The Naked Scientists

The Naked Scientists Forum

Author Topic: What can be a project idea for IT/Cyber Security?  (Read 1338 times)

Offline yashrajkakkad

  • First timers
  • *
  • Posts: 3
    • View Profile
I am supposed to participate in a science exhibition where I have to prepare a static/dynamic model on IT/Cyber Security. In other words, I have to find a gap in this industry, fill it and present it accordingly.

So what do you think can be a good idea for this exhibition?


 

Offline chris

  • Neilep Level Member
  • ******
  • Posts: 5337
  • Thanked: 65 times
  • The Naked Scientist
    • View Profile
    • The Naked Scientists
Re: What can be a project idea for IT/Cyber Security?
« Reply #1 on: 16/01/2016 14:37:13 »
We did a programme on Internet security recently. The threats owing to failure by the general public to alter pre-set security configurations - like leaving the default "user: admin password: admin" means that there most people are horribly exposed.

The Hack Attack show we made (linked to above) should be a fertile source of ideas for you.

Chris
 
The following users thanked this post: yashrajkakkad

Offline nicephotog

  • Sr. Member
  • ****
  • Posts: 387
  • Thanked: 7 times
  • H h H h H h H h H h
    • View Profile
    • Freeware Downloads
Re: What can be a project idea for IT/Cyber Security?
« Reply #2 on: 04/04/2016 02:28:40 »
How about Internal company networking(e.g. VPN's and Intranet) and "data integrity with self constructed certificates", "authorization and use process procedure" and "data check-summing".
 

Offline alancalverd

  • Global Moderator
  • Neilep Level Member
  • *****
  • Posts: 4698
  • Thanked: 153 times
  • life is too short to drink instant coffee
    • View Profile
Re: What can be a project idea for IT/Cyber Security?
« Reply #3 on: 04/04/2016 09:39:58 »
A fun project would be to assess the cost of pointless "security".

I spend a lot of time in clinics waiting for someone to find the password to their image processing computer so I can test the x-ray machines. This adds about 10% to the cost of my services. Who would  steal the x-rays of a dog's teeth?

Best so far was a dental school where I spent 4 hours drinking coffee (at the taxpayer's expense) before I could do 2 hours' work, and a private CT scanner that had been installed by an engineer who at that very moment was on a flight to India with the password....

It takes about 20 seconds to write a cheque. It takes more than 60 seconds to log in to an on-line bank account, they you have to faff about getting the payee's account number wrong.....

If you want to authorise and identify a user, what's wrong with a key? It works for houses and cars.

The other interesting aspect is one of legal liability. If someone does you harm via some form of "identity theft", it is clearly the responsibility of the bank or whatever to compensate you. The implicit contract is for the bank to act on your instructions and no others, so if they respond to a fraudulent instruction, it's their fault for failing to adequately identify the author - after all, it is their security system, not yours. But will the argument stand up in court?
 

Offline RD

  • Neilep Level Member
  • ******
  • Posts: 8124
  • Thanked: 53 times
    • View Profile
Re: What can be a project idea for IT/Cyber Security?
« Reply #4 on: 04/04/2016 18:08:29 »
If you want to authorise and identify a user, what's wrong with a key? It works for houses and cars.

Physical IT keys already exist ... https://en.wikipedia.org/wiki/Software_protection_dongle

Q. "what's wrong with a key?"
 A. It gets lost and you get locked-out.
« Last Edit: 04/04/2016 18:12:39 by RD »
 

Offline evan_au

  • Neilep Level Member
  • ******
  • Posts: 4096
  • Thanked: 244 times
    • View Profile
Re: What can be a project idea for IT/Cyber Security?
« Reply #5 on: 04/04/2016 23:19:09 »
What about a survey of internet-connected devices which can be purchased by the public? Things like:
- Smartphone
- Smartphone Aps
- Popular sites like Facebook, Twitter, eBay, etc
- Fitness Trackers
- Home security systems
- Security tools (McAffee, Symantec, etc)

Ask questions like:
- Do they have a Security or Privacy policy?
- Is the policy available to the public before they sign up?
- Is the policy comprehensible to the public?
- How many people click "Accept" without reading it? (I heard one survey where the average time to click "ACCEPT" was about 1 second!)
- Does it cover things like:
    + Who owns my data?
    + How well is it protected?
    + Who is it given to?
    + Is it anonymized in some way?
    + What happens if the company goes bankrupt?
    + How will I know if there is a data breach?


Maybe buy a fitness tracker, and see if you (as the owner) can get access to your own raw data.
 

The Naked Scientists Forum

Re: What can be a project idea for IT/Cyber Security?
« Reply #5 on: 04/04/2016 23:19:09 »

 

SMF 2.0.10 | SMF © 2015, Simple Machines
SMFAds for Free Forums