The Art of Maskirovka: Russian Intel linked to DNC & DCCC hacks

Information Security Researcher & OpSec guru thegrugq is piecing various independently researched information together, leaving no doubt that the FSB was behind recent DNC and DCCC hacks. In my elaborate August post on Smart-City security and ethical considerations, I pointed out that hacking and meddling in a foreign nation’s elections is neither new, nor unexpected. […]

Read More

SmartCities’s Cyber Security Role and Ethical Challenges

Security and safety challenges of smart-cities are under hot discussion, and thanks to its property as an umbrella term every cyber-security vendor has an opinion on it. Most technical research on smart-cities aren’t addressing cyber security and privacy concerns. The consensus is that it’s the vendor/integrator who should be held accountable when things go wrong. But […]

Read More

Streembit in the era of “Digital Darwinism”

Human Vs. machine, Atoms Vs. bits; this changes in how people communicate, connect with machines, and discover the world of things are carrying incredible technologies to Digital market. We are now beginning the era of “Digital Darwinism”. “Era where technology , society and operation models are evolving faster than businesses can adapt.” Firstly thanks for […]

Read More

Thoughts on Streembit without getting too technical

I have been trying to come up with a simple explanation of Streembit. Almost like an explanation without actually explaining it: “Streembit is a peer-to-peer human and machine communication platform. Secure, peer-to-peer, decentralized network formation is a fundamental and unsolved information technology problem.“ Streembit aims to solve this problem. But what exactly is the problem […]

Read More

Can Passengers Access an Aircraft’s Safety Critical Systems via the IFE?

Interesting discussion has popped up on my LinkedIn feed over a picture showing an ancient version of Linux used in an In-Flight Entertainment (IFE) system. The question was raised again (over and over) whether a passenger can issue safety critical commands or access functions from the cockpit. IFE’s are typically certified to Design Assurance Level […]

Read More

Streembit: “Hello World” My 1st Ever Video Call over a Decentralised P2P Network

Today I’d like to show you what Streembit, the world’s first decentralised P2P based messaging platform can do for humans (besides the IoT). Streembit uses well tested cryptographic industry standards to ensure end-to-end encryption. There are no 3rd parties, or intermediaries monetizing your data. Using a DHT, Streembit avoids the traditional pitfalls threatening the bitcoin network while remaining agnostic about the eventual outcome […]

Read More

Streembit: a decentralised peer-2-peer messaging platform for the IoT

Introducing Streembit: a decentralised, peer-to-peer, secure communication system for humans and machines. The purpose of Streembit is to create a free, secure, decentralised, peer to peer, Open Source system that secures your real time communication in accordance to the currently evolving W3C’s Web of Things (WoT) standard. You can have as many accounts on the permission less […]

Read More

Securing the Internet of Things

A report from the Economist Intelligence Unit The internet of things (IoT) presents the ultimate scenario of technology disruption. In industries ranging from door locks to auto, from sports apparel to heavy manufacturing, the IoT is upending business models, restructuring organisations and redefining the very nature of information technology (IT). But recent research by The […]

Read More

Attacking the Internet of Things for Fun and Profit

Last updated 22nd Sept. 2016. Below we’re collecting the most interesting and influential IoT Security papers. This post targets engineering professionals who want to jump-start their IoT Security foo or wish to move into this Brave New World that is the Internet of Things or more specifically learn about IoTSecurity. The below content is evolving (hopefully with your help). If you find something missing […]

Read More

Misconfigured US DoS website leaked classified files into archive.org

thiébaud.fr has recently pointed out that the robots.txt file from the US Department of State website contains a grave misconfiguration. A robots.txt is part of a webservers configuration and supposed to be publicly readable. It tells search engines which links on the site should (not) be indexed. But the configuration directives which were used in robots.txt must have […]

Read More

Tinker Tailor Soldier Spy: US industrial espionage in Germany

a quick reminder that NSA surveillance is not just a post 9/11 phenomenon. “Echelon” was a US industrial espionage program in Germany. See this post from 2000 calling for the shutdown of the program. “Germany’s national intelligence agency, Verfassungsschutz, openly warns its business and industry community against Echelon. Germany’s intelligence agencies do more than just warn […]

Read More