Things I Hearted this Week 17th Nov 2017

November 17, 2017 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

It’s another week, another roundup. I wasn’t able to publish last week as I travelled to Portugal for Bsides Lisbon. You can read all about my adventures, see a video recap, and a recording of my keynote here. But the TL;DR version is that Lisbon is a lovely city, and Bsides was a great event.

But enough about me, let’s jump right in to it.

Blockchains

Blockchains are a bit of a running joke in that few people properly understand what it is, but are content to throw it around as a solution to everything and anything. You know something is over saturating the market when a simple search for blockchain brings up more memes than actual articles.

Do check out this article by Jack Preston which gives a great breakdown on hashes, and the structure of a basic blockchain.

Everything you wanted to know about blockchains but were too afraid to ask | Unwttng.com

The Motherboard guide to not getting hacked

The good folk over at Motherboard have put together a handy guide to not getting hacked.  It covers the basics, mobile security, privacy, messaging, and even avoiding state and police surveillance.

It’s worth a read, and even better, it’s worth sharing with people who may not be overly familiar with security.

The Motherboard guide to not getting hacked | Motherboard

Smart Drugs

It was only a matter of time – but digital pills are here that talk to your doctor. The idea is that the pill will signal a smartphone once it reaches the gut so doctors can track whether patients are taking their medicine.

The main use-case discussed so far has been to ensure mental health patients are taking their medication on time. There could probably be other uses, maybe an app could helpfully remind people to take their medication, and automatically log what was taken and when. Reducing the need for those annoying multi-compartment boxes that some people have which carries all their medicine for the week.

However, there are definitely darker uses for this technology. Given how poorly secured medical devices have been, it’s probably not too difficult to spoof the messages, to make it appear as if a patient has taken an overdose. Or even blocking the fact that someone has taken their medication, resulting in the doctor forcing an overdose... I should stop spending time with so many bad hackers.

Digital pills that talk to your doctor are here | The Wall Street Journal

Major Malfunction

Most people in the industry have heard of Adam Laurie aka Major Malfunction. He’s been involved in DefCon and the London chapter for – well, as long as I can remember.

A lot of Adam’s research is focussed around RFID / NFC security. It was great to see him featured in a Vice video on hacking passports and credit cards. It’s well worth the watch – if for nothing else to be jealous of his impressive house!

Hacking passports and credit cards with Major Malfunction | Vice.com

How Facebook figures out everyone you’ve ever met

How do these things happen?

  • A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.
  • A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.
  • An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

Spoiler alert; a lot of it is down to your smart phone. The long answer is in this Gizmondo article.

How Facebook figures out everyone you’ve ever met | Gizmondo

UK Mass surveillance

There are three separate cases being brought against UK authorities, all of which stem from Edward Snowden’s 2013 revelations about mass state surveillance around the world.

According to The Intercept, a panel of 10 judges at the European Court of Human Rights in Strasbourg, France, held a hearing to look at the large-scale electronic spying strategies of the UK government.

The ECHR is still applicable to the UK despite its decision to vote for Brexit in June 2016, and the court’s judgments could mean major changes for how these surveillance operations will be carried out in future.

European Court challenges UK intelligence on mass surveillance | Silicon Republic

Amazon Key

A lot has been said about the Amazon Key in the last couple of weeks since it’s been announced, but are we looking at it in the wrong way? Are our homes really our prized possessions? Or is that a myth?

Privacy? The Key Problem Here Is Not The ‘Amazon Key’ | ITSP magazine

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL CHAT