Cybersecurity |
Sponsored by |
|
Every now and then I get emails from readers of my blog. I mostly reply to them in private, but I recently got one question where I thought my reply might be of general interest. I took the liberty of editing the question somewhat, but in essence it was: "If you have any insight you can share with my class on cyber warfare and security, I would be delighted on hearing it." In general, I think that it's an obvious conclusion that both offensive and defensive actions with regard to national telecommunications infrastructure is becoming an integral part of a nations security assessments.... more
Domain Pulse, the yearly get-together of the German-speaking registries of nic.at (Austria), Denic (Germany) and SWITCH (Switzerland) is happening on February 21 and 22 in Vienna. The conference alternates between the countries -- last year it was Switzerland, this year Austria and next year Germany... Domain Pulse covers everything in the domain name arena from management of the DNS, what's happening in each of the ccTLDs, after market and domaining, security threats to the DNS and internet as well as wider issues affecting the internet's development such as internet governance. more
Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more
Wide-Area Data Services (WDS), aka "WAN Optimization" is becoming the most effective way to improve application performance while reducing network traffic. In scenarios where there is significant network latency that would otherwise render many applications unusable, WDS can deliver almost LAN-like speed. Where bandwidth constraints exist and there is no practical or economical option, WDS can help reduce network traffic, allowing you to postpone or avoid circuit upgrades altogether. The technology provides the ability to centralize applications and servers, furthering the cost savings on hardware, software licensing, maintenance and the operation of a distributed architecture. more
Here is a list of the most viewed news and blog postings that were featured on CircleID in 2007. Best wishes for 2008. more
A reasonably well informed article in Thursday's USA Today reminds us that in 2004 Bill Gates said the spam problem would be solved in early 2006, but here at the end of 2007 there's more spam than ever. They go through a laundry list of problems of spambots, new kinds of PDF and MP3 spam, and phishing, and a list of of partial or non-solutions including filters, walled gardens, and an odd system called Boxbe, a hybrid of whitelists, challenge/response, and pay for delivery. Oh, and Bill says he never said spam would be solved... more
It is one thing to bring broadband internet to the masses, but how do we make them drink from the fountain of knowledge? One of the challenges, of course, is that the industry has not yet sold turn-key applications that capture the imaginations of the unconnected. Surprising as it seems, email, Facebook, file swapping and web surfing have not yet attracted 100% of the population. Are there some applications that might lend themselves to a toll-free model in order to reach the rest of the market? more
The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year... more
I have a hypothesis: The Bush administration came to power in December 2000. American telcos were on the precipice about to go into Free fall. We have seen how Bush politicized the Justice Department and are much more aware thanks to John Dean's Broken Government and Charlie Savage's Take Over of the intense desire to aggregate executive power to feed the Addingtons belief in the Unitary Executive. We now know that Cheney was meeting with the energy industry in early 2001 promising them whatever they wanted. We may begin to ask what the domestic telecoms industry was being promised? more
A deal announced today between British Telecom and upstart FON allows BT's Internet customers to share their own broadband connections via WiFi and, in turn, be able to access WiFi free at "thousands" (doesn't say how many) of FON hotspots around the world operated by other Foneros... When you buy home Internet access from BT and opt into this plan, you are also buying roaming access at no extra charge. The technology is supposed to assure that the part of the connection which you share is segregated from your own access so that there are no security problems caused by the sharing. more
Skype's official explanation. Phil Wolff has a good set of interpolated comments on the official explanation. There are two things to add... As the Register points out, last Tuesday was Microsoft's monthly patch day and those patches required a re-boot. If we believe Skype that their problem started with excessive login attempts, this is the only plausible explanation on the table... more
If there were a lifetime achievement award for losing lawsuits for being annoying, Sanford Wallace would be a shoo-in. Fifteen years ago, his junk faxing was a major impetus for the TCPA, the law outlawing junk faxes. Later in the 1990s, his Cyber Promotions set important legal precedents about spam in cases where he lost to Compuserve and AOL. Two years ago, he lost a suit to FTC who sued his Smartbot.net for stuffing spyware onto people's computers. And now, lest anyone think that he's run out of bad ideas, he's back, on the receiving end of a lawsuit from MySpace... more
Last week, my colleagues over at Sunbelt Software discovered a bogus Windows domain being registered earlier this month (where the "w" in "windows" is actually two "v"s). Today, I've been alerted to the fact that are several additional Windows domains which have registered where the "w"s have been also been replaced with "v"s... more
One of my staff members pointed me to an article by Mikko Hyppönen in Foreign Policy. In this article Mikko argues that a new top level domain (TLD) like .bank for some reason would prevent on-line fraud, at least partially. Mikko seems to be arguing that with a dedicated TLD registry for financial institutions and a fee high enough to act as an entry barrier you would have a trustworthy bank domains that would be immune against today's phising attempts... more
Since Skype has an open client-side API, why not use it as a transport to tunnel VPN traffic and blow through firewalls to connect you to a remote system? That's the idea raised by Peeter P. Mõtsküla in his Skype Developer Blog entry: "Idea: skypetunnel". For instance, have a Skype client running on your home machine logged in as one account. Have Skype on your laptop on another account. Initiate a connection between the two of them and wind up with secure, encrypted access through the firewall from wherever you are. Being peer-to-peer, there would be no central servers or infrastructure required (outside the usual Skype p2p cloud.) This would require, of course, a yet-to-be-created "extra" that connected into the Skype client API and was installed on both systems...but that was the point of the article... more
A World-Renowned Source for Internet Developments. Serving Since 2002.