Showing posts with label data. Show all posts
Showing posts with label data. Show all posts

Sunday, 3 July 2016

IoT needs unbreakable


ZDNet just published an article “The first big Internet of Things security breach is just around the corner”.

The IoT is projected to be worth in excess of 3 trillion dollars by 2020. Therefore, it should be obvious that it isn’t going away. Smart devices and chips will be everywhere. Yes, this is a security risk.

The challenge to the cyber security industry is to become “unbreakable”. 

Imagine the hundreds of thousands of hackers and unscrupulous employees who are spending ungodly numbers of hours and days trying to steal what doesn’t belong to them. Next imagine how many would continue to do so if they weren’t getting a piece of the $400,000,000,000 being stolen from you and me each and every year.

Unbreakable - the concept - is simple. 

Make it too costly and time intensive to “risk failing at the hack”! 
Risk money, time and potential criminal consequences, without getting “the prize” – who is going to do it? Ok, maybe the odd duck, but that is far better than the hundreds of thousands globally attempting to, and succeeding at stealing “our money”. Yes, it is our money, even if we don’t realize it. The big boys and girls aren’t going to lose 400 + billion a year without passing those losses onto the rest of us – not if they want to keep their jobs.

This is exactly why CORAcsi is unbreakable. Is it conceivable that someone might discover where all the CORA packages are stored throughout the Cloud, then breach each of the servers and networks involved, within a short window – say 5 minutes? 
Perhaps it is conceivable – and if they did, CORA would be no better than encryption. This may be conceivable, however, it is totally improbable, and will reduce the numbers attempting to succeed significantly, as failures clutter their landscape. 
Unbreakable = too costly and time intensive to risk failing at - the hack.
Unbreakable = leaving a trail (such as an employee who has access to “the catalog”).
Unbreakable = too many networks and servers to violate before a single package has been deleted.
Unbreakable = too many unknowns to warrant the cost while risking the consequences.


Posted by at No comments:
Labels: , , , , , ,

Sunday, 5 June 2016

Blockchains - Concepts and Connections

BitCoin

I often reflect about, well just about anything and everything. As I mused about BlockChains, I imagined that the paper accredited to Satoshi Nakamoto's gave rise to the BlockChain frenzy. An incredible concept and implementation that is ideal for the online currency that is "BitCoin":
  1. redundant
  2. decentralized
  3. robust
  4. a natural propensity towards security (as the number of blocks increase).
  5. global
The following video can be found in IEEE SPECTRUM's article entitled "The Future of the Web Looks a Lot Like Bitcoin"



As with every pathfinder who proves a new concept, others are quick follow. Near the end of this article the author talks about the push to include executables in BlockChains. There are many articles and blogs that can be found about BlockChains, in particular I would like to draw your attention to the following:

BlockChain executable


O'REILLY's "Understanding the blockchain"

Blockchains and Online Dispute Resolution: Smart Contracts as an Alternative to Enforcement

Mike Hearn's blog "Developing apps for block chains"

itnews reports "Ransomware uses blockchains for decoder delivery"

In Ethereum landing page (as of June 5, 2016) one doesn't have to look far to read "Build unstoppable applications".
I know it sounds good, or great, however, we need to slow down for a moment and think about it! In a perfect world, we would all accept the same definitions for honor and integrity.. We would all know the difference between right and wrong, good and evil.
In a perfect world, I doubt that anyone would understand or care about a virus, worm, Trojan or malware. In a perfect world, a zero-day attach or vulnerability would only be found in the popular writings of a science fiction author with an incredible imagination.

Caution

Our world is not perfect - not yet! A zero-day vulnerability is "by definition" one that hasn't been considered or planned for! Do you see the danger in building "unstoppable applications"? Allow me to rephrase this:
Do you recognize the danger in an environment that allows for the building of:
  • unstoppable viruses
  • unstoppable worms
  • unstoppable zero-day attacks
Yes, I know, we will build in safeguards, just like we do with Computers and Servers, and yet, someone always finds a way (sounds a lot like Jurassic Park).

Bottom line: Blockshains are ideal for an online currency that is decentralized. Once this moves to anything that can be "executed", there must be a "centralization" - a way to control these "seeds" of "potential disaster".

Upcoming Blog

Stay tuned for one of my upcoming blogs which contrasts this "decentralized distributed environment" with CORA, a Context Ordered Replacement Algorithm from CORAcsi that allows for the implementation of a centralized distributed environment.


Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)