Monday, August 1, 2016

On this day one year ago: Windows 10, Facebook and General Motors

We're on a Summer break with the usual Monday interviews and we focus on more fresh notes, to alleviate the rigours of the summer, with permission from our readers from the other side of the sea, who are enjoying Winter by now.  We've asked ourselves: In a changing environment as cybersecurity, what happened one year ago? Looking to the past allows us, at least, to check if we have done our homework.

We have been taking notes about the importance of securing access for years, but only one year ago the social network by excellence (at least by number of users), released its Security Checkup which allowed us a better control of our accounts access. Nowadays most of us live so accustomed to this system that for us its hard to believe how could we live without it. The policy of carrot and stick for Zuck´s guys, then Whatsapps owners: a year ago a 19 years old student explained how to assault other people's conversations, and their contacts too if the victim was an iPhone.

But the really serious shock one year ago came "thanks to" a huge hole discovered on BIND,  the oldest and most popular DNS server in Internet. A server installed in millions of machines, wich historically was something to riddle with bullets, but the new fail allowed to send a simple message to the server in order to take it out of order. It was quite a thing, because according to experts "one hour was enough to shut down every BIND public servers", wich meant the DNS infrastructure, a basic item for Internet. 

As it is normal at this time of the year, we were at the edge of two reference events in the cybersecurity world: The Black Hat and Defcon conferences. And one of the biggest headlines was contributed by a LA hacker, responsible for a device called OwnStar, devoted to burst into OneStar, the communications channel of the cars produced by General Motors. By doing that, it was able to locate them and steal the necessary credentials to open and start them remotely. An issue that made us keep in mind the still necessary update for "smart" cars security. 

And if it wasn't enough for us, the same day we noted two basic news for the ordinary users. The first one is that, like it or not, Window 10 spies you: email, messages, contacts, calendar, location... a party. The second one is that the company responsible of BitDefender antivirus suffered a not authorized access, to their database and the leaking 0f 250 registers as an evidence that the attackers were serious.

One year later, have we done our homeworks? In a week a new retrospective vision. 

Image: Freimages.


Post a Comment