Six SA hotels on ‘world’s best’ list

first_img30 July 2013 Six South African hotels feature in the 50 “world’s best hotels 2013” list of US magazine Travel + Leisure, with three of them ranking in the top 10 – all three located within the world-famous Kruger National Park, and two belonging to South African hospitality group Singita. “A commitment to providing access to some of Africa’s best game-viewing, while minimizing environmental impact and maximizing comfort, has earned Singita’s properties repeat appearances in the World’s Best Awards,” Travel + Leisure says in its July 2013 issue. The Singita Kruger National Park, comprising two lodges with treetop suites and riverside rooms in the southeastern reaches of the Kruger National Park, on South Africa’s border with Mozambique, was voted third best in the hotels category of the magazine’s annual “world’s best” readers’ survey. Singita’s flagship Sabi Sand, also located within the greater boundaries of the Kruger National Park, came in at number 10. “Private outdoor showers and well-stocked wine cellars come standard,” Travel + Leisure says of Sabi Sand, “while photography-focused safaris and cultural outings to a nearby village let you appreciate Kruger’s landscape and the local community”. At ninth on the list is the Sabi Sabi Private Game Reserve, at whose flagship Bush Lodge “twice-daily game drives, firelight boma dinners, and spa treatments using marula tree, African potato, and aloe vera extracts keep parents occupied, while kids can enroll in the EleFun Centre, offering conservation activities and outdoor fun”. The Cape Grace in Cape Town was ranked 26th. “A movable pedestrian bascule bridge provides access from Cape Town’s bustling waterfront to this quiet, mansard-roofed hotel on its own private quay,” notes Travel + Leisure, while “fourth-floor rooftop terrace rooms and penthouse suites come with views of Table Mountain”. At 39th place, and returning to the Kruger National Park and its surrounds, is the Londolozi Game Reserve, a Kruger camp comprising five family-run lodges on 42 000 acres of South African wilderness that is renowned for its frequent sightings of the elusive leopard. And at 50 on the list is the Saxon Hotel, Villas & Spa, a 200-year-old manse in the posh Sandhurst suburbs of Johannesburg that has been converted into a “fashionable 53-room boutique hideaway” where “the expansive pool, 10-acre gardens and koi pond make the Saxon feel like a resort, with private plunge pools in many rooms and latticed shutters opening to garden views”. SAinfo reporterlast_img read more


