Gartner Blog Network

Posts from Date:   2011-3

RSA SecurID: What If?

by Mark Diodati  |  March 22, 2011

While we wait for more information from RSA about the recent attack on its SecurID tokens, I’d like to revisit a potential attack vector that I discussed in my first blog entry on the topic (March 18). The OTP device’s seed and the serial number are present during the manufacturing process. What if the OTP […]

Read more »

SecurID Redux

by Mark Diodati  |  March 21, 2011

After writing about the recent SecurID attack on Friday, I began thinking about the utility of the SecurID symmetric keys (AKA “seeds”) in the hands of the attacker. Specifically, what would the attacker need in order to leverage these seeds to access protected resources? I must emphasize that RSA has (at this point) not stated […]

Read more »

Just What Happened to SecurID?

by Mark Diodati  |  March 18, 2011

As I write this, RSA has announced it experienced an attack on its RSA SecurID one-time password (OTP) products. You can see Art Coviello’s letter to RSA’s customers here. The letter is very light on the nature of the attacks and what was stolen. In the interest of full disclosure, I worked at RSA for […]

Read more »

UNIX Security and the New sudo

by Mark Diodati  |  March 4, 2011

One of the research topics that I am responsible for is UNIX1 security. Very early in my career, I grew to love awk, sed, and the Korn shell. While working out, I listen to Korn, too (That Korn/Korn coincidence never gets old for my sys admin buddies – these pictures are hanging in many enterprise […]

Read more »