Friday, July 4, 2014

The 42 Year Old Vulnerability

Two Deaths and Priceless Damage

In 1933, the Castlewood Canyon Dam burst, causing a massive flood. Flood waters rushed from the dam 40 miles north to Denver, Colorado; an event that, according to the dam's chief engineer, could never happen. 

The video blog below describes the events that occurred in 1933 from the actual dam site in Franktown, Colorado. By looking back at the causes of this disaster, an eerie parallel is drawn to recent events that have unfolded during the disclosure and discussions surrounding the LZ4 security flaw.

The "Everything" in The Internet of Everything Includes The Risks

As the Internet of Things becomes more prominent, libraries such as LZ4 must be scrutinized for flaws with security impact. If we as engineers and analysts allow ourselves to ignore these risks because of a desire to "save face", we aren't just risking our own projects, we are potentially risking the lives and privacy of our users.

Like the Castlewood Canyon Dam failure, this is not an acceptable risk for us to take as a community. 

For more information on the flood, please visit the following historical document [pdf].

If you can't view the embedded video, please click here.

No comments:

Post a Comment