Cybersecurity |
Sponsored by |
|
There's a pernicious meme floating around that DomainKeys Identified Mail (DKIM) doesn't work with discussion lists, particularly those hosted on common open source software packages like MailMan. It's particularly odd to see this claim after I set it up successfully on a stock Debian server in less than half an hour, just a few weeks ago. Here's how it can, should, and does work. more
On September 12 China, the Russian Federation, Tajikistan and Uzbekistan released a Resolution for the UN General Assembly entitled "International code of conduct for information security." The resolution proposes a voluntary 12 point code of conduct based on "the need to prevent the potential use of information and communication technologies for purposes that are inconsistent with the objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States..." more
The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network. more
In an age where the world has gone global in many forms and guises, the political attention is more and more focussed on national, populist issues, that arise from fear for the unknown. I can't deny it: the future undoubtedly contains many uncertainties. This usually comes with a general public that's afraid and in fear of things they cannot oversee. Thus it is easily aroused by a populist leader who feeds on this fear and throws flammable material on the already smouldering fire. In a time where leadership is called for, it seems lacking. The Internet governance discussion demands visionary leadership on a cross border level and it needs it soon. more
The Domain Name System Security Extensions (DNSSEC) is a suite of IETF-developed specifications designed to validate information provided by the Domain Name System (DNS). ... When the root zone was signed in June 2010, this acted as a catalyst for TLD operators to deploy DNSSEC on their side. We have seen a gradual but significant increase in signed TLDs since then. The map in this post shows the level of DNSSEC deployment in Europe. more
When I first wrote about Domain Registry Locking over a year and a half ago, Verisign was the only Registry offering a true Registry Lock Service. Of course, not long after, Neustar announced their Registry Lock Service too. Recently however, a number of ccTLD Registries have also adopted Registry Locking programs... more
For me, one of the more interesting sessions at the recent IETF 81 meeting in July was the first meeting of the recently established Homenet Working Group. What's so interesting about networking the home? Well, if you regard challenges as "interesting", then just about everything is interesting when you look at networking in the home! more
In the US administration, we see important people like incoming Secretary of Defense Leon Panetta say at his Senate confirmation hearing that "a strong likelihood that the next Pearl Harbor" could well be a cyberattack that cripples the U.S. power grid and financial and government systems. He also said that cybersecurity will be one of the main focuses of his tenure at the Pentagon. But when you look at what is actually happening in cyber security, there is more position jockeying than there is real progress. more
I've written recently about a general purpose method called DNS Response Policy Zones (DNS RPZ) for publishing and consuming DNS reputation data to enable a market between security companies who can do the research necessary to find out where the Internet's bad stuff is and network operators who don't want their users to be victims of that bad stuff... During an extensive walking tour of the US Capitol last week to discuss a technical whitepaper with members of both parties and both houses of the legislature, I was asked several times why the DNS RPZ technology would not work for implementing something like PROTECT-IP. more
This is a followup to Wout de Natris' as usual excellent piece on the Enisa botnet report -- pointing out the current state of mobile malware and asking some questions I started off answering in a comment but it grew to a length where I thought it'd be better off in its own post. Going through previous iterations of Mikko's presentations on mobile malware is a fascinating exercise. more
A recent report from Pike Research, "Smart Grid Cyber Security" has found if smart grids can realize their full potential, consumers, utilities, nations, and even the earth itself will benefit. As with nearly any new technology, the industry focus has been on getting smart grids up and running, often with little consideration for cyber security issues. more
A fledgling international cyber security alliance is continuing to gather backing from private business, according to a recent article published on ComputerWeekly.com. The International Cyber Security Protection Alliance (ICSPA) aims to support law enforcement agencies in countries that lack the resources to fight cybercrime. Commercial security organizations such as McAfee and Trend Micro are supporting the alliance. more
As we, here in the United States celebrate our independence this Fourth of July, we are reminded that the liberties and freedoms that come with that independence have yet to be won online. As citizens of this country we are blessed with safety and security from threats both foreign and domestic, but those guarantees have not yet extended to our citizenship in the global Internet community. This is true not just for American citizens, but for all Internet users throughout the world. more
Internet Security is a topic that has drawn a lot of attention over the past year. As awareness grows that cooperation is necessary, it dawns on people that there are many and very different stakeholders involved, stakeholders that may never have met before. Let alone have cooperated. An example of an approach is the National Cyber Security Council (NCSC) that was installed in The Netherlands on 30 June. This is a high level council that will give advice to public as well as private entities on how to better secure themselves and society at large against cyber attacks and how to become more resilient. However, without the right approach it is doomed to become a talking shop. more
The last few months have shown a number of signs that cooperation in cyberspace is not just necessary, but it is vital for the survival of the Internet as we know it. There is no need to provide links to all the articles and news stories that talk about the dangers of cyberattacks on the infrastructure in the USA or other countries - you can find plenty of them. ... What misses really in these stories is the answer to the question "So, what?" more