Auto makers have some work to do securing passive keyless entry and start systems

In a Computerworld article today, some researchers have shown how easily circumvented the PKES or passive keyless and start systems used by all the major manufacturers are.  For as little as $100, equipment can be obtained off-the-shelf and configured to sniff the codes used by these systems.   “In this paper, we demonstrate that these attacks are both feasible and practical,” the researchers said.

The article notes very specific details about how the attack can be successfully pulled off and states the researcher’s opinion that the attacks are not theoretical.  The only recommendation to mitigate the attack is to use a protective magnetic envelope to prevent the fob from emitting signals or removing the fob’s battery.

This is a great case of a manufacturer not taking security seriously.   In this case it shows the laxity and arrogance of entire industry.  Are there any manufacturers that have multifactor security available?  Simply using a thumbprint in conjunction with the fob, would have prevented the mess the industry is in now having to fix the issue.  I wonder if any security consultants were consulted?  I am guessing no.

How to avoid having your bank account drained

The malware epidemic has matured into a sophisticated criminal tool for sucking cash out of bank accounts.  Here are some basic tips to stay clean of the threat of malware.
Read More »

your best offense: a solid defense

your best offense: a solid defense

How long does it take before you discover a data breach?  And by that time, is it too late?  What are the measures you put in place to identify the issue and ensure that it doesn’t happen again?
Read More »

your datacenter, your software as a utility

your datacenter, your software as a utility

If you’ve grown weary of the data closet down the hall, leverage our rock-solid infrastructure for your critical business applications.

Whether you prefer the traditional server-to-client architecture or your applications delivered over the internetwork, we can assist you.  Software-as-a-Service has matured from it’s inception in the late 1990’s to a solid, enterprise-level utility model offering.   Saves thousands in capital expenses for a low monthly fee that handles the hardware, the applications, the security, the patches , the updates, the management.

By ‘utility’ we mean you get all the benefits of the service, without investing in and maintaining the infrastructure.   We do all that for you and deliver the raw, clean software-as-a-service.

Let us know if you’d like to learn more.

Banks do not have fraud d…

Banks do not have fraud detection systems to detect repeat ATM withdrawls within a short period of time. http://ow.ly/3xwct

software as a service

software as a service

we deliver your application over the network using technology tested by the most demanding financial and medical industries.

the technology is here and time-tested. reduce your it expenditures by virtualizing your applications and moving them offsite.

virtualization: ready for primetime

virtualization: ready for primetime

let us tell you how

Hacktivists and ‘the Professionals’ should make 2011 quite interesting

From Hacktivists to ‘the Professionals’, DDoS attacks are a major tool. http://ow.ly/3sKj2
And detailed DDoS discussion: http://ow.ly/3sKhs

2011: expect more of using social media for hacktivism

2011 will be the year of using old attack vectors in new web 2.0 ways. DDoS with social media? Browser-only DDoS? Lookout!  http://ow.ly/3sF9W

Facebook intern turns user demographics into an amazing map of a connected world…

Cool! Facebook intern turns data into amazing map of a connected world. http://ow.ly/3pVBv