Thursday, September 25, 2014

Day Zero

http://money.cnn.com/2014/09/24/technology/security/bash-bug/index.html. An exploit found in the bash shell of Unix-like systems. The linked Red Hat site listed this bash bug as urgent, claiming that unauthorized users can use this exploit to inject bash commands. This leads to a conversation on security. There will always be security issues in devices, and as more appliances are controlled through the internet, there will be more opportunities to attack. How do we keep everything secure? Is it enough to just set everything to automatically update whenever patches are available? Do these appliances need a system complicated enough to run bash shells? (more complicated means more possible exploits.)
Posted by at

6 comments:

  1. UnknownSeptember 25, 2014 at 10:32 PM

    I still think security as we know it will be gone in a few years. I just wish I knew how to help it along.

    That said, I know that a lot of these smart appliances don't use bash, but I'm curious as to whether or not a standard /bin/sh shell is affected. I would guess not.

    ReplyDelete
  2. UnomeOctober 2, 2014 at 5:23 PM

    Very interesting topic. I wonder what the "refrigerator hackers" of the future will do. Hopefully they don't turn my freezer off remotely and melt all my frozen meals.

    -This is Michael Patterson

    ReplyDelete
  3. UnknownOctober 17, 2014 at 9:48 AM

    It is hard to say where security will go in the next few years. Sometimes it just feels like its just trying to plug up all the holes that people find and not taking an active pursuit of finding the holes themselves.

    ReplyDelete
  4. AnonymousOctober 19, 2014 at 12:57 PM

    I think the real question is if the exploits that exists will always be found and used. I would venture to guess there is almost always holes in the system. What the world really needs is trust.

    ReplyDelete
  5. UnknownOctober 19, 2014 at 9:54 PM

    Like you propose, I think automatic updating is the solution. Chrome is a secure browser, not because it has never had bugs, but because updates are released so quickly. IE 6 on the other hand was released in 2001, and still isn't quite dead yet.

    ReplyDelete
  6. AnonymousNovember 1, 2014 at 7:42 PM

    This makes me wonder how many more bugs there are and how long it would take to discover them. It also makes me wonder, how do you make sure that the software you buy or use is safe? Microsoft ships their software with a percent of known bugs... and I'm guessing most other companies do too.

    ReplyDelete

Subscribe to: Post Comments (Atom)