Cybersecurity

On Comcast and Net Neutrality: Shouting Fire in a Theater

The Comcast traffic shaping case has stirred up passionate debate. Net neutrality proponents are calling for Comcast's head on a platter. The common argument is that Comcast's policy may stifle innovation and competition. If a service provider is allowed to exercise unregulated discretion in how it treats subscriber traffic, it is a slippery slope toward anti-competitive practices. Net neutrality says keep your hands off. Some are preaching net neutrality as if it were an inalienable human right like freedom of speech... more

IPv6 Over Satellite: Pie in the Sky?

I am writing this from the Satellite 2008 conference in Washington, D.C. As I make my way through the exhibits, I see many vendors advertising IP capabilities in their hardware products or network services. But when asked about IPv6 support, the common reply is a not so believable "it is on our roadmap" followed by a somewhat vague delivery date. Although IPv6 development has been slow across the board, it appears to be moving even more slowly in the satellite world... more

Pakistan Hijacks YouTube: A Closer Look

A few hours ago, Pakistan Telecom (AS 17557) began advertising a small part of YouTube's assigned network. This story is almost as old as BGP. Old hands will recognize this as, fundamentally, the same problem as the infamous AS 7007 from 1997, a more recent ConEd mistake of early 2006 and even TTNet's Christmas Eve gift 2005. Just before 18:48 UTC, Pakistan Telecom, in response to government order to block access to YouTube, started advertising a route for 208.65.153.0/24 to its provider... more

Domain Pulse 2008: Day 2 Focuses on DNS Security

Day two of Domain Pulse 2008 last Friday (see review of day one) focused on online security issues giving the techies amongst us details of security issues, and the more policy-orientated amongst us something to chew on in a few other presentations. Kieren McCarthy, these days of ICANN, also gave some insights into the drawn out sex.com drama with more twists and turns than the average soap opera has in a year! And Randy Bush outlined the problems with IPv6. Among other presentations... more

The Future of Cyber Warfare

Every now and then I get emails from readers of my blog. I mostly reply to them in private, but I recently got one question where I thought my reply might be of general interest. I took the liberty of editing the question somewhat, but in essence it was: "If you have any insight you can share with my class on cyber warfare and security, I would be delighted on hearing it." In general, I think that it's an obvious conclusion that both offensive and defensive actions with regard to national telecommunications infrastructure is becoming an integral part of a nations security assessments.... more

Upcoming Domain Pulse 2008 Within Central Europe

Domain Pulse, the yearly get-together of the German-speaking registries of nic.at (Austria), Denic (Germany) and SWITCH (Switzerland) is happening on February 21 and 22 in Vienna. The conference alternates between the countries -- last year it was Switzerland, this year Austria and next year Germany... Domain Pulse covers everything in the domain name arena from management of the DNS, what's happening in each of the ccTLDs, after market and domaining, security threats to the DNS and internet as well as wider issues affecting the internet's development such as internet governance. more

As IPv6 Deploys, Will We Look Back on NAT as the Ugly Step Sister or Unsung Hero?

The debates are raging over whether or not we should migrate to IPv6. The strongest argument is the enormous address space that will allow for everyone and everything to have a unique public address, many addresses actually. It is often said that the shortage of public IPv4 addresses has limited our capabilities because it led to the pervasive use of private addressing, Network Address Translation (NAT) and Port Address Translation (PAT). Though these technologies remain critical, they are often regarded as stop-gap measures, and they sometimes create problems. In some circles, NAT has acquired a very bad name. But is that a fair perspective of the technology? Let's review the positives and negatives. more

The Internet’s Weakest Link

This week two major transoceanic cables experienced outages that may last several days. The outages provide a reminder that several Internet bottlenecks exist where these cables make landfall. When one thinks of bottlenecks in telecommunications the first and last mile come to mind. Yet equally vulnerable are the last few 1000 feet of submarine cable links. more

Is China Preparing to Go its Own Way with its Own Internet Root?

Interesting things happening in China. An article in the English edition of the People's Daily on line is headlined, Decimal network security address begins operation: "China's decimal network security address was officially launched. China has made a fundamental breakthrough in its Internet development; and actual use has been successful. The birth of decimal network technology makes China the only country able to unify domain names, IP addresses and MAC addresses into the text of a metric system..." Someone asked whether this was a rumored IPv9? It appears IPv9 is a project name, not a new protocol. It lumps together several activities, including at least... more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more