• Hacking the Human Body

    Posted over 4 years ago
    by rhalbheer}

    Years ago I was sitting in a healthcare event, when a researcher was talking (very excited) about the idea of having a pacemaker with Bluetooth access to fine-tune the system and read information from the sensors. Even though this might medically be a great idea, I would be fairly reluctant having such a thing in my chest…

    I fairly often at security events just switch on my mobile phone and look for discoverable Bluetooth devices – I always find an alarming number. Even though this is by itself no vulnerability, it would be interesting to see what happens if my mobile would ask me: “Do you want to connect with Joe’s pacemaker”? Scary idea…

    There is now a research going on about what happens if implantable technology gets infected with a computer virus. Interesting: First human 'infected with computer virus'

    Roger



  • Update on the Khobe “vulnerability”

    Posted over 4 years ago
    by rhalbheer}

    Just an update on my recent post  on The “KHOBE – 8.0 earthquake” – What’s behind it. In the meantime we worked with Matousec and confirmed that neither Microsoft Security Essentials nor Forefront Client Security are affected by this “vulnerability”.

    So, to me it is as I stated above: Make noise but for sure not on a “scientific” basis as then they would not only have mentioned the “vulnerable” products but the ones which were not exploited.

    Roger



  • Identity in the Cloud

    Posted over 4 years ago
    by rhalbheer}

    Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges:

    This is Kim's presentation:

    Get Microsoft Silverlight

    If you want his slides, here they are.

    And finally he was interviewed after the presentation. It gives you more insights into our thoughts around identity and identity federation:

    Get Microsoft Silverlight

    Remember, from my point of view, identity processes, management and federation are key ingredients for a successful cloud strategy

    Roger



  • How to Align Work Live and Private Live

    Posted over 4 years ago
    by rhalbheer}

    It is often talked about the “New World of Work” or sometimes it is about bringing virtual and physical organizations together – which is often called the Hybrid organization.

    The Hybrid organization has different aspects: People, Technology and Buildings. We are running different pilots in different offices like Amsterdam or Zurich to learn what we need and how people behave to make the employees as efficient and productive as possible while letting them align their work alive and their private live the way they need and want.

    If you heard me talking in the past, I said very often that there is for certain people already are working from wherever they want and whenever they want.

    We just published some documents talking about the Hybrid Organization – something which is reflecting the trend above. The next step we as a community should do is think about the implications of this organization on information security – a theme I love to talk about.

    Roger



  • Update on our Forefront Strategy

    Posted over 4 years ago
    by rhalbheer}

    As I was on vacation last week, I could not blog on that but still – if you do not have seen that, you should look into this blog post by the Froefront team. I hope it clarifies certain questions you might have: Update on Forefront security management

    Roger