Group Actions
Engagement
  • Author Author: spannerspencer
  • Date Created: Date Created
  • Views 2276 views
  • Likes 1 like
  • Comments 17 comments
Related
Recommended

Computer Security Day - How to Secure Your Devices

spannerspencer

image

It's November 30th, which means it's A) Just under one month until New Year's Eve, and B) It's World Computer Security Day (CSD)!

 

You can find out a little more about the origins of the day itself over here, and tell us about your best practices when it comes to securing your digital life.

 

Beyond Computer Security

This is a long-lived awareness campaign already, but it's changing as fast as the computers it's based around.

 

CSD is a concept that increases in magnitude somewhere like the element14 Community. Here, we're interested in lots of different types of computers, microprocessors, systems and platforms; and most all of them involve some manner of digital security measures. A campaign that originally looked at encouraging people to change one, or maybe two passwords now involves something of an epic security endeavour for engineers, makers and tech-heads who are into all the available prototyping platforms out there now.

 

So is it also time to change the password on your Raspberry Pi root? Should your Internet of Things devices get a new login? Are there any concerns around your connected Arduino projects?

 

Updating a Windows password is easy, but updating a headless single board computer or homemade connected thermostat or wi-fi operated light fitting is something else entirely. Even those of us who take an active interest in these things might struggle to keep up to speed on every item we've built into a maker project.

 

So I'd like to encourage those of you in the know to pick a platform or process of your choice, and write a blog detailing how to change or update its passwords, logins or security features.

 

Tag it with "Computer Security Day" (and put a link to it in the comments here, if you like) and we'll compile all your cyber security instructions into a cyber security bible that will help keep our corner of the internet just a little bit safer. If we can enough blog posts together on the subject of cyber security, we could potentially edit these into an e-book that'll become a valuable reference for all of us.

 

 

Don't forget! Now that you've secured your digital self, come and tell us how you can make yourself and others safe and sound in the physical world, in our brand new Safe and Sound Design Challenge.

 

You could win a nice, safe quadcopter with which to "enhance" your neighbour's security and privacy!

Top Comments

Parents

  • All of my devices are reasonably secure because I always turn them off when I am done.

     

    It is difficult to hack a device that is physically not available for exploitation.

     

    DAB

  • in reply to DAB

    I kindly don't agree, DAB.

    A device is only safe when safety is part of the design.

     

    Your solution puts the burden on the user.

    A user can be anyone, skilled or not.

    It should be on the hardware+software providers, and on the sellers and designers.

    Security can't be off-loaded in my (very not humble) opinion....

  • in reply to Jan Cumps

    True, but I am lazy and it has worked for about 40 years of computer use.

     

    If you want true computer security, then it needs to be automatic and transparent to the user.

     

    The biggest weakness in the ENIGMA machine in WWII was operators not following procedures.

     

    To quote Henry Ford "It is impossible to make anything idiot proof, because idiots are too ingenious!"

     

    That sentiment holds true for security.  Only the people responsible can keep a secret.  Controlling access is the only way to limit unwanted disclosure.

     

    Most security breaks have always been inside jobs.

     

    DAB

  • in reply to DAB

    From memory it was Tunny (Lorenz ciphers) and not Enigma that was broken from an operator using an incorrect procedure.

    Apparently Terry Flowers was never reimbursed by the British Govt for the costs he personally incurred acquiring parts for Colossus.

  • in reply to COMPACT

    In the IoT world, the inventors teach you how to use the devices unsafe.

     

    Even if they have safety features built in.

     

    Challenge:show a supplier 'connected' example that's (reasonable) end-to-end safe from IoT device to the Internet.

    First approximately correct answer gets a non-connected, not-used development board delivered at home.

Comment
  • in reply to COMPACT

    In the IoT world, the inventors teach you how to use the devices unsafe.

     

    Even if they have safety features built in.

     

    Challenge:show a supplier 'connected' example that's (reasonable) end-to-end safe from IoT device to the Internet.

    First approximately correct answer gets a non-connected, not-used development board delivered at home.

Children