Topics

1

Image Processing Computer Networks / WAN Technologies: Important Points of Interest

« on: November 15, 2018, 12:59:33 AM »

The term dial-up originated with individuals and organizations that utilize the telephone voice network for data transmission. This connection method has been used for over 30 years. In the early growth of the Internet, the only common access method for the public was through an Internet service provider (ISP). Using a modem connected to any typical analog phone line, users "dialed up" the ISP via the telephone network and were connected through the ISP to the Internet.

In the really early years, the access rate provided by dial-up was limited to .1 to .3 kbps (300 baud), but it quickly evolved to reach speeds of 9,600–14,400 bps by the time Internet access started being available to the public (early 1990s). Modern modems support line rates up to approximately 56 kbps, with additional speeds available using different forms of compression.

Dial-up isn't just for Internet access; many organizations still use dial-up as a form of backup connection into remote sites. If a primary connection to a site fails, the dial-up line can be used to connect to the remote equipment for access and troubleshooting.

Source: https://www.informit.com/articles/article.aspx?p=2459346

2

Image Processing Computer Networks / Designing and Deploying Cisco Unified IM and Presence

« on: November 15, 2018, 12:57:58 AM »

CUCM offers very limited native presence functionality on IP phones. Although a Cisco Unified Communications IM&P server is not required in this simple example, only these native presence features of the CUCM are available:

CUCM speed-dial presence: CUCM administratively supports the ability for a speed dial to have presence capabilities via a BLF speed dial. BLF speed dials work as both a speed dial and a presence indicator.
CUCM call history presence: CUCM administratively supports presence capabilities for call lists and directories on the phone.
CUCM presence policy: CUCM provides the capability to set policy for users who request presence status.

Source: https://www.informit.com/articles/article.aspx?p=2471644

3

Internet of Things / Spray-on antennas will revolutionize the Internet of Things

« on: November 15, 2018, 12:50:36 AM »

In what could be a giant leap for Internet of Things (IoT) form factors, scientists say they have invented a spray-on antenna. And the bug-spray-like application will outperform traditional metal antennas, they claim.

If it indeed does outperform traditional antennas, the clear, ink-like radiators will transform physical mediums used in constructing networks. Flexible substrates, windows, or data center walls even could be made into antennas, which would then drastically alter the data-collecting landscape.

Source: https://www.networkworld.com/article/3309449/internet-of-things/spray-on-antennas-will-revolutionize-the-internet-of-things.html?utm_campaign=IoT%2BWeekly%2BNews&utm_medium=web&utm_source=IoT_Weekly_News_126

4

Internet of Things / Crytocurrency Mining Soars 459% from 2017 to 2018

« on: November 15, 2018, 12:48:49 AM »

he Cyber Threat Alliance (CTA) recently released a new report, The Illicit Crytopcurrency Mining Threat, in which the group found that crypto-mining has increased 459% from 2017 through 2018. The most recent quarters show that the trend continues to grow rapidly with no indication of slowing down.

“As the values of various cryptocurrencies increase and their use becomes more prevalent, malicious cyber actors are using computers, web browsers, internet-of-things (IoT) devices, mobile devices, and network infrastructure to steal their processing power to mine cryptocurrencies,” the report stated.

While mining for cryptocurrency is a drain on resources that will result in higher electric bills, it also increases the workload that could result in either decreased productivity of business operations that use computing power or even physical damage to the IT infrastructure.

According to the CTA, though, of greater concern is if illicit cryptocurrency mining is happening within an organization, it is a strong indication that there are flaws in the overall cybersecurity posture.

Source: https://www.infosecurity-magazine.com/news/crytocurrency-mining-soars-459/

5

Internet of Things / UK Launches “World First” IoT Code of Practice

« on: November 15, 2018, 12:47:23 AM »

The UK government claims to be leading the way with a newly released Code of Practice (CoP) designed to drive security-by-design in the manufacture of IoT products.

Developed in partnership with the National Cyber Security Centre (NCSC), the ICO and others, the "world first" CoP aims to improve baseline security in the sector and ensure smart devices that process personal data are aligned with the GDPR.

It’s focused initially on the consumer space.

HP and Centrica Hive are the first two IoT-makers to sign up, and the government hopes its mapping document will make it easier for others to follow.

Regulation is also being developed to improve the security of consumer-grade IoT products, according to the government.

The move can be seen as a response to the risks posed to individuals and businesses from unsecured consumer IoT devices, as exploited most famously by the Mirai botnet attacks of 2016.

