25
Apr
12

Infosec / Internet World 2012

chargebox

chargebox

I was up at Infosec on Tuesday. This is an Information Security exhibition at Earl’s court exhibition centre in London. The usual stuff. Hundreds of stands with steely eyed salesmen waiting for you to catch their eye so they can start reciting all the words they’ve memorised but do not understand. These days the stands all look pretty much the same as they have very few physical products to sell. Instead they sell “services”. They try to convince you that they’ve been doing this for years and the way they do this is to hire lots of attractive women to hand out leaflets and to dress al their salesmen in black polo shirts. Black, you see, means that they look look like hard core techy gurus….at least in the delusional minds of the sales and marketing staff who apparently run the event. This is the nub of the matter. While it’s true that information risk is evolving along with the systems and processes to control risk, in reality, in 2012 it’s a fairly mature cycle. ISACA were there promoting COBIT 5 and this has been developed so far now that it lists one area as “Ensure benefit delivery”. If we had time to audit that sort of thing then there would be no need for Infosec 2012.

Most of the presentations were packed and there were long queues to enter. I attended a few including quite good one on Spear Phishing. A Phishing attack is where an attacker sends an Email with an attachment or link which, when the user clicks on it, initiates a connection to The Internet and downloads malware to the target computer. These work because they fool a legitimate member of staff to initiate the attack and, as the user is already logged in, the attack bypasses many of the controls normally in place. Spear Phishing appears to mean a targeted phishing attack. This was of interest to me as I consider Phishing and Web Application Vulnerabilities to be high up there on the list of current threats.

Phishing attacks are hard to control as the code tends to be polymorphic but a company named PhishMe, Inc. had something quite clever. For a fee they will carry out a phishing attack on the staff at your company. However, if your user clicks on the attachment or the link then they will be presented with a warning and some training material on why they should be more cautious. The company collects statistics and the names of the people who are fooled. They claim that their service dramatically reduces the number of users who are fooled by phishing attacks.

One impressive innovation I saw was a tall orange stack of mini-safes named Charge Box each containing multiple mobile/smart phone charging connectors. The idea being that anyone low on juice could plug their phone in, close and lock the door, remove the key and wander around for a bit returning later to retrieve their freshly charged phone.

By lunch time the local pubs were heaving with besuited business types escaping Earl’s Court. I enjoyed a reasonable burger and pint in the Prince Of Tek on Earl’s Court Road.

At Earl’s Court 2 another exhibition was under way. This was Internet World and I found this to be more exciting. Less professional salesmen and more enthusiastic start ups, or so it appeared to me. A couple of companies selling their services to develop web apps, one with a starting price of less than a thousand pounds. Another company, named Mode360, were selling a contraption about the size of an old fashioned TV. This included a turntable, some lights and a Digital camera. The idea with this was that you plonk your product on the turntable and switch on. The machine then, rotated the product and photographed it through 360 degrees and the attached computer produces a file which can be embedded in a web page to allow your customers to rotate your product on line to get a better look at it. We’ve seen this with the way many mobile phones are sold online. The guy described this as a “money making machine”. He may have been right.

Buy Art Photography by Nigel Chaloner

Buy Art Photography by Nigel Chaloner

About these ads

3 Responses to “Infosec / Internet World 2012”


  1. April 25, 2012 at 9:25 pm

    A techie’s day in paradise.

  2. April 26, 2012 at 8:56 am

    You have captured the essence of the IT trade show. The clueless marketing bimbos are for the geeks, probably the only time attractive women ever talk to them.

  3. April 26, 2012 at 6:31 pm

    “For a fee they will carry out a phishing attack on the staff at your company” oh lol sure :D


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Enter email address to receive notifications of new posts.

Join 173 other followers

Images

Cups & Fan

Leicester Square

Richard Deacon

Cars

Köln Bonn

Brighton Beach

The Weald

Bricks

Charing Cross Road

Shaftsbury venue

More Photos

Jonesxxx on Twitter

April 2012
M T W T F S S
« Mar   May »
 1
2345678
9101112131415
16171819202122
23242526272829
30  

Follow

Get every new post delivered to your Inbox.

Join 173 other followers

%d bloggers like this: