Threat Intelligence |
Sponsored by |
|
A couple of days ago there was a lot of interest in how terrorists may have been using chat features of popular video console platforms (e.g. PS4, XBox One) to secretly communicate and plan their attacks. Several journalists on tight deadlines reached out to me for insight in to threat. Here are some technical snippets on the topic that may be useful for future reference. more
If a scholar was to look back upon the history of the Internet in 50 years' time, they'd likely be able to construct an evolutionary timeline based upon threats and countermeasures relatively easily. Having transitioned through the ages of malware, phishing, and APT's, and the countermeasures of firewalls, anti-spam, and intrusion detection, I'm guessing those future historians would refer to the current evolutionary period as that of "mega breaches" (from a threat perspective) and "data feeds". more
Are you ready to help me make the Internet more secure? Here's your chance to join me in a project to create an open-source hardware device to protect email, files and other data from hackers and government spies. The CrypTech Project was founded in late 2013 after NSA whistleblower Edward Snowden revealed that the US and other governments were exploiting weak cryptography and loose standards to gain access to citizens' email, documents, and other files. more
Governments often use small players as pawns in their global games of chess. Two weeks ago the European Court of Justice invalidated the EU-US Safe Harbor ("Safe Harbor") framework, turning Internet businesses into expendable pawns in a government game. But for the past fifteen years, Safe Harbor allowed data flows across the Atlantic -- fostering innovation and incredible economic development. more
DMARC is an anti-phishing technique that AOL and Yahoo repurposed last year to help them deal with the consequences of spam to (and apparently from) addresses in stolen address books. Since DMARC cannot tell mail sent through complex paths like mailing lists from phishes, this had the unfortunate side effect of screwing up nearly every discussion list on the planet. Last week the DMARC group published a proposal called ARC, for Authenticated Received Chain, that is intended to mitigate the damage. What is it, and how likely is it to work? more
Every person and every entity must have a philosophy if they are to be successful. Consumer trust is one of the key issues at the heart of keeping the Internet open as well as prosperous. The ICANN Affirmation of Commitments was signed in 2009 and has been the guiding principle for ICANN's activities going forward. The title of section 9.3 is Promoting competition, consumer trust, and consumer choice. This section is in essence the embodiment of the commitment of ICANN. more
There's been a lot of media attention in the last few days to a wonderful research paper on the weakness of 1024-bit Diffie-Hellman and on how the NSA can (and possibly does) exploit this. People seem shocked about the problem and appalled that the NSA would actually exploit it. Neither reaction is right. In the first place, the limitations of 1024-bit Diffie-Hellman have been known for a long time. RFC 3766, published in 2004, noted that a 1228-bit modulus had less than 80 bits of strength. That's clearly too little. more
NANOG 65 was once again your typical NANOG meeting: a set of operators, vendors, researchers and others for 3 days, this time in Montreal in October. Here's my impressions of the meeting... The opening keynote was from Jack Waters from Level 3, which looked back over the past 25 years of the Internet, was interesting to me in its reference to the "Kingsbury Letter". more
At Verisign we take our Internet stewardship mission very seriously, so when details emerged over the past week concerning the XcodeGhost infection, researchers at Verisign iDefense wanted to help advance community research efforts related to the XcodeGhost issue, and leveraging our unique capabilities, offer a level of public service to help readers determine their current and historical level of exposure to the infection. more
Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. more