One of the dangers of pointing anything out about the security, or lack of security, with a product or service is the chance that someone will not like what you say and come after you. This is what is happening with Chris Vickery. If you do not know who Vickery is we can give you some background. Vickery is a security researcher that has been focusing on systems and services that cater to kids and parents. He has uncovered some rather unsettling information about a number of products that leak information about kids. The revelations are very disturbing to say the least.
The push into the cloud has been a concerning one as has to the glut of devices, games, services and other that rely on the cloud to exist. One of our main areas of concern is with the storage of user information. We know that most companies are going to spend the least amount of time and money to secure the information they collect. The bean counters seem to feel that the risk of losing your data is small enough to justify leaving things as they are and if there is a breach, well that is what insurance is for.
You know that awkward moment when your security company actually fails and ends up exposing your data? Well that is happening for a, less than loved, Mac application called MacKeeper. It seems that they forgot all about data management and security. Now, that being said MacKeeper and the developer, Kromtech Alliance, are not know as a wonderful application in the Mac world. For the most part they are known as something to be avoided, but that does not mean that people have not bought and installed their software.
In Mid-2011 it was revealed that many Supervisory Control and Data Acquisition (SCADA) devices were visible on the internet with a simple Google search. What was even more terrifying was that many of these devices still had the default username and password set and were visible in the search results. In 2009 someone with the same idea developed a search engine that was able to find connected devices as a service making it easier to find them and… exploit them. In January of 2012 a security flaw was found in the way that many (if not all) connected IP cameras operated. The flaw was originally found in a TRENDNet’s IP camera (a discontinued one) and it was a serious one.