Brian Russell discusses his new book and trends in IoT security

first_imgWhy IoT Apps are Eating Device Interfaces Internet of Things Makes it Easier to Steal You… Clarke Illmatical Related Posts Tags:#cybersecurity#Internet of Things#IoT Follow the Puck Brian RussellReadWrite: We’ve been inundated with IoT technology, it seems like security isn’t being factored in. Is there such a thing as IoT security in general?Brian Russell: Yes, in a lot of ways, IoT security is just regular security. Now, applying it to the types of devices and systems that are being built, that’s been a challenge for one reason or the other but, when you really sort of think about it, the fundamentals of information security still apply to IoT devices, that a manufacturer is building. Or integrators putting together, you still need to have confidentiality, integrity, availability, those sort of key fundamentals of security. So, what’s been a bit of a challenge in the IoT market, is there are so many types of technologies coming together, and nobody’s gotten ahead of the curve, and said hey, if I put together a system that has Zigbee devices that are talking over the internet, over the cloud, and they can talk to each other and they use MQTT as well, after going through a gateway, how do I secure those new technologies? And so, it’s a matter of technology getting ahead of the guys in security, market or the security function, where they haven’t really had a chance to catch up and do a really good look at one, the security controls, that have to be applied and the best practices that are recommended for each specific protocol that’s within IoT and from a systems perspective, what are the engineering challenges related to when you put all of these things together, and you start having them work together? Sometimes in an autonomous fashion, what does that mean from a risk perspective and what does that mean from a security controls perspective? I think it’s really a matter of security not catching up with technology. I think whether it’s the IoT, whether it’s machine learning, whether it’s data analytics, whatever it is that we’re talking about, that’s going to be the challenge going forward for the security community, trying to figure out, technology moves fast and security is sort of lagging behind the technology movers and shakers. How are you going to make sure that you keep up? So that as new capabilities, products and technology come out, you’re not in the same boat as we’ve seen ourselves in with IoT. RW: With IoT, we don’t see the traditional level of testing, because of the ubiquitous nature of these devices, they’re everywhere. Is it a different mentality when testing or working with this type of security?BR: Yes and no. You’re going to want to do a methodical examination when you’re examining the security of any particular system, a methodical examination of potential vulnerabilities, and you go online and sort of look for every single attack vector that you can find to get into a particular system, whether IoT or not. What you mentioned about sort of IoT being different is right, and there’s training or mindset shift that has to occur in the security community. The scale of IoT is what I think you were referring to, there might be millions of devices, that are used within a particular organization and those devices can range from temperature sensors, floating in the ocean, it can be smart mirrors, it can be smart billboards, it can, things in a smart home, smart electrical capabilities, smart grid type stuff, there’s so many different things, again, sort of going back the traditional ways of doing security, sort of looking at it from a risk perspective, is really important, again, if you have this sort of category of devices, that are sort of reading temperature data, for example, or reading some environmental type data that has no impact from a security perspective, for a particular organization, or limited impact from a security perspective, you’re going to apply resource to secure those capabilities and those technologies. On the other end of the spectrum, what you really have to work about is this move toward cyber-physical system, CPS, where now, I may have a connected vehicle, if I’m Ford or General Motors, I’m going to make sure that I apply substantial amounts of security engineering and resources to figuring out what the vulnerabilities are for that particular system and making sure that it’s locked down in such a way that people are thwarted from trying to penetrate into the core the devices, in this case, a vehicle. Or it could be a drone or a plane. Going back to that sort of risk perspective, and that sort of that risk framework mentality, and saying ‘Well, I need to sort of pull out of the stop and see if I can dig my way into a connected car, that if it’s compromised, it’s going to cause harm to somebody…’RW: What was your motivation for this book? It’s very technical. BR: My background, going back many years, working for the government, building cryptographic key management systems and we sort of have an understanding of, making sure the systems that are out there, serving mission purposes, and critical business purposes are secure, sort  of taking that background in cryptographic key management, we ended up starting to work with the FAA. Cryptographic control for drones and trying to figure out what that command link would look like between a small mid aerial system or drone and a ground control system, and sort of keeping people out of that command link. Then we ended up going into the transportation sector with the federal highway administration trying to figure out what it means to secure connected vehicles across the U.S. infrastructure. From that perspective, from the work perspective, it became very clear that there are a lot of challenges. People weren’t going back and applying the fundamental principles… The risks were growing significantly. We saw that there were many points of integration, that seemed to be opening up between all of these different technologies. For example, a vehicle in today’s world might be started with a command, you might say ‘Lexus, start my vehicle.” That’s sort of an integration point, it might integrate with your net thermostat. That’s an integration point into a cyber system that has the ability to cause harm if it’s taken over from a control perspective. The risks are significantly high and they’re getting higher as more things get integrated with other things. The other side, the volunteer work that I do, the Internet of Things Working Group, we’ve been looking at this since 2013 or so, trying to put together some community driven thoughts on how an enterprise might go about securing and IoT implementation, sort of a systems to systems implementation, and then how a product developer might go about securing their IoT-based connected products. I look at that and got together with my co-author Drew Van Duren and said it probably makes sense to go ahead and formalize this and put this together into an actual book. RW: It looks like your book was written for engineers, programmers and network admins working on the technical aspects of IoT. I think you’re right, we tried to abstract it as well, but we wanted to provide practical guidance that people can use when they’re designing their IoT systems. RW: In chapter one, you talk about IoT data collection, storage, and analytics. Thinking about the future of IoT, how big a role will data collection play?There are a lot of different potentials there. One path you