Cybersecurity |
Sponsored by |
|
Business email compromised (BEC) attacks targeting American companies are exploding, with an increase of over 476% in incidents between Q4 2017 and Q4 2018. Up as well is email fraud with companies experiencing an increase of over 226%. These highly targeted attacks use social engineering to identify specific company employees, usually in the finance department and then convince these employees to wire large sums of money to third-party banking accounts owned by the attackers. more
The design of DNS included an important architectural decision: the transport protocol used is user datagram protocol (UDP). Unlike transmission control protocol (TCP), UDP is connectionless, stateless, and lightweight. In contrast, TCP needs to establish connections between end systems and guarantees packet ordering and delivery. DNS handles the packet delivery reliability aspect internally and avoids all of the overhead of TCP. There are two problems this introduces. more
An entity called the Handshake Network claims its newly developed open source project offers advantages over the traditional naming and signature systems. more
There is considerable rhetoric propagated today about 5G security. Some of the more blatant assertions border on xenophobia with vague assertions that the 5G vendors from some countries cannot be trusted and wholesale government banning is required. Existing treaty obligations are being summarily abrogated in favour of bilateral trade bullying. These are practices that the late President George H.W. Bush sought to eliminate a quarter century ago through intergovernmental organization initiatives... more
Apollo 11 was the spaceflight which landed the first two humans on the Moon. Commander Neil Armstrong and lunar module pilot Buzz Aldrin landed the Apollo Lunar Module, Eagle, on July 20, 1969. Armstrong became the first person to step onto the lunar surface six hours later, and Aldrin joined him 19 minutes later. The two astronauts spent about two and a quarter hours outside the spacecraft, and they collected 47.5 pounds of lunar material to bring back. more
An unprecedented disinformation campaign purposefully distorts what consumers and governments understand about the upcoming fifth generation of wireless broadband technology. A variety of company executives and their sponsored advocates want us to believe that the United States already has lost the race to 5G global market supremacy and that it can regain it only with the assistance of a compliant government and a gullible public. more
By any metric, the queries and responses that take place in the DNS are highly informative of the Internet and its use. But perhaps the level of interdependencies in this space is richer than we might think. When the IETF considered a proposal to explicitly withhold certain top-level domains from delegation in the DNS the ensuing discussion highlighted the distinction between the domain name system as a structured space of names and the domain name system as a resolution space... more
The IETF is in the midst of a vigorous debate about DNS over HTTP or DNS over HTTPS, abbreviated as DoH. How did we get there, and where do we go from here? (This is somewhat simplified, but I think the essential chronology is right.) Javascript code running in a web browser can't do DNS lookups, other than with browser.dns.resolv() to fetch an A record, or implicitly by fetching a URL which looks up a DNS A or AAAA record for the domain in the URL. more
From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more
The DNS root servers were reported by Verisign to be under unexpected attack from name servers across the Internet following ICANN's recent changes to their cryptographic master keys. more
As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more
With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more
A group of academic researchers have revealed a design weakness in the 4G/5G protocol which can be exploited by an attacker to identify the victim's presence in a particular cell area just from the victim's soft-identity such as phone number and Twitter handle. more
Microsoft is shipping a patch to eliminate SHA-1 hashes from its update process. There's nothing wrong with eliminating SHA-1 - but their reasoning may be very interesting. SHA-1 is a "cryptographic hash function". That is, it takes an input file of any size and outputs 20 bytes. An essential property of cryptographic hash functions is that in practice (though obviously not in theory), no two files should have the same hash value unless the files are identical. more
VPN products vary greatly in convenience, efficiency, and security. If security is a serious concern, an organization needs to pay close attention to the protocols a service supports. Some widely used protocols have significant weaknesses, while others offer state-of-the-art security. The best of the lot today include OpenVPN and IKEv2. What's called a VPN protocol is actually a collection of protocols. There are several functions which every VPN has to manage. more
A World-Renowned Source for Internet Developments. Serving Since 2002.