"Singapore is planning to cut off web access for public servants as a defence against potential cyber attack," according to a report today in the Guardian. more
In a recent talk at Black Hat, Apple's head of security engineering (Ivan Krsti?) described many security mechanisms in iOS. One in particular stood out: Apple's Cloud Key Vault, the way that Apple protects cryptographic keys stored in iCloud. A number of people have criticized Apple for this design, saying that they have effectively conceded the "Going Dark" encryption debate to the FBI. They didn't, and what they did was done for very valid business reasons -- but they're taking a serious risk... more
In the 1980's internet connectivity meant allowing general public to communicate and share knowledge and expertise with each other instantly and where it was not possible otherwise. Take the story of Anatoly Klyosov, connecting Russia to the western world for the first time in 1982, as an example. A bio-chemist who was not allowed to leave the soviet territory for security reasons. The internet enabled him to participate in meetings with his counterparts at Harvard University, University of Stockholm and beyond. more
ICANN has announced a new hire, Mark Jardina – an expert in global security and health and safety as Vice President of Security Operations. more
BT, United Kingdon's ISP, has confirmed IPv6 will finally be enabled on their network from this Autumn 2016 – but it will be early 2017 before all of their customers can use it, Mark Jackson reported today in ISPreview.co.uk. more
Iran has officially launched its first cloud data center in Tehran during a ceremony attended by the Minister of Communication and Information Technology," according to reports from local news sites. more
"Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank," Eugene Gerden reported today in SC Magazine UK more
The Uniform Domain Name Dispute Resolution Policy (UDRP) is not an exclusive forum for the resolution of domain names accused of cybersquatting even though registration agreements use the word "mandatory" in the event of third-party claims. The UDRP is mandatory only in the sense that respondents are "obliged by virtue of the [registration] agreement to recognize the validity of a proceeding initiated by a third-party claimant." more
"Major Mobile US Networks Pass 50% IPv6 Threshold," reports Mat Ford, Technology Program Manager at the Internet Society (ISOC). more
In a press release yesterday evening, retailer Eddie Bauer confirmed a point-of-sale malware infection suspected by some sources as early as beginning of last month. more
"Massive Email Bombs Target .Gov Addresses," Brian Krebs writes in Krebs on Security: "Over the weekend, unknown assailants launched a massive cyber attack aimed at flooding targeted dot-gov (.gov) email inboxes with subscription requests to thousands of email lists." more
In mid-August China launched "QUESS" (Quantum Experiments at Space Scale), a new type of satellite that it hopes will be capable of "quantum communications" which is supposed to be hack-proof, through the use of "quantum entanglement". This allows the operator to ensure that no one else is listening to your communications by reliably distributing keys that are then used for encryption in order to be absolutely sure that there is no one in the middle intercepting that information. more
National Telecommunications and Information Administration (NTIA) released a stement today seeking input as part of its efforts to increase IPv6 adoption. more
China's home grown firms are not only grabbing domestic businesses but also venturing to different countries across the world. On the other hand, foreign players face regulatory walls that make it difficult to tap businesses in China." Saibal Dasgupta reporting today in VOA more
State and county election officials across the country employ thousands of computers in election administration, most of them are connected (from time to time) to the internet (or exchange data cartridges with machines that are connected). In my previous post I explained how we must audit elections independently of the computers, so we can trust the results even if the computers are hacked. more