iMyFone LockWiper

iMyFone LockWiper

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Dolby Access

Dolby Access

Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK

IT News

Feb 19
Creating an immutable ledger to track metadata associated with published content shows promise as a method for identifying authentic news.
Feb 18
IT admins who signed up for Windows 7 post-retirement support found out there's a new prerequisite that has to be installed before they can download patches they've already paid for.
Feb 17
Command-line interface to the code hosting platform can be used for issues and pull requests
Feb 15
Employers that rely on foreign national talent face new electronic filing system and modified registration timeline for FY 2021 filing period.
Feb 14
Arista confirmed what had been rumored for the past few weeks, that it has acquired software-defined networking/cloud software vendor Big Switch Networks for an undisclosed amount.
Feb 14
The flaws could let a hacker alter, stop or expose how a person has voted.
Feb 14
Firefox 73 is a minor update that highlights Mozilla's decision to speed up the browser's release schedule.

Categories

Who should lead the push for IoT security?

The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?

Both the makers of IoT devices and governments are aware of the security issues, but so far they haven't come up with standardized ways to address them.

"The challenge of this market is that it's moving so fast that no regulation is going to be able to keep pace with the devices that are being connected," said Forrester vice president and research director Merritt Maxim. "Regulations that are definitive are easy to enforce and helpful, but they'll quickly become outdated."

The latest such effort by a governmental body is a proposed regulation in the U.K. that would impose three major mandates on IoT device manufacturers that would address key security concerns:

This proposal is patterned after a California law that took effect last month. Both sets of rules would likely have a global impact on the manufacture of IoT devices, even though they're being imposed on limited jurisdictions. That's because it's expensive for device makers to create separate versions of their products.

IoT-specific regulations aren't the only ones that can have an impact on the marketplace. Depending on the type of information a given device handles, it could be subject to the growing list of data-privacy laws being implemented around the world, most notably Europe's General Data Protection Regulation, as well as industry-specific regulations in the U.S. and elsewhere.

The U.S. Food and Drug Administration, noted Maxim, has been particularly active in trying to address device-security flaws. For example, last year it issued security warnings about 11 vulnerabilities that could compromise medical IoT devices that had been discovered by IoT security vendor Armis. In other cases it issued fines against healthcare providers.

But there's a broader issue with devising definitive regulation for IoT devices in general, as opposed to prescriptive ones that simply urge manufacturers to adopt best practices, he said.

Particular companies might have integrated security frameworks covering their vertically integrated products - such as an industrial IoT company providing security across factory floor sensors - but that kind of security is incomplete in the multi-vendor world of IoT.

Perhaps the closest thing to a general IoT-security standard is currently being worked on by Underwriters Laboratories (UL), the security-testing non-profit best known for its century-old certification program for electrical equipment. UL's IoT Security Rating Program offers a five-tier system for ranking the security of connected devices - bronze, silver, gold, platinum and diamond.

Bronze certification means that the device has addressed the most glaring security flaws, similar to those outlined in the recent U.K. and California legislations. The higher ratings include capabilities like ongoing security maintenance, improved access control and known threat testing.

While government regulation and voluntary industry improvements can help keep future IoT systems safe, neither addresses two key issues in the IoT security puzzle - the millions of insecure devices that have already been deployed, and user apathy around making their systems as safe as possible, according to Maxim.

"Requiring a non-default passwords is good, but that doesn't stop users from setting insecure passwords," he warned. "The challenge is, do customers care? Are they willing to pay extra for products with that certification?"

This story, "Who should lead the push for IoT security?" was originally published by Network World.