Security Insecurity - PowerPoint PPT Presentation

security insecurity n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security Insecurity PowerPoint Presentation
Download Presentation
Security Insecurity

play fullscreen
1 / 8
Security Insecurity
82 Views
Download Presentation
kristy
Download Presentation

Security Insecurity

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Security Insecurity By Curt Priest

  2. Connectivity and Security are always two opposites • Internet accessible devices hard to secure • Computers • Ip cameras • Complete security systems (dashboards) • Open transmission systems • Wireless access points • Radio / television communications • Network connections • Easier to secure • Closed circuit television • Twisted pair telecom • Secured intranet (no outside connection to internet)

  3. Vulnerability is the intersection of three elements • System susceptibility or flaw • Attacker access to the flaw • Attacker capability to exploit the flaw http://en.wikipedia.org/wiki/Vulnerability_(computing)

  4. Onity Security Systems • Manufacturer of door security lock systems for government buildings and major hotel chains. • About 4 to 5 million Onity locks are installed on hotel room doors around the world. • A service port allows a technician to power a dead lock and use a master code to unlock.

  5. Onity’s flawed Security lock “According to Brocious, who should be scolded for not disclosing the hack to Onity before going public, there is no easy fix: There isn’t a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed.” Cody Brocious demonstrating his unlocking tool on an Onity lock in a New York City hotel. http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/

  6. TrendnetSecurity Cams • Manufacturer of security cameras for home and business use. • Security flaw found in camera firmware • Company issued firmware update • Discontinued products not able to be updated • Many people do not register products (not aware of problem)

  7. Security flaw allows unauthorized access to security system • Access to CGI (common gateway interface) folder at ROOT. • Access to camera video by simply adding cgi request with the IP address. • IP location can be found using whatismyipaddress.com/ip-lookup

  8. Security systems are not always secure. • Questions?