Expert(s):
Senior Security Consultant feature_status*/ ?>
Synopsys

Comments Dotted : 3
October 15, 2020

Expert Advice To Protect Universities In This New Year Against Latest Iranian Hackers
We must ensure that the technology provided to students is actually accessible.
We must ensure that the technology provided to students is actually accessible. Many applications require a strong internet connection to access. If a student lives in a rural setting with poor network or satellite connection then learning solutions suffer from VPN requirements or latency—and we must also take into account those with no access to an internet connection or device from which to work.
May 06, 2020

Cybersecurity Experts Reaction On Contact Tracing App ‘Fails’ NHS And Cyber Security Tests
Apple and Google can also work on a framework foundation.
Tracing applications that allow attackers to access a user’s Bluetooth also allows them to fully read all Bluetooth communications. This includes items in the user’s car, music they listen to, household IoT devices, and more. Users can protect themselves by limiting the number of applications they download, by limiting the number of Bluetooth items they pair, by limiting the number of Bluetooth items they keep as whitelisted, known devices, and by limiting the amount of information they are .....Read More
Tracing applications that allow attackers to access a user’s Bluetooth also allows them to fully read all Bluetooth communications. This includes items in the user’s car, music they listen to, household IoT devices, and more. Users can protect themselves by limiting the number of applications they download, by limiting the number of Bluetooth items they pair, by limiting the number of Bluetooth items they keep as whitelisted, known devices, and by limiting the amount of information they are transferring over mechanisms such as Bluetooth. Tapping applications requires a means of storing, analysing, and transferring the data tapped for analysis. I would recommend ensuring data that isn’t required for analysis is deleted, and data that is required should be encrypted, securely stored, and transferred only for as long as it is needed. For any data used there should be mechanisms in place to ensure that data is only moving one way and cannot be tampered with. There also needs to be a mechanism in place to ensure the validity and integrity of that data. It’s important to ensure that third-party peripherals follow a basic standard for Bluetooth implementation, wherein gaps are covered from the operating system or hardware system in Google or Apple devices respectively. Examples include supported encryption mechanisms for messages in transit and link key generation for pairing mechanisms. Apple and Google can also work on a framework foundation for other Bluetooth peripherals—like how the app stores work, but for Bluetooth mechanisms. This way, the device OEMs can begin to ensure a level of security and safety for users as they become more intertwined into third-party services.  Read Less
April 30, 2020

Security Implications Of Covid-19 Contact-tracing Mobile Apps – Experts Commentary
There also needs to be a mechanism in place to ensure the validity and integrity of that data.
Tracing applications that allow attackers to access a user’s Bluetooth also allows them to fully read all Bluetooth communications. This includes items in the user’s car, music they listen to, household IoT devices, and more. Users can protect themselves by limiting the number of applications they download, by limiting the number of Bluetooth items they pair, by limiting the number of Bluetooth items they keep as whitelisted, known devices, and by limiting the amount of information they are .....Read More
Tracing applications that allow attackers to access a user’s Bluetooth also allows them to fully read all Bluetooth communications. This includes items in the user’s car, music they listen to, household IoT devices, and more. Users can protect themselves by limiting the number of applications they download, by limiting the number of Bluetooth items they pair, by limiting the number of Bluetooth items they keep as whitelisted, known devices, and by limiting the amount of information they are transferring over mechanisms such as Bluetooth. Tapping applications requires a means of storing, analyzing, and transferring the data tapped for analysis. I would recommend ensuring data that isn’t required for analysis is deleted, and data that is required should be encrypted, securely stored, and transferred only for as long as it is needed. For any data used there should be mechanisms in place to ensure that data is only moving one way and cannot be tampered with. There also needs to be a mechanism in place to ensure the validity and integrity of that data. It’s important to ensure that third-party peripherals follow a basic standard for Bluetooth implementation, wherein gaps are covered from the operating system or hardware system in Google or Apple devices respectively. Examples include supported encryption mechanisms for messages in transit and link key generation for pairing mechanisms. Apple and Google can also work on a framework foundation for other Bluetooth peripherals—like how the app stores work, but for Bluetooth mechanisms. This way, the device OEMs can begin to ensure a level of security and safety for users as they become more intertwined into third-party services.  Read Less