Obama’s E-Mail: Lessons Learned


Inside BlackBerry for Business Blog

Big news this past week that U.S. President Barack Obama’s sensitive (but unclassified) e-mails were accessed by Russian hackers. It is surprising this news is surprising. The U.S. government’s unclassified network suffers from the same problems that have led to and will continue to promote other high profile attacks, including Sony, Home Depot, etc. Despite immense expenditure on IT security, these organizations are at the mercy of well-funded, sophisticated attackers, because computing infrastructures are fundamentally flawed, due to the following “Trifecta of Death”:

  • widespread use of general-purpose computers
  • computers connected to the Internet
  • large number of humans accessing those computers

Most enterprise computing platforms, from Windows PCs to Linux/Apache web servers, were never designed to protect against sophisticated attackers. The operating systems have poor privilege models, enabling vulnerabilities in massive middleware packages (like Flash and Java) to be exploited for total security bypass.

Any organization with a large number of…

View original post 462 more words

About David Kleidermacher

I am dedicated to the vision of a trustworthy, scalable Internet of Things, including mobile devices, connected embedded systems, and cloud infrastructure. I oversee product security strategy as BlackBerry's Chief Security Officer. I am a leading authority in systems software and security, including secure operating systems, virtualization technology, and the application of high robustness security engineering principles to solve computing infrastructure problems. I earned my bachelor of science in computer science from Cornell University and am a frequent speaker and writer in the area of computer security, including delivering the 2014 Embedded World Conference Keynote, "Securing the Internet of Things" and author of the book "Embedded Systems Security", Elsevier 2012.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus