Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Featured Blogs

NTP: The Most Neglected Core Internet Protocol

The Internet of today is awash with networking protocols, but at its core lie a handful that fundamentally keep the Internet functioning. From my perspective, there is no modern Internet without DNS, HTTP, SSL, BGP, SMTP, and NTP. Of these most important Internet protocols, NTP (Network Time Protocol) is the likely least understood and has the least attention and support. Until very recently, it was supported (part-time) by just one person. more»

The Purple Team Pentest

It's not particularly clear whether a marketing intern thought he was being clever or a fatigued pentester thought she was being cynical when the term "Purple Team Pentest" was first thrown around like spaghetti at the fridge door, but it appears we're now stuck with the term for better or worse. Just as the definition of penetration testing has broadened to the point that we commonly label a full-scope penetration of a target's systems with the prospect of lateral compromise and social engineering as a Red Team Pentest -- delivered by a "Red Team" entity operating from a sophisticated hacker's playbook. more»

Navigating the "Pentest" World

The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information security and customer privacy seriously, most CIO/CSO/CISO's can expect to conduct regular "pentests" as a means of validating their organizations or product's security. more»

Data Breaches and You: ISOC Global Internet Report 2016 Explains Critical Steps You Need to Take Now

Data breaches are the oil spills of the digital economy. Over 429 million people were affected by reported data breaches in 2015 -- and that number is certain to grow even higher in 2016. These large-scale data breaches along with uncertainties about the use of our data, cybercrime, surveillance and other online threats are eroding trust on the Internet. more»

Can the Internet Work Across Borders?

On the face of it, the answer is a rather obvious and simple "yes"! The Internet obviously works across borders. Technically, it is a global network servicing its users wherever they may be on the planet. But it is this very nature -- the fact that the Internet is not bound to a specific country or territory -- which has more and more people asking themselves whether it can really work across borders. more»

DNSSEC Activities at ICANN 57 in Hyderabad on 4-7 November 2016

Friday marks the beginning of the ICANN 57 meeting in Hyderabad, India. As per usual there will be a range of activities related to DNSSEC or DANE. Two of the sessions will be streamed live and will be recorded for later viewing. Here is what is happening. All times below are India Standard Time (IST), which is UTC+05:30. Please do join us for a great set of sessions about how we can work together to make the DNS more secure and trusted! more»

The Effects of the Forthcoming FCC Privacy Rules on Internet Security

Last week, the Federal Communications Commission (FCC) announced new privacy rules that govern how Internet service providers can share information about consumers with third parties. One focus of this rulemaking has been on the use and sharing of so-called "Consumer Proprietary Network Information (CPNI)" - information about subscribers - for advertising. The Center for Information Technology Policy and the Center for Democracy and Technology jointly hosted a panel exploring this topic last May... more»

Taking a Closer Look at the Recent DDoS Attacks and What it Means for the DNS

The recent attacks on the DNS infrastructure operated by Dyn in October 2016 have generated a lot of comment in recent days. Indeed, it's not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways, this DNS DDOS prominence is for all the wrong reasons! I'd like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks. more»

Selling DONA Snake Oil at the ITU

A venerable old ITU tradition got underway today. Its Telecommunication Standardization body, known as the ITU-T, gathered, as it has done every four years for much of the past 100 years in a conclave of nations, to contemplate what they should be doing at their Geneva intergovernmental standards meetings for the next four years. The gathering is called the WTSA... Old intergovernmental institutional habits still continue, so the participants are gathered in a remote location in Tunisia called Hammamet. more»

Trust Isn't Easy: Drawing an Agenda from Friday's DDoS Attack and the Internet of Things

Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more»