Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Convincing competitors, disparate business entities and researchers to collaborate - many donating their services and resources - to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years. more
The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... more
Yesterday's Wikipedia outage, which resulted from invalid DNS zone information, provides some good reminders about the best and worst attributes of active DNS management. The best part of the DNS is that it provides knowledgeable operators with a great tool to use to manage traffic around trouble spots on a network. In this case, Wikipedia was attempting to route around its European data center because... more
Whenever I examine the technical elements of the various Internet security certifications and standards that organisations are clamouring to achieve compliance against, I can't help but feel that in too many cases those businesses are prioritising the wrong things and wasting valuable resources. They may as well be following a WWI field guide on how to keep cavalry horses nourished and bayonets polished in a world of stealth aircraft and dirty bombs. more
Between December 2, 2018 and May 4, 2019, 197,524 phishing domains were discovered, 66% of which directly targeted consumers according to the latest State of the Internet report by Akamai. more
In my last blog post about Zoom, I noted that the company says "that critics have misunderstood how they do encryption." New research from Citizen Lab show that not only were the critics correct, Zoom's design shows that they're completely ignorant about encryption. When companies roll their own crypto, I expect it to have flaws. I don't expect those flaws to be errors I'd find unacceptable in an introductory undergraduate class, but that's what happened here. more
Over the last few years, there has been an increased effort to modernize the U.S. electric grid. Building a "Smart Grid" has been central in the effort to help utilities better manage their resources, minimize power outages and reduce energy consumption. However, adding more electronic devices and sensors to the grid's network has made it a prime target of cyberattacks, like Distributed Denial of Service (DDoS) attacks, which if successful, could cause wide-spread disruption of services affecting many other sectors. more
Security firm, Armis Labs, has revealed a new attack vector that can target major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.
more
Paul Vixie proposes a 'cooling-off period' when domain names are registered in order to help detect and deter malicious activity. "There's no legitimate reason for a new domain name to be registered and go live in less than a minute... more
Yesterday law enforcement officials arrested 6 people and charged them with running a massive internet fraud ring. Over 4 million PCs were part of the botnet. According to the FBI, "the cyber ring used a class of malware called DNSChanger to infect approximately 4 million computers in more than 100 countries. There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA." more
A new report on 5G and geopolitics by Oxford Information Labs details the complex landscape of 5G security. Importantly, it draws out how a variety of proven technical concerns around the quality of Huawei security practices and equipment are drowned out by the US' Twitter diplomacy. Critical international dialogue on genuine cybersecurity concerns relating to 5G and Huawei are being lost in the noise of the US-China trade war. more
I've been ruminating on this for a while, this follow-up that was a decade in the offing. My article Trench Warfare in the Age of The Laser-Guided Missile from January 2007 did pretty good in terms of views since I wrote it. Less so in terms of how well the ideas aged or didn't, but that's the nature of the beast. Everything gets worse, and simultaneously, better, and so here we are: Using embarrassingly ancient approaches to next-generation threats. Plus ça change. more
I have written about the problems with the "little green lock" shown by browsers to indicate a web page (or site) is secure. In that article, I consider the problem of freely available certificates, and a hole in the way browsers load pages. In March of 2017, another paper was published documenting another problem with the "green lock" paradigm - the impact of HTTPS interception. more
Gradually it seems the word is spreading about a new blocking methodology to interrupt the ability of end users to click and visit phishing sites - thereby having their personal information/credentials at risk. This is the DNS Response Policy Zones. DNS RPZs allows companies that run recursive resolvers to create a zone that will not resolve specific domains. more
A lengthy email to the NANOG mailing list last month concerning suspicious routing activities of a company called Bitcanal initiated a concerted effort to kick a bad actor off the Internet. more
A World-Renowned Source for Internet Developments. Serving Since 2002.