Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Internet connectivity is a good thing. Many of us depend on it for everything from our livelihoods to our entertainment. However, the Internet is very fragile and even the The New York Times is worried about it. But they're primarily concerned with overloads that can occur when everyone on the planet does the same thing at roughly the same time, such as surfing for news about Michael Jackson. Unfortunately, we will never avoid all such scenarios. Physical systems are designed around average and typical peak loads, not around extremely high loads associated with very unlikely events. Who would pay for that? more
The breadth of cyber threats that an organization must engage with and combat seemingly change on a daily basis. Each new technology, vulnerability or exploit vector results in a new threat that must be protected against. Meanwhile some forms of attack never appear to age -- they remain a threat to business continuity despite years of advances in defensive strategy. One particularly insidious and never-ending threat is that of the Distributed Denial of Service (DDoS) attack. more
As recently reported, spam volumes indicate spam has nearly jumped back up to its pre-McColo shutdown levels. However, Symantec's The State of Spam report has also observed that in recent days spammers are increasingly piggybacking on legitimate newsletters and using the reputation of major social networking sites to try and deliver spam messages into recipients' inboxes... In its special URL investigation the report also indicates that on average approximately 90 percent of all spam messages today contain some kind of a URL. Additionally, analysis of data from past recent days, according to Symantec, have shown that 68% of all URLs in spam messages had a '.com' Top-Level Domain (TLD), 18% had a China's '.cn' ccTLD and 5% had a '.net'. more
An extensive analysis of WannaCry seems to indicate attackers would be unable to determine which users have paid the ransom and they cannot decrypt on a per-user basis. more
RIPE 63 is on this week in Vienna, Austria. Yesterday evening saw the General Meeting where members were asked to vote on a number of motions. While some of the motions were more formalities than anything else, the votes on RPKI and the membership fee structure for 2012 provoked some emotive debate. more
If you are interested in presenting at the ICANN 69 DNSSEC and Security Workshop during the week of 17-22 October 2020, please send a brief (1-2 sentence) description of your proposed presentation to [email protected] by 27 August 2020. We are open to a wide range of topics related to DNS, DNSSEC, DANE, routing security, and more. There are some ideas in the Call for Participation below, but other ideas are definitely welcome, too! more
I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..." more
The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... more
A recent decision from a federal district court addresses an issue I hadn't seen before: whether searching malware on the suspect's computer was outside the scope of the search warrant issued for that computer. It seems a narrow issue, and unfortunately the opinion issued in the case doesn't tell us a whole lot about what happened; but I thought the issue was worth writing about, if only to note that it arose. more
In my last blog post about Zoom, I noted that the company says "that critics have misunderstood how they do encryption." New research from Citizen Lab show that not only were the critics correct, Zoom's design shows that they're completely ignorant about encryption. When companies roll their own crypto, I expect it to have flaws. I don't expect those flaws to be errors I'd find unacceptable in an introductory undergraduate class, but that's what happened here. more
Convincing competitors, disparate business entities and researchers to collaborate - many donating their services and resources - to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. more
Yesterday's Wikipedia outage, which resulted from invalid DNS zone information, provides some good reminders about the best and worst attributes of active DNS management. The best part of the DNS is that it provides knowledgeable operators with a great tool to use to manage traffic around trouble spots on a network. In this case, Wikipedia was attempting to route around its European data center because... more
One way or another we've been working on various aspects of securing the Internet's inter-domain routing system for many years. I recall presentations dating back to the late '90's that point vaguely to using some form of a digital signature on BGP updates that would allow a BGP speaker to assure themselves as to the veracity of a route advertisement. more
Whenever I examine the technical elements of the various Internet security certifications and standards that organisations are clamouring to achieve compliance against, I can't help but feel that in too many cases those businesses are prioritising the wrong things and wasting valuable resources. They may as well be following a WWI field guide on how to keep cavalry horses nourished and bayonets polished in a world of stealth aircraft and dirty bombs. more
The Domain Name System has provided the fundamental service of mapping internet names to addresses from almost the earliest days of the internet’s history. Billions of internet-connected devices use DNS continuously to look up Internet Protocol addresses of the named resources they want to connect to - for instance, a website such as blog.verisign.com. Once a device has the resource’s address, it can then communicate with the resource using the internet’s routing system. more
A World-Renowned Source for Internet Developments. Serving Since 2002.