Tuesday 17 January 2017 The one stop source for free breaking news, expert analysis, and videos on AIM and LSE listed shares


Tern – today’s TERNer prize for Geeks

By Nigel Somerville, the Deputy Sheriff of AIM | Sunday 13 September 2015


Disclosure: I have no positions in any stocks mentioned, and no plans to initiate any positions within the next 72 hours. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from ShareProphets). I have no business relationship with any company whose stock is mentioned in this article.


This is Terning (ahem…) into a regular feature. AIM-listed Tern plc (TERN) seems to be getting some scrutiny with regard to its jewel-in-the-crown investment in Cryptosoft. Today’s nugget which we think merits a wider audience comes from ‘Sceptic” – in answer to comments from Cryptobod HERE. Over to Sceptic….. 

Cryptobod … I agree with you, however I was simplifying the argument to make a point. i.e. there’s no need to pass IoT traffic through a third party’s cloud hosted platform.

The internet is inherently resilient so why funnel it through this platform?

Also with end point encryption moving towards the physical hardware domain, it’s even less compelling.


Filed under:


Never miss a story.




This area of the ShareProphets.com site is for independent financial commentary. These blogs are provided by independent authors via a common carrier platform and do not represent the opinions of ShareProphets.com. ShareProphets.com does not monitor, approve, endorse or exert editorial control over these articles and does not therefore accept responsibility for or make any warranties in connection with or recommend that you or any third party rely on such information. The information available at ShareProphets.com is for your general information and use and is not intended to address your particular requirements. In particular, the information does not constitute any form of advice or recommendation by ShareProphets.com and is not intended to be relied upon by users in making (or refraining from making) any investment decisions.


More on TERN


Comments

2 comments

  1. Sceptic also adds a reference to,

    http://www.matrixssl.org/
    http://www.peersec.com/

    In the comments. Available in Open Source and Commercial Versions. The important factor here is ‘footprint’ given it is to be used on embedded systems, small is good. I would not know how it stacks up in terms of performance/features in comparison to what will be provided by the semiconductor manufacturers themselves or that supposedly supplied by Cryptosoft. They do claim to have their own Client.

    Again what it boils down to is that across the whole IOT/M2M industry spectrum there are an immense number of companies offering solutions and vying for market share. The ‘Cryptosoft Converts’ do not appear to be able to accept this or even conceive of the possibility that they represent a threat let alone exist.

    On the question of cloud then Sceptic is right for ‘time critical’ applications. However the use case should be considered when any decision is made. Cloud will have a place as long as outages can be mitigated, coped with or otherwise are not much of an issue. Cloud will be tempting for certain applications and certain enterprises. Either as a result of experience or ignorance.

    What might be more interesting is to consider where ‘The Cloud’ lives and what happens with the data. If you are going to be using Microsoft Azure or Amazon EC2 then you will be placing a lot of sensitive data in the hands of US corporations. Even if the data is stored on ‘local soil’ it appears that the US are about to rule that they can lift it anyway.

    That might/should cause concerns in respect of sensitive data and more so critical data should someone decide to ‘flip the switch’, accidentally plug in a vacuum cleaner. Of course given the US are our mates there is nothing to be worried about and naturally Cryptosoft, and everyone else will, give an added layer of protection in respect of sensitive data.

    For more ‘tin foil hattery’ it is probably not worth mentioning that Mr Cameron apparently recently backed down on suggestions that he was going to ban or back door encryption in the UK.

    Those in ‘the community’ still doubt his volte-face and the original rumblings resulted in at least two UK companies upping sticks and moving elsewhere. Cryptosoft is, as far as I am aware, a UK company so perhaps they might be able to provide reassurances in respect of such concerns.

    In as much as some companies will make the wrong choices in respect of the use of Cloud for the wrong reasons Cameron is worse for behaving like a ‘Cryptosoft Convert’ with regard to encryption. Utterly and completely clueless and incapable of thinking outside of the pram he is throwing his toys out of.

  2. It gets worse..

    http://uk.advfn.com/cmn/fbb/thread.php3?id=34146865&from=15833#firstpost

    imranhafiz 13 Sep’15 – 21:01 – 15833 of 15833 0 0
    -
    -
    Now, let’s have a look at CS Technical White Paper.

    Excerpt:

    “Authentication Services The Cryptosoft platform provides a secure method for authenticating API clients and devices, based on a sophisticated challenge-response mechanism using a unique device derived key model. This avoids the problems associated with using static certificates and ensures that authentication credentials used to access potentially sensitive information are never sent in clear-text. Certificates can be cycled dynamically based on time or use patterns, effectively eliminating ‘man in the middle’ attacks.”

    imranhafiz is the new hero on the thread…

    You ‘have’ to give Cryptosoft your e-mail address and telephone number via their non-secure HTTP website to receive a link to the actual White Paper via e-mail. I used a throw away Yahoo account and a made up number to get,

    “Thank you for submitting your details. Please find your download link below:

    http://www.cryptosoft.com/assets/Cryptosoft-Technical-White-Paper.pdf”

    Errrrm. Even e-mails from Share Prophets come with better link obfuscation than that… Anyway in amongst the waffle we get,

    http://i.imgur.com/MendHt2.png

    Now if Cryptosoft have come up with a method of ELIMINATING MAN IN THE MIDDLE ATTACKS then they have indeed pwned The World. However I would have expected that the Cryptographic Community would be on fire discussing the possibilities and opportunities.

    Unfortunately I see no smoke let alone a fire so I am inclined to call BULLSHIT.

    This new wonder should be submitted for Peer Review…

    Whoops, can’t do that because it is ‘Commercially Sensitive’.

    OK let the community do some penetration testing on an example.

    Err… Mumble Mumble Mumble, Oh look, here’s my Bus. Sorry got to go.

    You might ask,

    https://www.schneier.com/about.html
    https://www.schneier.com/contact.html

    for his opinion..

    http://www.theregister.co.uk/2013/12/16/bruce_schneier_leaves_bt/

    Not that I might be suggesting Mr Schneier might have some bias given BT is a client of Cryptosoft.


Enter your comment below. Fields marked * are required. You must preview your comment first before finally posting.




Site by Everywhen