In this podcast, the Radio Free HPC team is joined by Glenn Heinle to review the highlights of the Hot Chips conference.
Since it started in 1989, HOT CHIPS has been known as one of the semiconductor industry’s leading conferences on high-performance microprocessors and related integrated circuits. The conference is held once a year in August in the center of the world’s capital of electronics activity, Silicon Valley.
Highlights:
Henry Newman’s Feel-Good Security Corner
“Turn off your Bluetooth”, says Henry as he talks about the now-famous KNOB vulnerability, which is obviously serious enough to have its own web site! Shahin points out how the equivalent of VPN for Bluetooth and other protocols are out there and references the company he works with, Afero, who has developed this and is thus not affected.
KNOB Attack Weakens Bluetooth Encryption
It turns out Bluetooth might have more in common with doors than we thought. Researchers disclosed a new attack they called Key Negotiation of Bluetooth (KNOB) that affects every device released before 2018 (and potentially some released after) because of an issue with the Bluetooth protocol itself. This attack can be used to make it easier to brute-force the encryption keys used by the devices.
Catch of the Week
Glenn talks about a 1-inch (cubed) full Linux computer:
This Linux computer plus router is the size of a ring box
If there’s one thing that stayed consistent through the last decade or so of tech industry turmoil, it’s the love affair between techies and Linux. There’s just a ton you can do with the OS, and its open-source format means you can customize your rig from the ground up.
Bluetooth is not enough! Henry asks us to cancel our credit card too if we have shopped at Hy-Vee:
Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards
On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.
Shahin puts in a plug for a meetup group he has formed called Enterprise IoT.
Sharing insights about the challenges and successes in Enterprise IoT
We will discuss all aspects of building and scaling commercial IoT products. Topics include building a business case, assessing end-user benefits, selecting connectivity hardware, software development for embedded-mobile-cloud including multi-product mobile apps, security, privacy, cloud back-end, analytics and AI, remote control, commerce, governance, the relevance of cryptocurrencies, etc.
Anyone with a serious interest in IoT or engaged in planning or launching IoT projects should consider attending.