Operations

6/5/2016
08:00 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

How Risky Is Bleeding Edge Tech?

Experts with the Carnegie Mellon University Software Engineering Institute rate 10 up-and-coming technologies for risk.
Previous
1 of 11
Next

Image Source: Adobe Stock

Image Source: Adobe Stock

Most seasoned information security experts know that when a new technology starts taking off like wildfire, chances are pretty good that someone's going to get burned. The curve of innovation for decades has generally traversed a path where engineers think of features, bells and whistles first, security last.

As a new crop of exciting technology like smart medical devices, drones and driverless cars jockeys for position in the mainstream, the question is how much risk they'll bring to the table. A panel of experts with the Carnegie Mellon University Software Engineering Institute recently took a look at some of the hottest tech making its way to the forefront to answer this very question. Here are some of the highlights from the report, 2016 Emerging Technology Domains Risk Survey.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
6/6/2016 | 7:45:38 AM
VR
When it came to choosing which VR headset I would buy earlier this year, I went over and over in my head with all the different pros and cons.

While the Vive seemed like the Superior headset, I was worried about HTC's potential financial difficulties. 

Admittedly in the end I got both and will now sell my Rift on, but I do still wonder how quickly VR is going to catch on. I think it might take a couple of years, at which point the Vive will be oudated, but by then hopefully we'll be looking at second generation devices.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Now, we come here to play Paw-ke Man Go!"
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
CVE-2018-18908
PUBLISHED: 2019-01-20
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requ...
CVE-2019-6496
PUBLISHED: 2019-01-20
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of...
CVE-2019-3773
PUBLISHED: 2019-01-18
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CVE-2019-3774
PUBLISHED: 2019-01-18
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.