6:30pm ET There is a latent distrust of the growing "Internet Of Things" market. The data collected by them is becoming more personal all while proliferation of internet connected devices is continuing without regard to privacy or security. Recent news stories has consumers concerned not only with privacy but also surveillance and data handling. There is no trusted third-party "consumer advocacy" for privacy. To compound the problem, "IoT" and internet connected consumer devices are each made from custom hardware and software. This lack of homogeneity in design makes traditional software based security (like "antivirus") virtually impossible. These devices and apps are literally "black boxes" that we entrust our privacy to. Bio: Stephen A. Ridley is a security researcher at Xipiter (http://www.xipiter.com/). He has more than 10 years of experience in software development, software security, and reverse engineering. Prior to Xipiter, Mr. Ridley served as the Chief Information Security Officer of a financial services firm and prior to that was a Senior Researcher at Matasano. He also was Senior Security Architect at McAfee, and a founding member of the Security and Mission Assurance (SMA) group at a major U.S defense contractor where he did vulnerability research and reverse engineering in support of the U.S. intelligence community. He has spoken about reverse engineering and software security at Black Hat, ReCon, CanSecWest, EuSecWest, Syscan and other prominent information security conferences. Stephen is a co-author of "The Android Hacker's Handbook" published by Wiley & Sons. At Xipiter we've been working on the security of embedded systems and IOT devices. Xipiter has built several industry unique trainings (http://www.xipiter.com/training) on mobilesecurity and embedded device security. Each of which has sold out at Blackhat (the largest security conference in the world) for three years in a row. We've helped numerous manufacturers secure their embedded devices. From card-payment systems and set-top entertainment manufacturers to more esoteric vendors of Gaming systems (lottery, casino, etc) and Industrial Controls Systems. We also publicly blog about our exploitation of these devices (http://www.xipiter.com/musings).
Views: 1436 Duo Security