Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
It is not often I go out to my driveway to pick up the Washington Post -- yes, I still enjoy reading a real physical paper, perhaps a sign of age -- and the headline is NOT about how the (insert DC sports team here) lost last night but is instead is about an IT technology. That technology is the Border Gateway Protocol (BGP), a major Internet protocol that has been around for more than a quarter century, before the Internet was commercialized and before most people even knew what the Internet was. more
In Tony Li's article on path MTU discovery we see this text: "The next attempt to solve the MTU problem has been Packetization Layer Path MTU Discovery (PLPMTUD). Rather than depending on ICMP messaging, in this approach, the transport layer depends on packet loss to determine that the packet was too big for the network. Heuristics are used to differentiate between MTU problems and congestion. Obviously, this technique is only practical for protocols where the source can determine that there has been packet loss. Unidirectional, unacknowledged transfers, typically using UDP, would not be able to use this mechanism. To date, PLPMTUD hasn't demonstrated a significant improvement in the situation." Tony's article is (as usual) quite readable and useful, but my specific concern here is DNS... more
On December 17th a US proposal for online commerce in a major trade negotiation, the Trade in Services Agreement ("TISA") leaked. A flurry of press releases and opinion pieces claim that TISA is a threat to the Internet. The headlines are lurid: "TISA leak: EU Data Protection and Net Neutrality Threatened" and "Leaked TISA text exposes US threat to privacy, civil rights"... Because I've spent years in Geneva regularly meeting with and advising negotiators on the networked economy I have a very different perspective. more
Micorsoft has released a 253 page cybersecurity ebook primarily intended for teens but also serves as a useful resource for adults interested in overall understanding of various Internet security topics. more
Internationalized Domain Names (IDNs) might be a slightly "hot" topic at the moment following on from ICANN's launch of the IDN country code Top-Level Domain (ccTLD) program recently. However, IDNs are NOT a new topic. Far from it. They've been around for quite some time. Unfortunately neither The Times Online or Mashable seem to have done any homework. more
The 78th UN General Assembly (UNGA) addressed the issue of cybersecurity again at one of its last meetings in December 2023. It included the adoption of four resolutions on the Open-Ended Working Group (OEWG), a "Program of Action" (POA), and autonomous weapon systems. The texts of the four draft resolutions were negotiated in UNGA's 1st committee, responsible for international security issues, in October and November 2023. more
Equifax has blamed a flaw in the software running its online databases for the massive breach revealed last week that has allowed hackers to steal personal information of as many as 143 million customers. more
The main reason for developing a new internet protocol was based on lack of address; however this was not the only reason. Unfortunately, many people think of IPv6 only as enormous address space, but there are a lot of other advantages, for example... authorizations and authentication function are implemented directly in the protocol and are mandatory... automatic configuration of network interfaces based on their physical address... protocol itself recognizes data streams which must be transmitted in real time, and the data must be processed with highest priority... more
Many administrators misconfigure cloud storage, such Amazon Simple Storage Service (S3) buckets, resulting in the contents being publicly-accessible. more
Conventional thinking or solutions will no longer work in the new era of ISIS and the 'Unprecedented' cyber and non-cyber attacks we live in today. Like it or not, everyone is impacted, and no one is immune. Whether you are an average citizen, a chairman or CEO of a multinational, or a government or academic institution leader, the questions to ponder are: Do you know what to do next? Do you know what the solution is? more
In the run-up to the postponed Euro 2020 football championships, we've analyzed historical registration trends in domains containing the terms "euro2020" or "euro2021." A number of previous studies -- looking at events as diverse as the COVID pandemic, the annual holiday season shopping events, and the Reddit campaign relating to the manipulation of the stock price of U.S.-based retailer GameStop -- show a link between real-world events and spikes in online activity. more
The deployment of Domain Security Extensions (DNSSEC) has crossed another milestone this month with the publication of DURZ (deliberately unvalidatable root zone) in all DNS root servers on 5 May 2010. While this change was virtually invisible to most Internet users, this event and the remaining testing that will occur over these next two months will dictate the ultimate success of DNSSEC deployment across the Internet. more
U.S. senators on Tuesday announced plans to introduce legislation seeking to address vulnerabilities in IoT devices. more
Cybercriminals are leveraging the growing popularity of artificial intelligence to perpetrate attacks, capitalizing on the surge in interest following the release of chatbot technologies like ChatGPT. New research by Netcraft reports on the increasing use of .ai domain names where criminals use malicious websites around AI to draw in victims. more
One of the "key" questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer. If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor's groundbreaking result from 1994. more
A World-Renowned Source for Internet Developments. Serving Since 2002.