Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
While reading Reuters I came across a news article indicating that a number of high profile agencies - from the United Nations to the Canadian Government to government of Taiwan - were broken into over a period of the past five years. ... I'll say it right now, even though I haven't been briefed on it. It was China. more
Lake City became the second Florida city to pay a substantial ransomware demand to hackers in less than a week. more
The United States' reluctance to invest in IPv6 makes it more likely that China will be in a position to gain the first-mover advantage it seeks. ...Liu Dong, president of the Beijing Internet Institute sums it up succinctly: "We think we can develop the killer applications," he says. China plans to show the rest of the world just how advanced its Internet is at the 2008 Olympics in Beijing. CNGI will control the facilities -- everything from security cameras to the lighting and thermostats -- at the Olympic venues, and events will be broadcast live over the Internet. Even the taxis in Beijing's snarled traffic will connect to CNGI via IPv6 sensors so that dispatchers will be able to direct their drivers away from congestion. more
It's funny, but I recall the battle cry that the WWW was "free" back in its early days. When contributing game concept to the early and great gaming pioneers like Infocom, there was such a great esprit-du-corps amongst our team regarding the fun as well as utility that the WWW offerred. In retrospect, we were so naive. I recall the days when guys like Bill Gates prided themselves on being such a great "hackers" - it was a noble term back then. more
Today we received one of the first phish attempts to be made as a web spam (comment spam/blog spam) attempt. I wasn't convinced, and thought that perhaps it was a way to gather and verify RELEVANT online identities. Someone put me straight. It's phishing. I've often in the past had run-ins with the good folks in the anti virus realm back between 1996 and 2005 who thought Trojan horses and then spyware were not part of their business. Years later the AV business people ruled it is part of their business and ran to catch up. Same with botnets. more
With DNS abuse a topic of increased concern throughout the community, any controversy over adopting the Uniform Rapid Suspension System (URS) for all generic top-level domains (gTLDs) seems misplaced. The URS was designed as a narrow supplement to the Uniform Domain-Name Dispute Resolution Policy (UDRP), applicable only in certain tightly defined circumstances of clear-cut and incontrovertible trademark infringement involving the registration and use of a domain name. more
APNIC Labs, the research arm of Asia-Pacific Network Information Centre, is partnering with Cloudflare for a joint research project relating to the operation of the DNS, reports Geoff Huston, APNIC's Chief Scientist. more
A fledgling international cyber security alliance is continuing to gather backing from private business, according to a recent article published on ComputerWeekly.com. The International Cyber Security Protection Alliance (ICSPA) aims to support law enforcement agencies in countries that lack the resources to fight cybercrime. Commercial security organizations such as McAfee and Trend Micro are supporting the alliance. more
The more I read, the more I see conflicting views on the state of the criminal cybercrime world. On the one hand, the Russian criminal cybercrime underworld is a scary, organized place... On the other hand, there is the position that that position is an exaggeration of what it is actually like and that it's a bunch of ragtag folks who have some advanced computer skills but they are not formally organized. ... I see this very similarly to how I see cyber warfare... more
Phishing, stealing personal information by impersonating a trusted organization, is a big problem that's not going away. Most antiphishing techniques to date have attempted to recognize fake e-mail and fake web sites, but this hasn't been particularly effective. A more promising approach is to brand the real mail and real web sites. more
This article is the first in an occasional series on DKIM/ADSP edge cases that may not be generally recognized or understood. Many people advocate DKIM/ADSP adoption without fully recognizing potential implementation and operational issues. The fact is that the email messaging environment is fraught with opportunities for poor outcomes because of common practices that need to be considered or poorly understood implementations that are not considered... more
Throughout this series of blog posts we've discussed a number of issues related to security, stability, and resilience of the DNS ecosystem, particularly as we approach the rollout of new gTLDs. Additionally, we highlighted a number of issues that we believe are outstanding and need to be resolved before the safe introduction of new gTLDs can occur - and we tried to provide some context as to why, all the while continuously highlighting that nearly all of these unresolved recommendations came from parties in addition to Verisign over the last several years. more
The worldwide public discussion about surveillance produced by the Snowden revelations has so far largely missed a major strategic fault with national security arguments for continued mass surveillance: that economic damage to the technology sector but more fundamentally to the wider economy is a likely result. This damage is also likely to undermine security far more than any potential gains from continuing as we are - or continuing but with some transparency or narrowing that leaves the existing industrial scale surveillance system largely unchecked. more
Verisign posted preliminary public comments on the "Mitigating the Risk of DNS Namespace Collisions" Phase One Report released by ICANN earlier this month. JAS Global Advisors, authors of the report contracted by ICANN, have done solid work putting together a set of recommendations to address the name collisions problem, which is not an easy one, given the uncertainty for how installed systems actually interact with the global DNS. However, there is still much work to be done. I have outlined the four main observations... more
Last week Czech researchers released information on a new worm which exploits CPE devices (broadband routers) by means such as default passwords, constructing a large DDoS botnet. Today this story hit international news... The spread of insecure broadband modems (DSL and Cable) is extremely wide-spread, with numerous ISPs, large and small, whose entire (read significant portions of) broadband population is vulnerable. more
A World-Renowned Source for Internet Developments. Serving Since 2002.