Innovation advisory and IRM/InfoSec/I-Audit services. Positive contrarian, inspirator, loosen-upper.
To close off [almost, since @KPN fraud themselves away from bankruptcy by series of outright lies to customers and tort] the year with a wild shot, ahead: There is value in the information analysis in IoT, as described in Gelernter and many since, of the two-way flow of information. One, flowing up are information in … Continue reading “One IoTA FYI”
Apart from the previously established focus on Integrity, in particular to have Data plane integrity from which actual Information could be derived, through integrity in the Control plane, there’s of course a need for other aspects as well, like Confidentiality, Availability, and Effectiveness and Efficiency. [Oh that previous Integrity signal is here.] Though the latter … Continue reading “IoTA mutiplication; old style, is the new new”
[Apologies for the date/time stamp; couldn’t pass.] First, a pic: [Classy classic industrial; Binckhorst] Recently, I was triggered by an old friend about some speaking engagement of mine a number of years back. As in this deck (in Dutch…). The point being; we have hardly progressed past the point I mentioned in that, being that … Continue reading “Not yet one IoTA; Auditing ‘technology’”
Am I too late with this post, or are people still mixing up the Internet of Things and Wearables ..? First, a picture: [Rarely seen Cala, at ON] Because we’re talking quite distinct things. Yes, there’s a crossover area where e.g., the sensors or ‘reflectors’ we wear, operate in the IoT realm of ambient intelligence. … Continue reading “WIoTables”
[Terug naar Wijn is Fijn] Ja beste lezer, daar ziet u duidelijk een tautologie of synoniem opduiken. Ik zei opduiken, niet er staan. Want er is wel wat kaf onder het koren, maar met enige ‘technische’ kennis van zaken komen we een heel end in de goede richting die erkenning is van de hoge kwaliteit … Continue reading “Savoie, d’Haute, Qualité”
Unfortunately, this is not about coffee, it’s about in-filtration. And, supposedly, some form of exfiltration or abuse. All about IoT – still going strong as a term, despite slowly growing out of the trough of disillusionment both qua general deployment and use of the things behind the abbrev, as qua security concerns that resurface unresolved … Continue reading “Ah, the infiltration of.”
Bij de verjaardag van een kennis, actief en succesvol wijkagent, kwam het volgende naar boven. Ter discussie … De wijkagent surveilleert én is er voor vragen uit de buurt. Met een licht surveille-regime; de agent is maar in z’n eentje in een best grote wijk en wandelt wat. Waar z/hij in de buurt is, wordt … Continue reading “Een rondje met de cyberwijk-agent”
So, we have the first little probes of TDoS attacks (DoS-by-IoT). ‘Refrigereddon’. As if that wasn’t predictable, very much predictable, and predicted. [Edited to add: And analysed correctly, as here.] Predicted it was. What now? Because if we don’t change course, we’ll achieve ever worse infra. Yes, security can be baked into new products — … Continue reading “The legacy of TDoS”
Doing some pondering, digging and backtracking on the issue of IoTA. But, … already got stuck when considering how to (best?) model the architecture at lower levels. Would a classical picture, or a somewhat-less classical picture work best to gain understanding of the risk areas ..? As in: [Own pic] Or [Plucked, adapted from the … Continue reading “ICShape”
Recently, there was yet another exepelainificationing of ‘software defined networking’, along the lines of separation of the control plane from the data/content plane (here). Which ties into a core problem, with IoT the subject of this post: Integrity. Yes, confidentiality may be an issue, but singular raw data points themselves often are too granular to … Continue reading “SwDIoT”