Global smartphone sales have finally eclipsed PC sales for the first time in history, and that’s without counting the millions of non-phone devices like tablets that tend to share the operating systems and functionality of their phone-based brethren. Based on these numbers, it is disappointing to see the state of security in devices that have taken the world by storm. Design decisions, policies, and various stakeholders have resulted in a fairly hostile device ecosystem in which, for example, users can be easily fooled into installing malware on their phones.
It is a common belief that a prolonged, nation-wide outage of communications networks would hit developed countries harder than developing countries. A study made by Scott Dynes et al. in 2006 has estimated losses for three segments of US economy if communications networks go down (see “Costs to the U.S. Economy of Information Infrastructure Failures: Estimates from Field Studies and Economic Data”, 2006 for details). The study highlighted three important areas of potential impact: electric, automobile, and oil refining. In a case of an outage affecting the first two segments, the study looked at losses if the Internet goes down. The study found that oil refining is not as dependent on the Internet, so the losses were estimated if their SCADA systems would become unavailable. Total losses for these three segments of US economy are estimated to be in a range of US $500 million for a 10-day outage.
It has been said that mobile is recapitulating the development of the desktop PC. We are seeing the same blossoming of hardware, the same evolution of software, and the same growth in overall user experience and capabilities. Of course with greater complexity comes the mathematical likelihood of a greater number of bugs and vulnerabilities. Read More »
In the previous installment of our series of IPv6 posts, we covered some common myths regarding IPv6. In this post, we’ll talk about how the role of ICMP has changed in IPv6 compared to IPv4.
In IPv4, ICMP provides error reporting, flow control and first-hop gateway redirection. This functionality, which is also available in IPv6, is usually not essential to the operation of your network. With IPv6, however, ICMP has gained a much more significant and essential role because of new functionality that is now performed through ICMP. Fragmentation, Neighbor Discovery, and StateLess Address AutoConfiguration (SLAAC) represent essential functionality which is now performed using ICMP messages. Furthermore, many ICMP messages are designed to be sent to multicast addresses instead of only unicast addresses. Therefore, ICMP in IPv6 gains a whole new importance along with a new set of security concerns.
RSA 2011 was a big show for Cisco. We had a 30x30 booth with an in-booth theater, eight demo pods, speakers on several panels, and a keynote. Including speakers, the install and dismantle crew, and all of the booth staffers, we had a crew of around 100 people at the show. Demos included firewalls, virtualization, mobility, web, and security services. With the passing of Cisco Security Monitoring, Analysis, and Response System (MARS), a partner’s SIEM ecosystem display was of note, as were demonstrations of Cisco TrustSec, intrusion prevention, and Cisco Virtualization Experience Infrastructure (VXI). We also demonstrated Cisco AnyConnect running on an iPad, illustrating how Cisco can meet the needs of organizations grappling with the demands of the consumerization of IT and the security concerns that employee liable devices bring.