/ News Briefs

Blocking or Metering Broadband Access is a False Choice, Says New Report

n a report released today by the Free Press, Derek Turner, Research Director argues that, in light of recent FCC ruling against Comcast, it is a "false choice" to believe that "because application blocking is out of bounds, providers now will be forced to use some type of 'metering' to control network congestion." In other words, if ISPs are not allowed to block applications, then usage-based pricing is NOT their only other viable option, asserts Turner.

Daily Search Engine Usage Reaching Email Usage

Use of search engines on a daily bases has been steadily rising from about one-third in 2002 to current rate of just under 50% according to a recent report by Pew Internet & American Life Project. With this increase, the search engine use will soon be reaching that of email which is currently 60% of internet users. The study also points out that these "new figures propel search further out of the pack, well ahead of other popular internet activities, such as checking the news, which 39% of internet users do on a typical day, or checking the weather, which 30% do on a typical day."

Day 30: Kaminsky DNS Bug Disclosure

In a highly anticipated presentation, Internet security researcher Dan Kaminsky today gave details of the much talked about Domain Name System (DNS) vulnerability issue which has been intensely covered since it was publicly announced a month ago on Jul 8th. Although original plans entailed keeping the bug details undisclosed for 30 days in order to allow for necessary security patches to be implemented around the world, details of the bug were eventually leaked-and-confirmed 13 days after its public announcement. Even so, just hours ago in jam-packed ballroom during the Black Hat conference, Kaminsky delivered his 100-plus-slide presentation detailing the DNS flaw that, if exploited, could potentially "destroy the Web".

Internet Companies in Negotiations for Agreement on Code of Conduct in China

Google, Microsoft and Yahoo, in negotiations with other Internet companies and human rights organizations, have reached an agreement on a voluntary code of conduct for activities in China and other countries that censor the Internet. The participants are reviewing the agreement for final approval.

Consumer Reports: U.S. Consumers Lost Nearly $8.5 Billion to Viruses, Spyware, and Phishing

U.S. consumers lost almost $8.5 billion over the last two years to viruses, spyware, and phishing schemes according to latest projections from the Consumer Reports State of the Net survey. Additionally, report estimates that American consumers have replaced about 2.1 million computers over the past two years because of online threats. Survey has also reveals some hopeful signs such as declining chances of becoming a cybervictim -- consumers have 1 in 6 chance of becoming a cybervictim, down from 1 in 4 in 2007.

EFF Releases New Tool for Internet Users to Test ISP Interference

In light of today's FCC ruling against Comcast, Electronic Frontier Foundation (EFF) has released a software tool dubbed, "Switzerland," for internet users to check ISP interference of their connections. Fred von Lohmann, EFF Senior Intellectual Property Attorney says: "The sad truth is that the FCC is ill-equipped to detect ISPs interfering with your Internet connection. It's up to concerned Internet users to investigate possible network neutrality violations, and EFF's Switzerland software is designed to help with that effort. Comcast isn't the first, and certainly won't be the last, ISP to meddle surreptitiously with its subscribers' Internet communications for its own benefit."

U.S. Intends to Remain in Full Control of Internet Root Zone, Says Letter from NTIA

In a letter sent by bureau of the U.S. Department of Commerce, National Telecommunications and Information Administration (NTIA) to ICANN, the department has made it clear that despite recent discussions in Paris meetings, the U.S. department intends to remain in full authority over the Internet root zone.

Study Finds 75% of Malicious Websites from Legitimate, Trusted Sources

New report released today finds 75 percent of malicious websites are from legitimate, trusted sources with "Good" reputation scores. According to the report, 60 percent of the top 100 most popular websites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

Cyber Threats Accelerate: 94% of Web Browser Exploits Occur Within 24 Hours of Disclosure

Today X-Force, IBM's security research and development arm, released its 2008 Midyear Trend Statistics report that indicates cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise.

17 Countries to Reach 60% Household Broadband Penetration by 2012, Says New Study

Worldwide consumer broadband connections will grow from 323 million connections in 2007 to 499 million in 2012, according to latest research by Gartner. Worldwide consumer broadband connections penetrated 18 percent of households in 2007, and by 2012, households with a broadband connection are expected to reach 25 percent. Five countries exceeded 60 percent broadband penetration into the home in 2007; and, this is expected to grow to 17 countries by 2012. The five countries with broadband penetration into the home above 60 percent are Canada, Netherlands, Switzerland, South Korea and Hong Kong.

US-CERT Says They Are Aware of DNS Exploit Code, Emphasizes Urgent Patching

The United States Computer Emergency Readiness Team (US-CERT) has acknowledged that they are aware of the publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. US-CERT is re-emphasizing the urgency of patching vulnerable DNS systems.

Open Web Foundation Launches to Push Data Portability

A new nonprofit organization called the Open Web Foundation (OWF) launched today with a mission to be an independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies. "The Open Web needs Open Data, Open Date needs Open Specifications," is one of the statements used in today's opening presentation. With backing from some of the biggest companies including Google, MySpace, Facebook, and Yahoo, the foundation plans to serve as a placeholder for "all the legal dirty work that needs to happen in order for data portability to become a reality."

DNS Attack Code Has Been Published

As warned by Dan Kaminsky, Paul Vixie, and numerous other experts experts, it was just a matter of time before an exploit code for the now public DNS flaw would surface. An exploit code for the flaw allowing insertion of malicious DNS records into the cache of target nameservers has been posted to Metasploit, a free provider of information and tools on exploit techniques. According to reports Metasploit creator, H D Moore in collaboration with a researcher named "|)ruid" from Computer Academic Underground, created the exploit, dubbed "DNS BaliWicked Attack", along with a DNS service created to assist with the exploit.

DNS Security Flaw Secret Leaked Prior to Set Date: Patch DNS as Fast as Possible

In what seems to have started with a blog post by reverse engineer Halvar Flake, and subsequent blog postings from other experts in the know, the details of the recently announced DNS vulnerability was quite likely made public today. The DNS flaw was found earlier this year by security researcher Dan Kaminsky and earlier this month announced publicly along with various tools and patches provided by numerous vendors...

China Betting on IPv6 and First Mover Advantage

The United States' reluctance to invest in IPv6 makes it more likely that China will be in a position to gain the first-mover advantage it seeks. ...Liu Dong, president of the Beijing Internet Institute sums it up succinctly: "We think we can develop the killer applications," he says. China plans to show the rest of the world just how advanced its Internet is at the 2008 Olympics in Beijing. CNGI will control the facilities -- everything from security cameras to the lighting and thermostats -- at the Olympic venues, and events will be broadcast live over the Internet. Even the taxis in Beijing's snarled traffic will connect to CNGI via IPv6 sensors so that dispatchers will be able to direct their drivers away from congestion.