Nyheter, Sikkerhet

Innovasjon

Innovasjon Norge tror på oss, gjør du? Vi fikk i dag tilskudd til markedsavklaring (Fase1).

Programmet vårt SEPT lages for å bekjempe sosial manipulasjon over telefoni. Det er enkelt å kapre et telefonnummer, sende meldinger eller ringe fra et allerede eksisterende nummer eller å finne på et nytt. På denne måten kan man få utlevert informasjon man ikke skulle hatt, få sitt nummer misbrukt, eller man kan feks sende en link til skadelig kode. Kun fantasien setter begrensninger.

Problematikken ble demonstrert på NHO Agder arrangement 14 Mars, hvor bedriftsledere fra regionen møtte for å høre innlegg fra NSR, PST, Agder Politiet og oss.

Mitt foredrag var ID-tyveri og jeg demonstrerte hvor enkelt dette kunne være. Sendte SMS fra min telefon til Trond med Anne sitt telefonnummer.

«Jeg sendte aldri sms til kollega Trond, men han mottok sms fra mitt nummer og på hans telefon la sms-en seg i rekken av sms-utvekslinger vi har hatt tidligere. Alt dette uten at det ligger spor i min telefon.» – Anne

SEPT vil autentisere og verifisere at den du kommuniserer med er faktisk den man utgir seg for å være.

Ta kontakt ønsker du å høre mer.

Nyheter

Quantum Computers

As we further our technology, the processing power of computers keeps improving and in the future we will have quantum computers. With the release of quantum computers, processes that used to take years could be done in seconds and with that comes many positives and negatives. Companies will be able to use these quantum computers to optimize their electronic processes but also it will put immense power and speed in the hands of hackers.

With this enormous computing power, hackers will be able to crack algorithms and passwords within a fraction of the time it previously took. Many of the most common encryption methods that many of the daily processes people rely on will be insecure and easily crackable by quantum computers. Passwords, algorithms, codes and so on that were previously deemed safe will in turn become insecure due to the speed that hackers could crack them in.

There are companies that are currently working towards the development of algorithms and encryption methods that are more complex and therefore prevent against the computing power of quantum computers’ cracking algorithms. The US National Institute of Standards and Technology is heading towards the creation of these standards.

The development of quantum computers will make processes exponentially faster and more efficient. With the power of quantum computers, standards must be created with regards to encryption to prevent against the cracking of sensitive data and algorithms.

Nyheter, Sikkerhet

Major Car Alarm Flaws

Recently, a major flaw in car alarms has arose and put many customers at risk. Car alarm brands such as Pandora, Viper and Clifford offer 3rd party services that allow for customers to remotely lock, start, and activate the alarm using an app.

These services are used by millions worldwide and have recently been updated which resulted in the creation of a major security flaw. The security flaw allowed for attackers to hack into and take control of the customer’s app, identify their vehicle, locate their vehicle, unlock the vehicles door locks, start the engine and then take off in the car. Attackers had the ability to hijack the car and in turn possibly score themselves a brand new Lamborghini. Thankfully, since the updates the companies have patched the security flaw.

Considering that the brand Pandora had previously claimed their services to be «unhackable» it is shocking that the recent update almost seemed to be untested with regards to its’ security.Once again, these companies failed to prioritize their products security but rather flaunted the aesthetic and the visible aspects of their products. It seems that even some companies that are founded on security often do not prioritize security but rather cool new features that push customers to purchase their products.

Nyheter

Google’s Hidden Microphone in their Nest Products

Author: Katrina Rosseland

Google has recently raised quite a bit of commotion with respect to their unreported microphones embedded in Nest products. They revealed that they would have new voice activated features which took many people by surprise.

Previously to the reveal of these new features, nobody realized the presence of microphones in their Nest products. Many are requesting an explanation for Google not disclosing this feature in their terms and conditions for the product. Google responded with an apology explaining that the feature was never used previously and it was ‘never supposed to be a secret’. Regardless of whether or not the microphone was used, it is a vital piece of information that was left out or «forgotten».

In this day and age where the media constantly watches over major companies waiting for something to report, it is shocking that nobody noticed this major unnoticed feature. This begs the question, what other features, vulnerabilities, etc are going unreported? Society trusts major companies with their data but how much do they really know about what companies are doing with their data if even major companies such as Google can let something like this go unreported?

Nyheter

Folk

Vi er så heldig å ha svært gode folk på laget vårt, jeg vil gjerne presentere Katrina, Sindre og Idris.

Sindre og Idris tar en bachelor i IT og informasjonssystemer på UiA. De er nå på siste året og har praksisplass hos oss hvor de utvikler vår personvern chatbot Verner.

Sindre
Sindre

Katrina gjennomførte første klasse av Hacker Highschool i Norge, hun var best i klassen og jeg ønsket å gi henne en stilling i DIGFO. Det er svært få jenter i IT og spesielt innen sikkerhet. Hos oss er hun er ansatt som prosjektassistent og vi er utrolig stolte.

Katrina
Katrina

Det er ikke alltid like lett for unge å få ønsket relevant arbeidserfaring, heldigvis har vi fått mulighet til å gjøre noe med dette 🙂