This weeks (potential) major fail goes to Apple for the iPhone 3GS security. As reported by Wired and others, it seems the new 3GS encryption touted by Apple in their “iPhone Security Overview” isn’t so secure after all.
The offical description of the new feature sounds pretty good:
iPhone 3GS offers hardware-based encryption. iPhone 3GS hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.
Following on from my recent posts regarding fines and the cost of data leakage (TJX and Cornell), I thought I’d also bring to your attention the latest initiated by the FSA (Financial Services Authority of UK) against HSBC – On 22nd July A tidy penalty of £4,550,000 ($7.5m) for two failures to protect personal information. HSBC will get a nice 30% discount on this for early payment, leaving them with a bill for £3,185,000 ($5.26m) plus their own internal costs.
I came across this excellent article while looking for something different. Dr O’Connor succinctly sums up the idea of impossible, and more impossible when talking about the relative key lengths of encryption algorithms.
Reputational risk is something that everyone understands, particularly businesses who regard their brand as one of their most critical assets. There is considerable trust in the security of AES-256, both in the public and commercial sectors. Reputational risk to AES-256 has a very high impact, and we therefore hope, a very low likelihood of occurrence.
I just uploaded a page explaining some of the finer details of the language and keyboard routines in the McAfee Endpoint Encryption for PCs and SafeBoot Device Encryption for PC’s (v5) products. I hope it helps some people iron out some implementation questions.
I was flying this week between offices, and being travel-bored and a nosy so-and-so I zeroed in on an extremely loud conversation taking place between a fellow traveler and what must had been his Bangalore helpdesk.
A typical situation, middle aged gent in a sports jacket and slacks, reasonable shoes though needing cleaning, expensive watch etc. Blackberry glued to the side of his face, Glass of airport Merlot on the table. Read more…
I find it hard to add further comment to Guy Kawasaki’s presentation at Cisco Live. He sums up the difference between delivering a product to market, and delivering the product. For those who don’t know of Guy, he’s an ex Apple fellow, and an author of books such as The Macintosh Way and How to Drive Your Competition Crazy. You can find his Blog online where he comments widely on Apple, social media, energy and all kinds of interesting things. He’s now involved in matchmaking entrepreneurs and angel investors, and public speaking. For Guy, innovation means deep, intelligent, complete and elegant (DICE).
The take away I want to highlight is his message that you have anticipated what people need before they known they need it. Something that in my opinion is best served by gut feeling, industry experience and deep thought – not by asking an analyst what you should do.
To be truly great, and to be truly innivotive, you need to take some chances and push the envelope..
What makes innovation? First quality of innovation is that the product is deep, lots of features, does lots of stuff. You have anticipated what people need before they know they need it. They will not run out of power. Great products, great services are deep. Read more…
By now you’d have to be living in a cave not to have heard the press from Google re their new Chrome OS. First mentioned by Sundar Pichai on the GoogleBlog, news has been spreading like wildfire with even sites like BBC News picking up the story.
Why is this so important? Well, it’s one of those rare occasions when someone releases or announces something which could really change the way we use computers, and of course it’s also something that could really compete with Microsoft. Whether you accept Chrome OS will be a completely new OS, or whether you’re one who believes that Chrome OS is just going to be a user friendly redistribution of a *nix platform with a cool UI and application load, it’s still very interesting news. Read more…