took. Many of the most common encryption methods that many of the daily processes people rely on will be insecure and easily crackable by quantum computers. Passwords, algorithms, codes and so on that were previously deemed safe will in turn become insecure due to the speed that hackers could crack them in.

There are companies that are currently working towards the development of algorithms and encryption methods that are more complex and therefore prevent against the computing power of quantum computers’ cracking algorithms. The US National Institute of Standards and Technology is heading towards the creation of these standards.

The development of quantum computers will make processes exponentially faster and more efficient. With the power of quantum computers, standards must be created with regards to encryption to prevent against the cracking of sensitive data and algorithms.

Nyheter, Sikkerhet

Major Car Alarm Flaws

Recently, a major flaw in car alarms has arose and put many customers at risk. Car alarm brands such as Pandora, Viper and Clifford offer 3rd party services that allow for customers to remotely lock, start, and activate the alarm using an app.

These services are used by millions worldwide and have recently been updated which resulted in the creation of a major security flaw. The security flaw allowed for attackers to hack into and take control of the customer’s app, identify their vehicle, locate their vehicle, unlock the vehicles door locks, start the engine and then take off in the car. Attackers had the ability to hijack the car and in turn possibly score themselves a brand new Lamborghini. Thankfully, since the updates the companies have patched the security flaw.

Considering that the brand Pandora had previously claimed their services to be «unhackable» it is shocking that the recent update almost seemed to be untested with regards to its’ security.Once again, these companies failed to prioritize their products security but rather flaunted the aesthetic and the visible aspects of their products. It seems that even some companies that are founded on security often do not prioritize security but rather cool new features that push customers to purchase their products.

Nyheter

Google’s Hidden Microphone in their Nest Products

Author: Katrina Rosseland

Google has recently raised quite a bit of commotion with respect to their unreported microphones embedded in Nest products. They revealed that they would have new voice activated features which took many people by surprise.

Previously to the reveal of these new features, nobody realized the presence of microphones in their Nest products. Many are requesting an explanation for Google not disclosing this feature in their terms and conditions for the product. Google responded with an apology explaining that the feature was never used previously and it was ‘never supposed to be a secret’. Regardless of whether or not the microphone was used, it is a vital piece of information that was left out or «forgotten».

In this day and age where the media constantly watches over major companies waiting for something to report, it is shocking that nobody noticed this major unnoticed feature. This begs the question, what other features, vulnerabilities, etc are going unreported? Society trusts major companies with their data but how much do they really know about what companies are doing with their data if even major companies such as Google can let something like this go unreported?

Sikkerhet

The harm in seemingly harmless files and applications

Author: Katrina Rosseland

The harm in seemingly harmless files and applications

Many of the day to day applications that people use on their computers can be more harmful then they realize. Microsoft Powerpoint has been noticed to have the ability to infect users with malware if given a malicious powerpoint by an attacker.

PPSX is the non-editable format which is used for this type of attack. The malicious file is emailed to the victim and upon it opening, it runs an executable piece of malware. This malware is used to spy on corporations for political reasons. Powerpoint is a seemingly harmless program that has been weaponized along with so many trusted processes that are relied on daily.

Another example of this is the use PNG files to hack android phones. Attackers can hide code inside a PNG photo that is then executed. Google has released patches for this bug since its discovery but regardless it displays that there are major vulnerabilities that exist even in applications or files published by reliable sources. It is imperative to limit the applications, devices and people who you trust with your digital information seeing as even major corporations have undiagnosed security flaws waiting to be discovered and taken advantage of by hackers.

 

Sikkerhet

Smart bulbs and the dangers of the IoT

Author: Katrina Rosseland

About myself: As a 15 year old girl, I attended the first Hacker Highschool class in Norway and was hired to fulfill the role of a project assistant at DIGFO. Currently 16, I am glad I can contribute to the surprisingly low but slowly rising percentage of women in cyber security today.

Smart bulbs and the dangers of the IoT

The Internet of Things or IoT has seemingly exploded in the past several years with the introduction of Google Home, Amazon’s Alexa, and numerous other staples of today’s modern home. Among the several devices considered part of the IoT are «smart bulbs».

These bulbs connect to WiFi and can be controlled remotely, giving people a fun, new, seemingly harmless gadget to add to their homes. As with almost every device that is given the ability to connect to various points, it can pose some serious security issues.

There was an experiment in which someone broke a cheap «smart light» open to see what information they could get out of it and to everyone’s surprise, with little to no effort, they obtained the SSID and the encryption key of the WiFi network. Within the bulb, the data was stored in plaintext, conveniently readable to anyone. This issue was then fixed and now the data is encrypted, thus resolving the problem, but the security issues with the IoT are far from over.

Having a multitude of devices connected to each other and outside networks is asking for trouble, especially when these devices are so new and misunderstood to the average person. It is important to keep in mind that these devices have a substantial amount of information on us and our networks/devices especially if they are all linked together. Bruce Schneider in the book «Click Here to Kill Everybody» recommends to stop, think, then connect. Because it is not always necessary to connect everything. Do you really need to connect your toaster to the web and possibly make yourself vulnerable to attacks? By succumbing to the modern way of living easier with the use of the IoT, you are in less control of what your devices know and do with your data.