Security is an applied science. Security properties and secure design are only valid in the context of a particular application or environment. Similarly, hacking techniques and tools are only useful for exploiting specific types of vulnerabilities.
As companies continue to beat the Internet of Things drum, promoting a world when every device is smart, and anything electronic is network connected, we have some news that shows just what a horrible idea this really is. A security firm has found that a Linux kernel driver called NetUSB contains an amateurish error that can be exploited by hackers to remotely compromise any device running the driver. The driver is commonly found in home routers, and while some offer the ability to disable it, others do not appear to do so.
Working directly with hardware is hard. Each project brings with it mundane questions of which compiler to use, what communications protocols to work with, and how to load code. Developers also need to figure out how to debug the live system without affecting the program being executed.
In the past this has required expensive and proprietary software, but thanks to commodity hardware and projects such as OpenOCD, developing programs that run directly on embedded hardware is easier than ever before.
Fred Trotter is easy to recognize; he's a tall man with an equally big presence. Whether he's sporting his signature wild shock of blond hair or has shaved it bald as he does once a year or so, he can't be missed in a crowd. Any place where open source, big data, and healthcare-oriented people are gathered, you are likely to find him and his crew.
He's a frequent speaker at OSCON and was recently a panelist at the SXSW MedTech Conference, which is where I caught up with him to ask about his passion for open source and health care related data.
I'll be honest with you. LinkedIn scares me.
For any criminal interested in targeting senior staff in an organisation, it's a goldmine of information.