Great tools from Google ensure websites look great on mobile / tablets

Checking your website looks good on mobile is now very easy thanks to a range of automated tools. Google have a fantastic collection available, here. Including a great page checker service where you can type in a URL and get it checked for mobile-friendliness as well as components that fail to load. You’ll get a report of problems and an overall summary of whether your site is mobile friendly.…

IoT Lifecycle attacks – lessons learned from Flash in VDI/Cloud

There are lots of parallels between cloud/vdi deployments and “the Internet of Things (IoT)”, basically they both involve connecting an end-point to a network.

One of the pain points in VDI for many years has been Flash Redirection. Flash is a product that it’s makers Adobe seem to have been effectively de-investing in for years. With redirection there is both server and client software. Adobe dropped development for Linux clients many years ago, then surprisingly resurrected it late last year (presumably after customer pressure). Adobe have since said they will kill the Flash player on all platforms in 2020.

Flash was plagued by security issues and compatibility issues (client versions that wouldn’t work with certain server versions). In a cloud/VDI environment the end-points and cloud/data center are often maintained by different teams or even companies. This is exactly the same challenge that the internet of things faces. A user’s smart lightbulb/washing machine is bought with a certain version of firmware, OEM software etc. and how it is maintained is a challenge.…

Android Rooting and IoS Jailbreaking – lessons learned for IoT Security

Many security experts regard Android as the wild west of IT. An OS based on Linux developed by Google primarily for the mobile devices but now becoming key to many end points associated with IoT, Automotive, Televisions etc. With over 80% of smartphones running Android and most of the rest using Apple’s iOS, Android is well established and security is a big concern.

 

Imagine you are a big bank and you want 20000 employees to be able to access your secure network from their own phones (BYOD, Bring Your Own Device) or you want to offer your millions of customers your bank’s branded payment application on their own phone. How do you do it?…