Is The Tesla Hackable?

September 9, 2013 by admin
Filed under Security

Comments Off on Is The Tesla Hackable?

It’s the curse of the connected car once it’s linked to the Internet, it’s, well, on the Internet. In the case of the Tesla Model S, this means that mischievous hackers could, in theory, control some functions of the vehicle and even snoop without the owner’s knowledge.

Tesla offers Android and iPhone apps for Model S owners, which can be used to check the vehicle’s battery, track its location and status, and tweak several other settings, like climate control and the sunroof. It can also be used to unlock the doors on the Model S.

Dell senior engineer George Reese says the REST API used by Tesla to provide access for Android and iPhone apps has several fairly serious security flaws, which could offer a way in for unscrupulous hackers.

According to an article written by Reese for O’Reilly, Tesla appears to have broken from accepted best practice when designing the API for the Model S.

“It’s flawed in a way that makes no sense. Tesla ignored most conventions around API authentication and wrote their own. As much as I talk about the downsides to OAuth (a standard for authenticating consumers of REST APIs–Twitter uses it), this scenario is one that screams for its use,” he wrote.

However, Reese notes, this is merely a potential attack vector, not one that could be immediately exploited. That said, a compromised website particularly one designed to provide “value-added services” via the API to Tesla drivers could prove highly damaging.

“I can … honk their horns, flash their lights, and open and close the sunroof. While none of this is catastrophic, it can certainly be surprising and distracting while someone is driving,” Reese wrote.

Automotive hacking has been posited by experts for some time, and several presentations at this year’s Defcon detailed fairly comprehensive methods of compromising some models.

Source

Tags: analysis, android, API, apple, application interfaces, applications, apps, authentication, automobiles, automotive hacking, autos, battery, carriers, cars, cars online, Cellular, Conference, connected cars, conventions, criminals, cybercrimes, Defcon, Dell, developers, devices, Drivers, engineers, experts, flash lights, gadgets, George Reese, gps, Hackers, handsets, hardware, honk horns, internet, iOS, lights, location, Model S, networks, OAuth, Online, operating systems, OS, phones, Reese O'Reilly, researchers, REST, roads, Security, smartphones, snooping, social media, social nets, social networks, Software, standards, status, studies, sunroof, systems, tablets, technology, Telsa, tracking, Twitter, updates, value-added, vectors, vehicles, Wireless

LinkedIn Beefs Up

April 2, 2013 by admin
Filed under Around The Net

Comments Off on LinkedIn Beefs Up

LinkedIn has re-tooled its search engine with changes designed to make it easier for members to find information on the business networking site, whose volume of content has increased and grown more diverse in recent years.

Launched in 2003, LinkedIn initially focused on giving professionals a place to feature their resumes and career bios, as well as connect with peers and colleagues, but the site has progressively become more interactive and houses a much larger repository of data beyond individual profiles.

For example, almost 3 million companies have set up corporate pages, more than 1.5 million groups have been created, the site features a jobs section, and individuals and publishers are able to post and share comments and links to articles.

So it’s not surprising for LinkedIn to focus on improving its search engine, which fielded 5.7 billion queries last year.

LinkedIn members have until now had to run separate queries for groups, companies, jobs and other professionals, but that’s changing with the upgraded search engine.

“Now, all you need to do is type what you’re looking for into the search box and you’ll see a comprehensive page of results that pulls content from all across LinkedIn including people, jobs, groups and companies,” Johnathan Podemsky, a LinkedIn product manager, wrote in a blog post on Monday.

Users can still segment results, so as to see only job results, for example.

The LinkedIn search engine is also gaining auto-complete and suggested-searches functionalities to help people fine-tune query terms. In addition, the search engine will log members’ search queries and “learn” from them in order to deliver more relevant results.

It will also be possible for users to save search queries and be alerted about new or changed search results. The advanced search option has also gained more search filters, including location, company and school.

However, the search engine still doesn’t include content from the company’s SlideShare site, which about 60 million monthly visitors use to upload, share, rate and comment on primarily slide presentations, but also documents, videos and webinars.

Also, the search improvements are being applied to the main site, not to the mobile apps, although doing so is something the company is looking into, according to a spokeswoman.

