1. IT-Security >
  2. Cyber Security Nachrichten >
  3. Bruce Schneier on 5G Security

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Bruce Schneier on 5G Security


IT Security Nachrichten vom | Direktlink: mobile.slashdot.org Nachrichten Bewertung

Bruce Schneier comments on the issues surrounding 5G security: [...] Keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. Neither is banning Chinese microchips, software, or programmers. Security vulnerabilities in the standards, the protocols and software for 5G, ensure that vulnerabilities will remain, regardless of who provides the hardware and software. These insecurities are a result of market forces that prioritize costs over security and of governments, including the United States, that want to preserve the option of surveillance in 5G networks. If the United States is serious about tackling the national security threats related to an insecure 5G network, it needs to rethink the extent to which it values corporate profits and government espionage over security. To be sure, there are significant security improvements in 5G over 4G in encryption, authentication, integrity protection, privacy, and network availability. But the enhancements aren't enough. The 5G security problems are threefold. First, the standards are simply too complex to implement securely. This is true for all software, but the 5G protocols offer particular difficulties. Because of how it is designed, the system blurs the wireless portion of the network connecting phones with base stations and the core portion that routes data around the world. Additionally, much of the network is virtualized, meaning that it will rely on software running on dynamically configurable hardware. This design dramatically increases the points vulnerable to attack, as does the expected massive increase in both things connected to the network and the data flying about it. Second, there's so much backward compatibility built into the 5G network that older vulnerabilities remain. 5G is an evolution of the decade-old 4G network, and most networks will mix generations. Without the ability to do a clean break from 4G to 5G, it will simply be impossible to improve security in some areas. Attackers may be able to force 5G systems to use more vulnerable 4G protocols, for example, and 5G networks will inherit many existing problems. Third, the 5G standards committees missed many opportunities to improve security. Many of the new security features in 5G are optional, and network operators can choose not to implement them. The same happened with 4G; operators even ignored security features defined as mandatory in the standard because implementing them was expensive. But even worse, for 5G, development, performance, cost, and time to market were all prioritized over security, which was treated as an afterthought.

Read more of this story at Slashdot.

...
https://mobile.slashdot.org/story/20/01/16/1514231/bruce-schneier-on-5g-security?utm_source=rss1.0mainlinkanon&utm_medium=feed

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

We Must Slow Innovation in Internet-Connected Things, Says Bruce Schneier

vom 206.92 Punkte ic_school_black_18dp
Bruce Schneier argues that governments must step in now to force companies developing connected gadgets to make security a priority rather than an afterthought. Schneier made these arguments in his new book titled, Click Here to Kill Everybody which is

Bruce Schneier: It's Time For Technologists To Become Lawmakers

vom 182.44 Punkte ic_school_black_18dp
Bruce Schneier, a well-known security guru, this week called on technologists to become lawmakers and policy makers so countries can deal with issues such as the governance of artificial intelligence and cybersecurity. From a report: "The future is coming,"

Bruce Schneier Calls for IoT Legislation, Argues The Internet Is Becoming One Giant Robot

vom 157.53 Punkte ic_school_black_18dp
"We're building a world-size robot, and we don't even realize it," security expert Bruce Schneier warned the Open Source Leadership Summit. As mobile computing and always-on devices combine with the various network-connected sensors, actuators, and cloud-based

Nobody's Cellphone Is Really That Secure, Bruce Schneier Reminds

vom 153.95 Punkte ic_school_black_18dp
Earlier this week, The New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cellphone and using the information gleaned to better influence his behavior. This should surprise no one, writes

Bruce Schneier on 5G Security

vom 152.93 Punkte ic_school_black_18dp
Bruce Schneier comments on the issues surrounding 5G security: [...] Keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. Neither is banning Chinese microchips, software, or programmers. Security vulnerabilities

Someone Is Learning How To Take Down the Internet, Warns Bruce Schneier

vom 151.6 Punkte ic_school_black_18dp
Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier. He adds that these attacks are of much larger scale -- including the duration -- than

Someone Is Learning How To Take Down the Internet, Warns Bruce Schneier

vom 151.6 Punkte ic_school_black_18dp
Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier. He adds that these attacks are of much larger scale -- including the duration -- than

USN-3415-1: tcpdump vulnerabilities

vom 145.33 Punkte ic_school_black_18dp
Ubuntu Security Notice USN-3415-1 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixe

USN-3415-2: tcpdump vulnerabilities

vom 145.33 Punkte ic_school_black_18dp
Ubuntu Security Notice USN-3415-2 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in tcpdump Software description tcpdump

Bruce Schneier: Our Election Systems Must Be Secured If We Want To Stop Foreign Hackers

vom 141.93 Punkte ic_school_black_18dp
Okian Warrior writes: Bruce Schneier notes that state actors are hacking our political system computers, intending to influence the results. For example, U.S. intelligence agencies have concluded that Russia was behind the release of DNC emails before

Bruce Schneier: Our Election Systems Must Be Secured If We Want To Stop Foreign Hackers

vom 141.93 Punkte ic_school_black_18dp
Okian Warrior writes: Bruce Schneier notes that state actors are hacking our political system computers, intending to influence the results. For example, U.S. intelligence agencies have concluded that Russia was behind the release of DNC emails before

Bruce Schneier: We Need To Save the Internet From the Internet of Things

vom 139.57 Punkte ic_school_black_18dp
Bruce Schneier, writing for Motherboard:What was new about the Krebs attack was both the massive scale and the particular devices the attackers recruited. Instead of using traditional computers for their botnet, they used CCTV cameras, digital video recorders,

Team Security Diskussion über Bruce Schneier on 5G Security