It also comes as the British Standards Institution (BSI) readies a new kitemark scheme for consumers and businesses to help them better identify products they can trust to be reliable and secure.

The CoP received a cautious welcome from security experts, but many argued it doesn’t go far enough.

“A code of practice is a step in the right direction, but more needs to be done. The industry should follow best practices and self-regulate, before regulators put a static, cumbersome device security framework in place,” argued John Sheehy, VP of strategy at IOActive.

Source: https://www.infosecurity-magazine.com/news/uk-launches-world-first-iot-code/

6

Internet of Things / Bots Targeting SSH Servers and Brute-Forcing Entry

« on: November 15, 2018, 12:46:39 AM »

Botnets have been growing more prevalent, and SophosLabs has discovered a new family of denial-of-service (DoS) bots used in distributed denial-of-service (DDoS) attacks. The family, dubbed Chalubo, has been used in attacks targeting internet-facing SSH servers on Linux-based systems, according to SophosLabs.

Using the ChaCha stream cipher, the attackers encrypt the bot and its Lua script, which researchers said is an indication of a Linux malware evolution. The anti-analysis techniques are principles more commonly used to thwart detection in Windows malware, though Chalubo does incorporate code from both the Xor DDoS and other Mirai malware families.

The Chalubo family attacked a SophosLabs honeypot on September 6, 2018, at which time researchers noted the bot attempting to brute-force login credentials against an SSH server. After gaining what they believed was access, the attackers issued a series of commands that revealed the bot’s complexity, dropping malicious components with a layered approach in an encryption not typical for Linux malware.

Source: https://www.infosecurity-magazine.com/news/bots-targeting-ssh-bruteforcing/

7

Internet of Things / What is the Standard for IoT Security?

« on: November 15, 2018, 12:45:39 AM »

The number of IoT products for consumers is growing rapidly. You can use them to adjust your heating or lighting, control access to your home, monitor your baby and keep an eye on your dog when you’re out.

At the moment, buying an IoT product is a bit like getting a tattoo: you want to get one because they’re cool and all your friends have them, but what quality standards are there for the ink used and the artistic level of the artist? In the same way, there are no standards for IoT security – and whatever the superficial attractions of IoT devices, this means there is nothing to reassure you that you won’t get more than you bargained for.

That’s not to say every device out there is a risk, but consumers need to know what they are welcoming into their homes, and understand that any insecure embedded device they connect to the internet is a potential target for attacks. These could range from spying on them and their family, as highlighted in a recent Panorama program, to inserting malware or stealing their data, or even using their equipment to power a DDoS attack.

There are also cases of random accidents due to inadequate backend software. At the moment manufacturers don’t need to provide any guarantees of the safety of their equipment beyond electrical compliance.

The good news is that steps are being taken to regulate this market. In March 2018 the UK government announced a draft code of practice for IoT products in its Secure by Design report, although this remains a work in progress. In June the EU announced that it was creating a cybersecurity certification framework designed to help ensure compliance with specified cybersecurity requirements. However, there is no date for when this will be implemented, and there are caveats.

Certification will be optional unless specified as a legal requirement under an EU law or Member State law, so it may not even apply to products developed or sold in the UK, and for the basic level of certification, manufacturers or service providers will be able to carry out the conformity assessment themselves.

In my view, responsibility needs to fall firmly on manufacturers of IoT products. They need to ensure the safety of the equipment they sell, just as car manufacturers should ensure that their cars are safe. After all, manufacturers are the people who benefit from the IoT, for example when a car tells them (as well as you) that it needs a service.

Source: https://www.infosecurity-magazine.com/opinions/standard-iot-security/

8

Internet of Things / Cranes Exposed to Possible Cyber-Sabotage—What We Can Learn

« on: November 15, 2018, 12:44:41 AM »

On October 23, 2018 ICS—CERT announced a vulnerability in Telecrane’s F25 Series remote controls, which are used for cranes. They found that anyone with a low skill level could listen in on the remote control’s communications in an attempt to “view commands, replay commands, control the device, or stop the device from running.”

In essence, a hacker could learn the commands that controlled the crane, play them back, and control the crane themselves.

The F25 Series have a wide variety of applications that range from the assembly floor to back-mounted vehicle cranes and more. While these remote controls are extremely versatile, their exposure to hacking also means that hackers have a target rich environment.

There are plenty of nightmare scenarios in which a hacker could use this exploit to deal havoc on the factory floor or in the streets in an attempt to disrupt a city or conduct corporate sabotage.

Fortunately, no reports of hacking have been reported thus far and Telecrane has already released a firmware update to combat this weakness.

Source: https://www.infosecurity-magazine.com/blogs/nations-cranes-exposed-sabotage/

9

Software Engineering / Helpful Google products and services you never knew existed

« on: July 02, 2017, 01:36:23 PM »

Most of us have heard of Google's well-publicized moonshots: Self-driving cars, smart contact lenses, internet-beaming balloons, and more.

While those products and services sound amazing, most of us can't use them just yet. But the company actually has a bunch of other ones that are incredibly useful that you might not even know existed.

For example: Did you know Google has a massive free library of fonts? Details are in below:

http://www.businessinsider.com/hidden-google-products-services-2017-6

10

Software Engineering / Samsung, SK Telecom launch LTE-R service

« on: April 20, 2017, 06:12:54 PM »

Samsung Electronics and SK Telecom have launched South Korea's first LTE-R service, the companies announced.

The LTE-R network has been deployed in Line 1 of South Korea's Busan Metro, which is 40.48 kilometers long and covers 40 stations in the region.

SK Telecom started deploying the network for testing in February.

The companies replaced existing analogue wireless technology used by railway personnel there.

The new digital network will allow smooth mission-critical communications between train personnel and control centres using real-time multimedia group calls and texts on top of existing voice calls.

The government plans to deploy more LTE-R networks with the goal to cover 5,600 kilometers by 2025.

Source: http://www.zdnet.com/article/samsung-sk-telecom-launch-lte-r-service/

11

Software Engineering / Nokia eyes APAC opportunities in IoT, 5G

« on: April 20, 2017, 06:11:30 PM »

Eager to move past its days as a handset maker, Nokia wants to build its footprint in Asia-Pacific as a provider of next-generation networks and focus on key verticals such as healthcare and transportation.

Home to 60 percent of the world's population, including Asean where the population was largely familiar with mobility, cloud, and social media, the Asia-Pacific region was undergoing various stages of digital transformation. This offered opportunities in which Nokia could expand its technology footprint in areas such as 4G and 5G, Internet of Things (IoT), artificial intelligence, and digital health, said Sandeep Girotra, Nokia's senior vice president for Asia-Pacific and Japan.

Source: http://www.zdnet.com/article/nokia-eyes-apac-opportunities-in-iot-5g/

12

Software Engineering / Vigilante botnet infects IoT devices before blackhats can hijack them

« on: April 20, 2017, 06:10:24 PM »

Mirai, the botnet that threatened the Internet as we knew it last year with record-setting denial-of-service attacks, is facing an existential threat of its own: A competing botnet known as Hajime has infected at least 10,000 home routers, network-connected cameras, and other so-called Internet of Things devices.

Source: https://arstechnica.com/security/2017/04/vigilante-botnet-infects-iot-devices-before-blackhats-can-hijack-them/

13

Software Engineering / What is the future of data communication?

« on: April 20, 2017, 06:08:43 PM »

Fifty years ago, the tools we rely upon to communicate today were only science fiction. Today, you can purchase a smartphone and make calls, surf the Web, play games, run applications and accomplish more than most speculative fiction authors dared to dream. So what's next?

Source: http://electronics.howstuffworks.com/everyday-tech/future-of-communication.htm

14

Software Engineering / Wireless Sensor Networks: the future of sensors

« on: April 20, 2017, 05:52:44 PM »

Wireless Sensor Networks (WSN) are spreading out quickly nowadays. They can be applied in most fields, from environmental monitoring to home and industrial automation. This session presents the main topics of these networks with special emphasis in energy and interoperability optimization. As an example, a WSN to be deployed in the Campus del Baix Llobregat, REALnet, will be presented.

Source: http://www.cttc.es/wireless-sensor-networks-the-future-of-sensors/

15

Software Engineering / Wi-Fi and the Future of Wireless Sensor Networks

« on: April 20, 2017, 05:51:39 PM »

Cellular networks were referenced in a few instances, but not Wi-Fi.

Of course, office grade Wi-Fi equipment isn't up to snuff for industrial applications, but what about the communication protocol itself? After all, it’s clearly capable of handling massive amount of global communications.

It turns out that there are a number of people in industry who do think Wi-Fi is a viable network for industrial use.

Source: https://www.automationworld.com/wi-fi-and-future-wireless-sensor-networks