as unsmart as possilbe

wikipedia does not have an article with this exact name

if wikipedia don’t know it, is it worth to think about it? is the opposite of smart just “not smart”?

digitalisation

is the driver to be more and more effective

read more: artificial intelligence

where are running to

smart manufacturing, smart power, internet of things, smart home, blockchain, internet of humans?

we optimize everyday – new tools to improve, new technique to handle, new security to protect, new data to analyse

pause

isn’t it smart to be sometimes uneffective – dumb phone @telegraph

we move forward in an extraordinarily rapid pace, time to step back and check what’s important – more work life balance, more offline

wifi security today and attack vectors

because of current occasion …

… inside a wifi you could find your ip in android 8 settings > about > status, use unsecured services like sonos, scan for other clients, check open ports, bruteforce backend services (router, firewall)

open wifi – in 2018 none should access untrusted unsecured wireless networks anymore

wpa encryption – works with “handshake” to ensure trust between devices – wpa2 added advanced encryption standart (aes) – wpa2 is vulnerable: key reinstallation attacks – wi-fi alliance announced wpa3 with additional security features

public wifi – when accessing a wifi while shopping, your devices are redirected to a captive portal to accept policies and establish a secure connection

vpn – apps like nordvpn esablish secure connection to add another layer of security, browse incognito through the internet

business – could use radius protocol to check validity of authentification – further enroll client certificate via mdm to authenticate via 802.1x – aruba clearpass can check devices status in mdm to ensure security and trust at the entire cycle

rouge access – attacker can fake access points to start a man in the middle (mitm) attack, intercept your private data, for example this pineapple nano

hashcat – new technique allow to get all the information they need to brute force decrypt a Wi-Fi password, by snooping on a single data packet going over the air

ssl srip – a method to redirect traffic from https to http to force unencrypted transport – every passcode is unprotected, even it is shown as secure

mobile devices management – is a way to protect company devices, e.g. disallow profile installation – but in a byod or mam-only scenario you can’t disable all features

mobile thread defense – mtd is for private and business devices, check behaviour and use ai to protect – like lookout as cloud service and additionally on device like zimperium, partners with mobileiron

tech trends 2018

researcher advise cio, company’s and even goverment’s regarding the future of information technology, gartner, forrester or idc are some of those – you don’t have to adopt one-on-one, but at least it give quick insight about the possiblitiy’s

Continue reading “tech trends 2018” →