LinkedIn started to roll out the new search features on Monday, and expects to finish delivering them to every member worldwide in the coming weeks.

As of the end of 2012, LinkedIn had topped 200 million registered members located in more than 200 countries.

Source

Tags: apps, articles, audio, bios, blog, blogging, browsers, businesses, careers, colleagues, comments, companies, Computing, consumers, content, corporate pages, customers, data, data segments, databases, devices, documents, downloads, gadgets, groups, hardware, information, interactive, internet, Jobs, Johnathan Podemsky, LinkedIn, location, members, Mobile, mobile apps, networking, Online, pages, peers, presentations, professionals, profiles, queries, repository, results, search, search engine, search filters, segments, SlideShare, social, Social Networking, Software, technology, users, videos, visitors, web, webinars

Passwords Continue As The Weakest Link

January 11, 2013 by admin
Filed under Computing

Comments Off on Passwords Continue As The Weakest Link

Passwords aren’t the only failure point in many recent widely publicized intrusions by hackers.

But passwords played a part in the perfect storm of users, service providers and technology failures that can result in epic network disasters. Password-based security mechanisms — which can be cracked, reset and socially engineered — no longer suffice in the era of cloud computing.

The problem is this: The more complex a password is, the harder it is to guess and the more secure it is. But the more complex a password is, the more likely it is to be written down or otherwise stored in an easily accessible location, and therefore the less secure it is. And the killer corollary: If a password is stolen, its relative simplicity or complexity becomes irrelevant.

Password security is the common cold of our technological age, a persistent problem that we can’t seem to solve. The technologies that promised to reduce our dependence on passwords — biometrics, smart cards, key fobs, tokens — have all thus far fallen short in terms of cost, reliability or other attributes. And yet, as ongoing news reports about password breaches show, password management is now more important than ever.

All of which makes password management a nightmare for IT shops. “IT faces competing interests,” says Forrester analyst Eve Maler. “They want to be compliant and secure, but they also want to be fast and expedient when it comes to synchronizing user accounts.”

Source…

Tags: accounts, analysis, analysts, antivirus, apps, biometrics, breaches, cloud computing, Computers, Computing, consultants, crimes, cybercrimes, cybercriminals, cybersecurity, data, desktops, downloads, Eve Maler, Forrester, Hackers, hardware, information, internet, IT, IT executives, IT shops, key fobs, laptops, location, machine-to-machine, machines, networks, Online, password management, Passwords, PC's, people, research, researchers, RSA, Security, servers, Single Sign On, smart cards, socially engineered, SSO, stolen passwords, Surveys, technological age, technology, tokens, two-factor authentication, unauthorized access, uploads, user accounts, user authentication, users, viruses, web

Google Acquires Zagat

September 16, 2011 by admin
Filed under Internet

Comments Off on Google Acquires Zagat

Google has purchased the prestigious restaurant ratings publisher, Zagat to boost its online maps and local business listings with trustworthy reviews and recommendations, which Web surfers increasingly seek and value.

“Zagat will be a cornerstone of our local offering — delighting people with their impressive array of reviews, ratings and insights, while enabling people everywhere to find extraordinary (and ordinary) experiences around the corner and around the world,” wrote Marissa Mayer, Google’s vice president of local, maps and location services, in a blog post.

Google acquired Zagat, which was founded in 1979, because of its brand, reputation and quality of its surveys and reviews, which it publishes in print guides and online. Terms of the deal were not disclosed.

Best known for its restaurant ratings, Zagat also surveys consumers about the quality of hotels, nightclubs and other leisure-themed businesses.

Tags: Angie's List, blogging, business listings, business owners, CitySearch, consumers, customers, displays, Google, hotels, insights, leisure-themed, links, local businesses, location, location services, negative posts, night clubs, Online, online maps, people, printed guides, publishers, quality, ratings, recommendations, restaurant reviewers, snippets, social media, Surveys, TripAdvisor, trustworthy reviews, web, websites, Zagat

Advantages of Using a Consultant

Information Security

Biggest Data Breaches

News

Connect With Us

Join Our Mailing List

Latest News

Request A Quote

Contact Us

Is The Tesla Hackable?

LinkedIn Beefs Up

Passwords Continue As The Weakest Link

Google Acquires Zagat