can think through is already starting to show itself. If you look at, I think there was a murder investigation just a couple of weeks ago and the local law enforcement was trying to get access to the transcripts from the Alexa, from Amazon’s Echo device. That shows you that you have devices in a smart home for example, in some instances, back with the some of the smart TVs that were always listening. Definitely, in the Echo case, it’s always listening for the implication word… What is the legal stance as far as how a law enforcement official might gain access to that transcript from Amazon? Almost like the old subpoena from the telecom providers. Are they going to go and do this to Amazon when there is a case that opens up and they might be able to figure out details of the case if they get transcripts. This sort of goes to the ubiquitous monitoring of IoT, the nature of the IoT, where you always sort of being watched and I think eventually we’ll get use to that. It’s going to be interesting seeing what happens from the perspective of law enforcement that wants access to these things. Another example, it hasn’t come to fruition yet, but everybody has cameras on these houses now, camera on their backyard. If something happens in front of your house or on your property, is law enforcement going to subpoena the video images? What if you don’t want that to get out from a privacy perspective? I think privacy sort of a really interesting area to think through when it comes to this sort of data collection of IoT devices. You can make the same case for smart health devices that are always collecting your biometric data about your heart rate. These things are going to get more and more advanced. The data that’s collected is going to be able to show, a profile of your activity, and your sort of overall health and well-being, and do you want this data or the inferences from that data to be made available to people that you don’t know. Your healthcare provider is sharing that with your insurance provider. On the insurance side, what are the ramifications when we talk about not only health care but also sort of vehicle insurance. Nowadays you can go out to target and buy a device that will hook into your OBD2 port on your vehicle and collect information about how fast your drive and that’s going to be standard stuff in the connected vehicle area. What happens when the insurance company starts getting a hold of that data that’s being collected about you? They can make real-time decisions about what you rates are going to be — can they deny coverage? It’s going to be real interesting to think about from a legislative perspective. I talk about the security guys being behind the curve, of technology, it’s the same on the legislative side. Are lawmakers going to have to figure out what laws they have to put in place to protect your rights as a consumer, not only from a privacy perspective but also from the perspective of this not having your insurance taken away because the insurance company figures you’re not as healthy as you said you were or you’re driving more than you said you were. RW: When we look at IoT devices, it seems like a lot of devices are being enabled without any security mechanism in place. The manufacturers are creating and then at the last moment, an IP stack is placed on the device. What is your take on this?BR: I think that’s right. IoT security is similar to regular information security that we’ve all sort of grown up with. If you think about the software industry, they’ve had many years to secure their security practices, and if I’m a refrigerator manufacturer I haven’t had a need to figure out how to prevent people from hacking into my computer capabilities, or If I’m a vehicle manufacturer, similar circumstances, or whatever it is, if I’d a manufacturer of some sort of product, physical product, I haven’t had to make sure that people don’t have to hack into my light bulb, that I’m putting out onto the shelf. It’s a matter of catching up again from a design perspective, understanding that if you put something out there that has the ability to connect to other devices or to the Internet, there is risk involved and you have to figure out how to mitigate that risk.You pair that with the startup community who has no real motivation to embed real security engineering into their products, they’re interested in getting things to market… The other aspect is that there is talk all over that there is a shortage of skilled security people. On the market. If I’m a startup or legacy product manufacturer, it’s going to be hard for me to go out and recruit the people I need to build a good security team, so that I can tackles these issues internally, it’s this perfect storm of different mindsets and issues that are keeping people from succeeding and applying proper security controls, to their devices. The FTC recently came out against manufacturers of connected devices and are bringing a lawsuit against a manufacturer. I can’t remember who it was, and so now, if you start to see some government enforcement you might see some a mindset shift from these IoT manufacturers where they have to go the extra mile to get things right. We haven’t seen that from the government until very recently. RW: On connected devices in the home, what kind of implemented security can we expect to see on these devices in the future. BR: I think, for those sort of devices, you’re going to have to lean on the protocol specs themselves because bolting on additional security features to an air conditioner that has to talk to a thermostat, if that involves any sort additional configuration for the home user it’s probably not going to happen or not happen correctly, because from the consumer IoT realm, it’s an interesting challenge. Usability is extremely important, there is always this tug of war between usability and security, but on the home market, it’s not going to be used, if it’s too hard to configure. If you have to go in and manually enter a hex string of key characters into a light bulb every time you install it, that’s gonna fly. As so, you fall back on the pairing processes of some of these protocols like ZigBee, Z-Wave or Bluetooth. And those communication protocols have built-in security controls, where they haven authentication capabilities and confidentiality protections built into them at the link layer. You’re going to have to figure out the best approach to leverage those, protocols security stacks that are already existing for those types of devices. RW: So who needs to purchase your book? BR: I would say anybody who is trying to put together complex connected systems. Systems that talk to each other, systems that work together autonomously, for critical business functions or critical mission functions. That’s what the book was designed for anybody who is responsible for getting these connected devices incorporated into their enterprise. I would hope would benefit from this book right now. Brian Russell is a security expert with Leidos, chair of the Internet of Things Working Group and Cloud Security Alliance. He spoke to ReadWrite about his book “Practical Internet of Things Security” and issues facing the IoT security community.See also: 5 IoT cybersecurity predictions for the coming yearHow do we shift our minds and prepare for IoT security? What are some of the biggest challenges facing the IoT community in enterprise networks and consumers at home? Take a look at the interview below. Small Business Cybersecurity Threats and How to…last_img read more


