Mike Levine, Master of Science in Information Assurance Faculty
One of the things that attracted me to the Information Assurance field many years ago was the constant and rapid development of different information technologies. In addition, the continual problems that we see about building security into systems rather than trying to identify, patch or otherwise remediate security flaws. In a number of your MSIA seminars you discuss and analyze Moore
Netbook Computers
There has been some great engineering work to develop small scale PC. For instance, the One Laptop per Child Project (see http://laptop.org/en/ for more details) has largely succeeded with its ambitious goal of manufacturing Internet connected, ultra small and very affordable computers to support education and technology in poor and developing countries around the world. Sales of these devices are continuing to skyrocket both in the USA
Potential Forensic Impacts
I am fortunate to have some research support to help investigate the challenges and opportunities that new devices and software systems present to cyber investigators. In particular, over the past year I have worked with some of my colleagues to research Netbook devices and propose some essential forensic challenges that these devices present. For instance, the use of solid-state drives, open source software, and the use of some proprietary software are serious forensics issues. You can read two of our recent via the following links:
http://www.springerlink.com/content/q22v651l17775433/
Another Couple of Serious and Fundamental Issues to Ponder
In addition to the forensic issues with Netbooks, we should also be practical and consider some other potential threats and risks that these devices might present in the future. One obvious threat is use in a DDoS attack; another is using it as a zombie computer by a Botnet. In my opinion, this is very likely because of the non-existent or limited security knowledgebase of the huge new user base that Netbooks have created which are mostly young children, or adults with minimal or no IA knowledge.
Perhaps, with a bit of professional skepticism that I always seem to have, for a few minutes to think about how these devices could be used as part of an information warfare attack. We should also not forget the more routine threats from malware distribution and other common IA issues. Finally, emerging technologies continue to include general IA risks, will we ever break this detrimental paradigm? I wish I could genuinely believe the answer to this question was yes, but I am realist so I just don’t think so.
Heading back to the forensics lab now, and I wish everyone continued success in the MSIA program. If you are interested in this research area, feel free to contact me at mlavine@jhu.edu or mike@homelandsc.com.
Last Week’s Quiz Question
What is the tallest man-made structure in Vermont? (By “structure” I mean something that you can enter, thus excluding things like radio and TV towers)
Answer: The Bennington Battle Monument, at 304 feet. See
Winner: Joanna D'Aquanni.
Joanna will receive an autographed copy of AC/DC's little known information security-themed album, "Dirty Deeds Stopped Dirt Cheap."
This Week’s Quiz Question
What was the building that houses the School of Graduate Studies used for before Norwich University bought it?
The winner receives an all expense paid trip for four to any ocean shore resort in Vermont.
Send your entries to jorlando@norwich.edu
No comments:
Post a Comment