I should qualify this post by saying that I am not a computer security researcher or expert but I do work in a research centre which works extensively in this area. Anyway it seems that over the last week or so we have had quite a few interesting stories, some more surprising than others.
The BBC reports that researchers at Germany’s Erlangen’s Friedrich-Alexander University have managed to retrieve confidential information from an Android phone by placing it in the freezer. With some sense of irony the feature known as data scrambling was introduced in Android 4.O Ice Cream Sandwich. All it apparently took was placing the phone in the freezer for an hour.
According to The Register, Google also suffered a security fault which would in theory allow anyone to bypass the two-step authentication process. Apparently Google was made aware of the bug last year but only fixed it recently.
One of my favourite cloud tools Evernote experienced problems after hackers gained access to all user ID information prompting Evernote to put out a system wide password reset to all customers. In general this flags up (along with the Google problems) the problem of storing sensitive date in the cloud.
This time closer to home we recently had a distinguished lecture at SnT by Prof. Paulo Veríssimo of The University of Lisbon. As well as being an excellent speaker his talk was as interesting as it was frightening. He basically suggested that the IT security of power grid installations is far worse than the public perhaps believes. Indeed he said we should be prepared for a major disaster due to hackers making their way into power installations. If you think that is not possible don’t forget that “someone” managed to hack into Iranian Nuclear facilities using the Stuxnet worm but that also this worm had infected other installations. Also in 2003 the David-Besse nuclear plant in Ohio suffered a five hour outage of it’s safety systems due to the SQL Slammer Worm. One is rapidly coming round to the idea that wind power may be a better idea than first thought.