NCP, BJP lock horns in graduate constituency

first_imgThe NCP has geared up to ensure the defeat of BJP candidate Niranjan Davkhare in the Konkan graduate constituency election to be held on June 25.The NCP will be fielding Najib Mulla, Mumbra MLA and close associate of party MLA Jitendra Awhad. Mr. Awhad said, “Najib will be taking on the BJP candidate Davkhare. We are fighting to win this election. Those who wanted to leave have defected from the party. Now those who have faith in the party will be given an opportunity. We will ensure the BJP loses this election.”Sources in the party said that NCP chief Sharad Pawar had held a meeting of senior party leaders last week and instructed the cadre to ensure Mr. Davkhare’s defeat. A senior NCP leader on condition of anonymity said, “First of all, party leaders are hurt over his decision to join the BJP. Secondly, letting him win the seat would send a wrong message among party activists that anyone who joins the BJP gets the position of power. We cannot let that happen and therefore he has to be defeated.”For the Konkan graduate constituency, which is spread across Raigad, Ratnagiri, Sindhudurg, Palghar and Thane, the NCP have tied up with the Peasants and Workers Party. It is also likely to get support of other regional parties such as the Bahujan Vikas Aghadi. A day after Shiv Sena chief Uddhav Thackeray announced that his party would be contesting future elections on its own, the party said that Thane’s former mayor Sanjay More would be its candidate.Graduate and teacher constituencies in Mumbai will also go to the polls on June 25. The graduate constituency is currently being held by Health Minister Deepak Sawant of the Sena. The party is yet to announce its candidate. Kapil Patil , belonging to Sharad Yadav’s Loktantrik Janata Dal, currently holds the teacher constituency and will be contesting the June 25 poll.last_img read more


The Worlds Smallest Spontaneous Atomic Valentine

first_imgThe Jeol 2100F microscope, a new generation aberration-corrected electron microscope, allows a clear view of the palladium atoms. Explore further Citation: The World’s Smallest Spontaneous Atomic Valentine (2010, February 14) retrieved 18 August 2019 from https://phys.org/news/2010-02-world-smallest-spontaneous-atomic-valentine.html This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only. According to the physicists observing the atoms through the Lab’s JEOL 2100F microscope, Zhiwei Wang and David Pearmain, they watched with love, but really had absolutely nothing to do with the heart formation of the atoms.Sadly, the bright, beautiful palladium Valentine will not be given to a special lady. Being only 8 nanometers in size, it can’t be seen by the human eye, and cannot even be relied upon to stay in the smallest ring setting. But we can all admire the wonderful high-angle, very high-power shot of the world’s smallest and, arguably, prettiest naturally-formed Valentine.Although the palladium Valentine was a nice surprise for the scientists, they actually have other reasons for studying the palladium atoms. Professor Richard Palmer, head of the Laboratory explained:”Size-selected atomic clusters, of the kind which fused together to assemble the atomic heart, are of practical relevance as model catalysts; the palladium/carbon system is employed as a real industrial catalyst in the fine chemicals sector. Precise control of the atomic architecture of the clusters may lead to enhanced yield and especially selectivity in complex catalytic reactions, as well as reducing the number of metal atoms needed to catalyze the reaction.”The Nanoscale Physics Research Laboratory was established in 1994 as the first centre for nanoscience in the UK. Four spin-off companies have been generated from the Laboratory since 2005. © 2010 PhysOrg.com More information: Information provided by: Professor Richard Palmer, The Nanoscale Physics Research Laboratory, University of Birmingham. Platinum nanocatalyst could aid drugmakers (PhysOrg.com) — Palladium atoms placed on a carbon base spontaneously formed into an 8 nanometer heart at the University of Birmingham’s Nanoscale Physics Research Laboratory this week. Just in time for Valentine’s Day! last_img read more