Cybersecurity |
Sponsored by |
|
In January 1995, the RFC Editor published RFC 1752: "The Recommendation for the IP Next Generation Protocol"... The Internet is a security officer's nightmare -- so much openness, so easy to capture packet traffic (and/or spoof it!) and send all manner of unwanted traffic. It was built as a research network, hosted by institutes that were 1/ professionally responsible and 2/ interested in working together collegially. So, in the 19 years since the publication of that statement, have we really failed to address the stated goal? more
The holidays open up a block of time to catch up on "I meant to read that" bookmarks, RSS feeds, and all the favorited and forgotten tweets. I made it through 50 before a NormanShark blog post kicked off a research project. The analysts found a malware sample which was using .bit domains in their communications infrastructure, but .bit ... what is that? .bit is a TLD operating outside of ICANN. Some would say they are TLD squatting, but I leave that opinion up to the reader. more
I've often found truth in the famous George Santayana quote, "Those that cannot remember the past are doomed to repeat it." That's an apt warning for what is currently happening - again - with the hundreds of new generic Top Level Domains (gTLDs) that are launching ... and failing to work as expected on the Internet. First, a quick refresher: As most CircleID readers know, in the early 2000s, seven new gTLDs were launched: .AERO, .BIZ, .COOP, .INFO, .MUSEUM, .NAME and .PRO. Aside from Country Code TLDs (ccTLDs), these were the first top-level changes to the DNS since the early days of the Internet. more
By design, the Internet core is stupid, and the edge is smart. This design decision has enabled the Internet's wildcat growth, since without complexity the core can grow at the speed of demand. On the downside, the decision to put all smartness at the edge means we're at the mercy of scale when it comes to the quality of the Internet's aggregate traffic load. Not all device and software builders have the skills - and the quality assurance budgets - that something the size of the Internet deserves. more
According to the Online Etymology Dictionary, the verb collide is derived from the Latin verb collidere, which means, literally, "to strike together": com- "together" + lædere "to strike, injure by striking." Combined instead with loquium, or "speaking," the com- prefix produces the Latin-derived noun colloquy: "a speaking together." So consider WPNC 14 - the upcoming namecollisions.net workshop - a colloquium on collisions: speaking together to keep name spaces from striking together. more
BGP. Border Gateway Protocol. The de-facto standard routing protocol of the Internet. The nervous system of the Internet. I don't think I can overstate the importance, the criticality of BGP to the operation of the modern Internet. BGP is the glue that holds the Internet together at its core. And like so many integral pieces of the Internet, it, too, is designed and built on the principle of trust... The folks who operate the individual networks that make up the Internet are generally interested in keeping the Internet operating, in keeping the packets flowing. And they do a great job, for the most part. more
Recently the 2013 revisions of the internationally acclaimed standard for information security management, ISO27001 and accompanying 27002, 'Code of practice for information security management controls' were released. Whether you're new to this or are looking for a smooth transition, it's important to reflect on the changes made. Being compliant with the latest information security standards is becoming more and more important these days. more
Many years ago on my first trip to London, I encountered for the first time signs that warned pedestrians that vehicles might be approaching in a different direction than they were accustomed to in their home countries, given the left-versus-right-side driving patterns around the world. (I wrote a while back about one notable change from left-to-right, the Swedish "H Day," as a comment on the IPv6 transition.) more
Not long after the message that Microsoft will stop updating Windows XP from 8 April onwards, after extending it beyond the regular life cycle for over a year already, came the soothing message that malware will be monitored for another year. That may be good news to some, but the fact remains that this is not the same as patching. Remaining on XP leads to a vulnerable state of the desktop, lap top and any other machine running on XP; vulnerable to potential hacks, cyber crimes, becoming part of a botnet, etc. more
How can the open standards organizations of the IETF and W3C "strengthen the Internet" against large-scale pervasive monitoring? That is the topic up for discussion at the "Strengthening the Internet Against Pervasive Monitoring (STRINT)" workshop planned for February 28 and March 1, 2014, and jointly sponsored by the Internet Architecture Board (IAB) and the W3C. The workshop is by invitation-only and has a deadline of Monday, January 20, 2014 (by 11:59 UTC) for submission of either position papers or Internet drafts. more
A World-Renowned Source for Internet Developments. Serving Since 2002.