Will The Real McCoy Please Stand Up?
via CEPro's Julie Jacobson, comes the tale of one company, with two long tails... With published plans for only one, that is. Vizio, the well known television manfuacturer seen so often in membership wholesale club stores, is going public, and divulging the true nature of it's business, originally founded in 2002. in Irvine, California.
However, in the documents germaine to that IPO, is a secret, and not one well kept, I might add. In this case, the real business of the company is not, in reality, TV sets, speakers, soundbars and the like, but data mining of it's customer's behaviors through those purchased systems.
'Vizio isn’t really luring investors with promises of really good TVs. That prospect is buried in its plans to deliver customer data, monitoring tools and e-commerce platforms to advertisers and online resellers. The core mission, as stated in Vizio’s filing, reads, “VIZIO’s mission is to deliver the ultimate entertainment experience through our community of connected consumers, advertisers and media content providers.”' - via CEPro's Julie Jacobson
Sunday Security Maxim
Throw the Bums Out Maxim: An organization that fires high-level security managers when there is a major security incident, or severely disciplines or fires low-level security personnel when there is a minor incident, will never have good security. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
That’s Why They Pay Us the Big Bucks Maxim: Security is nigh near impossible. It’s extremely difficult to stop a determined adversary. Often the best you can do is discourage him, and maybe minimize the consequences when he does attack. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Cringely on Outsourcing →
And, the dire security implication thereof... Today's Must Read.
Blunted →
Count another automaker in as a Charter Member of the Automobile Application Security SNAFU Club. Unfortunately, there is no AAA Roadside Assistance... Just the nearly ubuiquitous OTA (of which, in this case, is reportedly part of the problem as implemented by the automakers...).
Risk →
via Robert Graham's well-crafted Errata Security blog, comes this insightful piece on a fundamental lack of expertise in the Information Security racket.
To wit, the inability of information security professionals to quantify risk successfully, and communicate the results to the apropos stakeholders - an activity crucial to providing the fodder necessary to formulate decisions regarding risk avoidance, transfer, mitigation, or acceptance. Something insurance companies have been accomplishing regularly (with a certain level of acceptable success) for centuries....
Kamkars' OnStar →
And the slew of vehicle flaws just keep coming... Witness Samy Kamkar's superb research targeting the General Motors Corporation (NYSE: GM) OnStar product as the vector in to a relatively unexplored country. Watch the video, and I'm sure you will arrive at a similar comclusion...
Photo of Samy Kamkar Attrribution: "Samy Kamkar" by Vissago / Dan Tentler - http://www.flickr.com/photos/vissago/4861025347/. Licensed under CC BY 2.0 via Wikimedia Commons - https://commons.wikimedia.org*
La Mort de la vie Privée →
Marc Arment sums-it-up, succintly.
Sunday Security Maxim
You Could’ve Knocked Me Over with a Feather Maxim 2: Having been amazed once, security managers, manufacturers, vendors, and end users will be equally amazed the next time around. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
You Could’ve Knocked Me Over with a Feather Maxim 1: Security managers, manufacturers, vendors, and end users will always be amazed at how easily their security products or programs can be defeated. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory