Network Security - The Imperative Need of Computer World
Just yesterday IBM announced another gem from its research lab - Watson . It's basically a Question Answering (QA) computing system, which will churn out enormous data at lightening speed to get the required answers/ results. For now, Watson’s playground will be the famous quiz show “Jeopardy”. You can read more about Watson & DeepQA here. But the Mind blower video in the corner of announcement page, prompted me to right this text.
The video asked the viewer, “What would you do if you have Watson for 1 day?”
Listening this, my (Security obsessed) brain started working overtime and here is one to-do which I could think at the lightening speed -
“I would ask Watson to find all possible kind of the security breech / loophole on my computer / network, along with solutions to fix each one of them”.
Also, it would be fun to ask questions like “What is the question for which you (Watson) don’t have any answer?”
It would be very exciting to explore more usage for this kind of system. Please comment if you have such ideas.
According to me, the usability & effectiveness of such system is in asking the ‘smart question’ to get the ‘smart answer’. So, dear all, the time has come when we can actually start thinking how to ask ‘smart questions’ to get precise answers.
(smart questions, smart answer, smart planet - sounds like lyrics of my next guitar song!)
All in all, It’s no more elementary, Dr. Watson!
Hello & Welcome to all the security enthusiast (if u r not, then be one!),
For my first blog, let me start by introducing myself. I'm Vipin Rathor, working for IBM Network Authentication Service (IBM Kerberos) Development & Support team. I've been with this fantastic team for 3 years now (directly became part of this team after joining IBM). We are part of Storage & Filesystems group under IBM India Software Lab. My very nuclear team is full of sense of humor, one-liners and is quick-witted, so am I.
Enough talking about me... let's see what to expect out of this blog.
This blog will basically serve as one-stop resource for computer security needs of yours. Focusing primarily on network security, data security, authentication protocol (especially IBM Kerberos), Security in Storage domain etc., we will try to cover latest actions here. Occasionally, you might see some off-topic but interesting feed about the happenings in security field around the world. If you want to me cover something specific, let me know.
This is all for the first blog, hang around for upcoming feed.
Bye for now & take care.
Even today, organizations spend heavily to tighten the security for external attacks and keep eyes closed on the threat from insiders. It has been proved time & again that security risk from within the company is as good as (if not greater than) any external threat. One of the most critical perils is the 'data theft' by any insider. Imagine the situation in which your company’s yet-to-release confidential reports are in the hands of your competitors! Sounds like worst nightmare, isn’t it?
Well, the best way to avoid this, is to have proper mechanism to secure the valuable data at rest as well as data on the move and educate / motivate the employees to use these mechanisms. I’m proud to present you one such mechanism in the form of alphaWorks technology.
This initiative took lots of after-office hours of my team and the outcome couldn’t be better!
So people, get it - use it - spread it - what are you waiting for?
Any suggestion / comment invited!
Till next time, keep rocking.
Well, friends! This is just one application of much-hyped cloud based infrastructure. It provides you enough processing power at relatively low cost (this is important!), that makes it affordable for this kind of use.
So if this is dangerous, then why are people developing it? I would say this is just one side of the coin. The other (& promising) side is, this low cost key cracking service is to be used for security penetration testing of wireless network. Also, this is a paid service which requires user to make a payment via amazon (which, I believe, is traceable in case of malicious use of the service).
In this note, I just wanted to bring in notice, a different, off-the-track use of cloud services. If this gets you interested, then you can read the full story here.
Do let me know what do you think on this?
I've always wondered about effects (i.e. both good or evil) of video games on our daily life. Being an avid video game player, I would always love to see something good happening out of video games.
Recently, I came across this peice which talks about how the World of Warcraft (a very popular massively multiplayer online role-playing game ala Second Life) helped the Epidemiologists understand the cause-effect of virus outbreak in real world in 2005. Apparently, there was a bug in WoW, which being tied to the gaming characters, started spreading in the virtual world like a real world virus. Soon the Epidemiologists around the world were taking interest in this developement as the symptoms were very close to the real world virus outbreak (like rapid contegious infection, malicious infection, bystanders-curiosity, psychology of infected & uninfected crowd etc.). Finally, the infection was cured with the help of patches, guidelines, vaccines etc.
The whole episode was very useful to the researchers since any research lab simulation of the outbreak of this magnitude involving real-life human subjects would be very costly & time consuming. The virtual outbreak research gave vital points about understading & controlling the infection in real life. You can read the whole trivia here. (Note: You will have to click 'World of Warcraft' option to get the whole story)
Thoughts to take home with you:
If you happen to know more such incidents, please let everyone know via comments below.
Whoa, what a week for security enthusiasts within IBM & outside.... This blog entry was boiling inside me since last week... finally got a chance to puke it out. Let me start with a bang!
IBM on buying spree!!!!! acquiring business analytics forecaster, SPSS and software security provider, Ounce Lab. The Ounce Lab acquisition will definately broaden the IBM's horizon of application security-testing solutions [read full story here].
On the other hand, the IBM ethical hacking team peeking from network loopholes of clients and turning a small contract into multi-million dollar deal!!!! Yeah, these smart guys, sitting in far end of world (or I would say their office but a beach = an office?), bring down false feeling of the secured network and unmask the bare bitter truth that there are holes in the wall ! Getting access to anything & everything in the process, but these "angel harckers" even offer the solution to fix these breaches, so that no one else in the world could follow their path. (afterall, they are our clients, and competitors, please beware!!!! ;-). [read full story here]
It surely feels great to know such happennings inside IBM and what a right time ?? when the world is echoing the IBM's mantra of Smarter planet and innovation !!!
Go, IBM, GO!
vrathor 060001QMXB 1,126 Views
Recently (link) IBM has announced to invest $1 billion in solid-state storage and primarily focusing on high performance storage banking upon flash memory's key differentiators like smaller foot print, speed, low power consumption etc.
This news made me think more upon future of IBM's storage product portfolio. With this significant investment happening, it is upto us to prove how best we can leverage this opportunity and how innovative we can infuse this new storage class with our existing products. It will be interesting to see the outcome once solid-state storage marry the existing storage offerings. I'm keeping my fingers crossed & thinking cap on. Are you?
Recently I came across this amazing proof-of-concept which proves that our physical keys can be copied just by their images !!
What??? no, Are you serious??
Yeah, call this a technological leap in optics and image processing, but this is reality. And the professors at University of San Diego's Jacobs School of Engineering have successfully experimented this.
The original article (quite old though) can be found here. You can read about the technical details.
When I was reading this, I was thinking of all the places where my keys are susceptible to this kind attack. Like Airport/Hotel/Banks scanning - where you need to empty your pockets. Can you think of such places?
Well, the possible places are many but the question is: Whether we are ready to counter such kind of attacks? may be not.
As always, the best thing to do is to be vigil & pay attention to the details. As a security measure, never upload images with sensitive information (e.g. keys, driving license, important numbers etc.) and even if you have to, then make sure that you blur out the important parts.
Be safe & ride safe !!