Security: Are you looking at the right risks?

Millions (billions?) of dollars, hours of time, and degredations of privacy and dignity all go into trying to reduce the chance of someone being able to sneak a Toothpaste Bomb (over 3oz!) onto a plane.

Meanwhile…

An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today….

One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers… The other one is the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between aircrafts and air traffic controllers… Both of these technologies are massively insecure and are susceptible to a number of passive and active attacks.

http://net-security.org/secworld.php?id=14733

You are only as secure as your weakest point. Are your security efforts focused on the weakest points and highest risks?

(Of course, in the library world, being focused on any security risks would, sadly, typically be a step forward).

About these ads
This entry was posted in General. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s