Cybersecurity |
Sponsored by |
|
Spam over Internet Telephony (SPIT) is viewed by many as a daunting threat. SPIT is much more fatal than email spam, for the annoyance and disturbance factor is much higher. Various academic groups and the industry have made some efforts to find ways to mitigate SPIT. Most ideas in that field are leaning on classical IT security concepts such as intrusion detection systems, black-/white-/greylists, Turing tests/computational puzzles, reputation systems, gatekeeper solutions, etc... We identified the lack of a benchmark testbed for SPIT as a serious gap in the current research on the matter, and this motivated us at the to start working on a first tool for that. more
Two US Government contractors and the National Institute of Science and Technology have released a white paper, "Statement of Needed Internet Capability," detailing possible alternatives and considerations for a Trust Anchor Repository (TAR) to support DNSSEC deployment. The document was released through the DNSSEC-Deployment Group this week with a request that it be circulated as widely as possible to gather feedback. A Trust Anchor Repository (TAR) refers to the concept of a DNS resource record store that contains secure entry point keys... more
Several people abroad have started mailing me and others asking if rumors of new legislation to be passed in Sweden on the 17th of June is for real. There are also reports in international forums starting to pop up. This is fairly old news, and I think that most of us are surprised that this has not generated more press both inside and outside Sweden earlier. This legislation will allow for the Swedish National Defense Radio Agency (FRA) to wiretap Internet traffic leaving the country... more
I was pointed to an article in the Armed Forces Journal where Col Charles W. Williamson III argues that the US Air Force needs to develop a BOTnet army as part of the US military capability for retaliatory strikes. The article brings up some interesting issues, the one that I believe carries the most weight is the argument that we (well, people living on the Internet) are seeing an arms race. It is true that more and more nations are looking into or developing various forms of offensive weapons systems for the use on the Internet... more
About a year ago after coming back from Estonia, I promised I'd send in an account of the Estonian "war". A few months ago I wrote an article for the Georgetown Journal of International Affairs, covering the story of what happened there. This is the "war" that made politicians aware of cyber security and entire countries scared, NATO to "respond" and the US to send in "help". It deserved a better understanding for that alone, whatever actually happened there. more
There are more than just blue, black and white hat hackers. There are a few more types of folks out there that don't fit into the above categories. This article is taken from Stratfor with some commentary by myself... Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers... more
One of the other web sites I subscribe to is Stratfor. It's a global intelligence website and doesn't really have much to do with spam. But I like politics so I read it. They have some articles which you can get for free, but the better stuff you have to pay for. About two weeks ago, they ran a three-part series on Cyberwarfare. The first article was the title of this post, which you can access here (requires registration). In the article they described different types of cybercriminals and not-so-criminals which they referred to under the umbrella as "hackers." more
The essay expands a cooperative solution to third-party use of brands in domain names. Like any approach that depends on cooperation, the solution will require both sides to change behavior but also allow both sides to take credit for the resulting benefits, i.e. a triangular solution. If not immediately addressed, the problem of third-party use can become a major threat to the industry. But we already know one thing: when it comes to this issue, legal action and bullying don't work. more
One of the major principles of the architecture of the Internet was encapsulated in a paper by Saltzer, Reed and Clark, "End-to-End Arguments in System Design". This paper, originally published in 1981, encapsulated very clearly the looming tension between the network and the application: "The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible." At the time this end-to-end argument was akin to networking heresy! more
The Cooperative Association for Internet Data Analysis (CAIDA) and the American Registry for Internet Numbers (ARIN) presented the results [PDF] of a recent IPv6 survey at the ARIN XXI Public Policy Meeting in Denver on April 7th. The survey involved over 200 respondents from a blend of Government, commercial organizations (including ISPs and end users), educational institutions, associations, and other profit and non-profit entities. The purpose of the survey, conducted between March 10th and 24th, was to capture IPv6 penetration data in the ARIN region... more
"The world is flattening," says Dave Rubal at the FOSE Conference and Exhibition this week in Washington, DC. "The race for IT dominance is on, and it is coming west." Mr. Rubal, Cisco's Worldwide Internet Protocol version 6 (IPv6) Task Force Lead, spoke of the tremendous race in IT dominance that is occurring, stating that the "mainstay technologies at the Beijing Olympics will be IPv6-powered." IPv6 is in line to replace version 4, but Rubal hinted that China and other Far East countries may be adopting the new version faster than the United States... more
IPTV is on the horizon. Maybe I watch too much basketball, but the first thing I pictured was turning my flat screen into a big PC-like monitor with multiple windows showing several games, and perhaps even checking email and trying to do a bit work in another (admittedly much smaller) window. You could drag and drop, expand or shrink the games to whatever size you wanted just like you do on a PC with applications. Since the source video could come from different geographical regions in the country, you could catch the NCAA game they are showing in your local region while also watching another game from another region... For some, IPTV is a reality. But for the most part deployments are limited. more
Lee Dryburgh initiated a great thread in the Emerging Communications public group entitled What would your perfect phone be? There are 14 messages there at this moment with a lot of good ideas, but my first thought was the term "phone" is too limiting. Indeed, some of the correspondents' ideas also go far beyond the idea of a telephone. Here's what I want and fully expect to see, eventually. more
As you may be aware from recent news reports, traffic to the youtube.com website was 'hijacked' on a global scale on Sunday, 24 February 2008. The incident was a result of the unauthorised announcement of the prefix 208.65.153.0/24 and caused the popular video sharing website to become unreachable from most, if not all, of the Internet. The RIPE NCC conducted an analysis into how this incident was seen and tracked by the RIPE NCC's Routing Information Service (RIS) and has published a case study... more
Day two of Domain Pulse 2008 last Friday (see review of day one) focused on online security issues giving the techies amongst us details of security issues, and the more policy-orientated amongst us something to chew on in a few other presentations. Kieren McCarthy, these days of ICANN, also gave some insights into the drawn out sex.com drama with more twists and turns than the average soap opera has in a year! And Randy Bush outlined the problems with IPv6. Among other presentations... more
A World-Renowned Source for Internet Developments. Serving Since 2002.