![]() ![]() Control streaming session ID appended to encryption URLs in chunklist responses.Test AES encryption for Apple HLS streams.Secure Apple HLS with AES-128 external encryption.Packetize Apple HLS audio using TS chunks.Create keyframe (I-frame) only playlists for Apple HLS streams.Turn off the Alternate Track button in Apple iOS devices.Debug AAC or MP3 timecode issues with Apple HLS packetization.Use alternative audio or video tracks with Apple HLS streams.Add custom playlist headers to Apple HLS manifests.Change the EXT-X-VERSION for HLS streaming.Secure HLS streaming using DRM encryption.Create Apple App Store compliant streams (audio only rendition).Improve playback of lower-latency Apple HLS streams.Get HTTP and RTP performance statistics.Integrate user authentication with external systems.Publish securely from an RTMP encoder that does not support authentication.Take timed thumbnail snapshots of a transcoded stream.Disconnect clients after a specified time period.Resolve edge server stream requests to origin servers.Upload recorded media to an Amazon S3 bucket.Control access to your application by checking referer domain.Control which streams get packetized for HTTP streaming.Store SMIL files and VOD assets in different locations.Access content locally before trying a remote source.Loop a pre-roll until a live stream starts.Limit the number of viewers of a stream.Control Stream class streams dynamically.Control which streams get recorded by the nDVR recorder.Duplicate streams to another application instance.Filter audio-only rendition in Apple HLS auto-generated multi-bitrate playlist.Mix audio and video from different live sources.Send connection and stream statistics to Google Analytics.Validate Akamai server connections with Akamai G2O authorization.Add an audio track to a video-only stream. ![]() That someone else has your data does not remove your accountability for it it just changes (and expands) the footprint which needs to be considered within a security strategy. It will be very interesting to see how the ICO respond.Ī final point which this incident highlights is, again, the importance of 3rd party security however good a company’s security is, vulnerabilities within suppliers and vendors remain highly significant. 532,000 records is not the biggest of leaks but that will be of no comfort to those individuals affected this is a not insignificant breach. Ironically, this may affect Teletext themselves more than the hackers to begin making contact with their affected clients they will have to find their own way of extracting the details – and they will probably find that more difficult than do the attackers. It might be slightly more time consuming but that is all. Nor should we be complacent that extracting data from audio files is somehow difficult it isn’t. It is also a treasure trove for anyone who wants to build more sophisticated and damaging attacks – it’s an intelligence feed for hackers this simple leak could spawn many more and worse. It all has a dollar value and is saleable online (and will be for sale already). Companies have exactly the same responsibility to secure data in the cloud as they do with the data they hold on premise.Īside from the painfully obvious “please don’t store unencrypted data in unencrypted data stores and be at all surprised when it leaks”, this makes the point very well that the actual medium in which data is stored is irrelevant the fact that these were voice files makes no difference to the value of the data to hackers. All of these details are considered to be Personally Identifiable Information (PII) under GDPR and placing the calls in the cloud does not mean the data it is no longer the organisation\’s responsibility. In this case, Teletext have put the names, email addresses, home addresses, phone numbers and dates of birth of more than 200,000 customers at risk. ![]() Cloud services are is not secure by default, and privacy settings on cloud storage services have to be configured to protect the sensitive data they hold. However, Teletext is an example of why companies should not become complacent with their use of the cloud. In fact, our own research has found that 61 percent of security professionals believe the risk of a security breach is the same or lower in cloud environments compared to on-premise. The use of cloud services such as Amazon Web Services have become ubiquitous in recent years, and organisations – such as Teletext Holidays – are much more comfortable trusting sensitive data to the cloud. ![]()
0 Comments
Leave a Reply. |