Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Most Viewed

Trench Warfare in the Age of The Laser-Guided Missile

The historical development of spam fighting is allowing computer-aware criminals to take the upper hand in the fight against what has now evolved into a completely technologically and organizationally merged threat to public safety. If we do not change our strategic approach immediately, the battle, indeed even the war may be all but lost... Of late, much has been said in the popular and computer press about a vector that is annoying, but hardly critical in nature: 'Image spam'. Spammers have jumped on the new technology of 'image-only' payloads, which morph one pixel per message, rendering them unique, and traditional check-sum blocking strategies ineffective... Fortunately this fraudulent stock-touting scheme leaves a paper trail that has allowed for some successful prosecutions in the latter half of the year. Stock spamming, while popular at present time is likely to decline as legal actions increase... more»

Port 25 Blocking, or Fix SMTP and Leave Port 25 Alone for the Sake of Spam?

Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam. This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase... Now, George Ou has just posted an article on ZDNET that disagrees with Larry's article, makes several points that are commonly cited when criticizing port 25 blocking, but then puts forward the astonishing, and completely wrong, suggestion, that worldwide SPF records are going to be a cure all for this problem. Here is my reply to him... more»

Network Solutions Responds to Front Running Accusations

Following a post on the DomainState forum today, a number news and blogs have criticized Network Solutions for front running domain names that customers try to register. (See for instance today's report on DomainNameNews). Jonathon Nevett, Vice President of Policy at Network Solutions, has offered the following in response to the news break... more»

DNS Changer

One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more»

How to Stop Spam

I got a letter the other day from AOL postmaster Carl Hutzler, about how the Internet community could get rid of spam, if it really wanted to. With his permission, here are some excerpts. "Spam is a completely solvable problem. And it does not take finding every Richter, Jaynes, Bridger, etc to do it (although it certainly is part of the solution). In fact it does not take email identity technologies either (although these are certainly needed and part of the solution)." more»

Taking Back the DNS

Most new domain names are malicious. I am stunned by the simplicity and truth of that observation. Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. Domains are cheap, domains are plentiful, and as a result most of them are dreck or worse. more»

.XXX as Proposed is Wrong for Families & Kids

On August 23rd, the Internet Governance Project posted a letter Opposing Political Intervention in the Internet's Core Technical Administrative Functions. I disagree. ICANN and Governments should get involved when it comes to protecting children online. Every effort should be made to make it SIMPLE for average parents to let their children run free online without the risk of running across pornography and adult material while doing so. Why continue to let pornographers run free and unchecked on the most exciting tool created in the history of mankind just because they got there first? more»

An Interview with the Lead Developer of SPF - Part I

CircleID recently interviewed Meng Weng Wong, the lead developer of Sender Policy Framework (SPF) and founder of Pobox.com. As one of the leading anti spam authentication schemes, SPF is used by companies such as AOL, Earthlink, SAP and supported by anti spam companies such as Sophos, Symantec, Brightmail, IronPort, Ciphertrust, MailArmory, MailFrontier, Roaring Penguin Software, and Communigate Pro. Last month, Microsoft announced its agreement to merge Caller ID, its own proposed anti spam authentication scheme, with SPF -- the joint standard is called 'Sender ID'. In this two-part interview, Meng Wong explains how SPF got started, where it is today and what could be expected in the future of email. more»

Sender Address Verification: Solving the Spam Crisis

There are many companies in the spam-fighting business and most, if not all, claim to be hugely successful. Yet spam is exponentially more prevalent today than it was just 2 years ago. How can one conclude that today's anti spam solutions are working? This year spammers will use machine-generated programs to send trillions of unsolicited email. Thankfully, a new anti-spam technology has made its way into the market. more»

Bug Reveals the Snooper in VeriSign's Site Finder

Here's another interesting angle on the Verisign Site Finder Web site. VeriSign has hired a company called Omniture to snoop on people who make domain name typos. I found this Omniture Web bug on a VeriSign Site Finder Web page... more»

Whois Privacy vs. Anonymity

The Internet is often a lawless place. Everyone knows that there are many tricks and traps lurking on the Internet, just waiting to prey on unsuspecting and innocent users. Some of these traps will trash your computer while others will turn your PC into a zombie that will broadcast messages at the virus writer's command. ...The list of annoyances and downright criminal activities seem endless. ...To make the Internet a safer place both legislators and law enforcement are now focusing on the Internet. In the crossfire that's taking place there are many ideas that are being offered up. Some of them are good and some are not. One bad decision that was recently forced upon the Internet community (without hearings -- more on this later) was to eliminate private domain name registrations for .US domain names. ...It's important to understand the difference between privacy and anonymity. more»

Adult-Related TLDs Considered Dangerous

In an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, an analysis is offered for proposals to mandate the use of a special top level name or an IP address bit to flag "adult" or "unsafe" material or the like. This document explains why these ideas are ill considered from legal, philosophical, and technical points of view: "Besides technical impossibility, such a mandate would be an illegal forcing of speech in some jurisdictions, as well as cause severe linguistic problems for domain or other character string names." more»

Is the Internet Dying?

There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more»

Internet Governance: An Antispam Perspective

All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more»

Not a Guessing Game

On Tuesday July 8, CERT/CC published advisory #800113 referring to a DNS cache poisoning vulnerability discovered by Dan Kaminsky that will be fully disclosed on August 7 at the Black Hat conference. While the long term fix for this attack and all attacks like it is Secure DNS, we know we can't get the root zone signed, or the .COM zone signed, or the registrar / registry system to carry zone keys, soon enough. So, as a temporary workaround, the affected vendors are recommending that Dan Bernstein's UDP port randomization technique be universally deployed. Reactions have been mixed, but overall, negative. As the coordinator of the combined vendor response, I've heard plenty of complaints, and I've watched as Dan Kaminsky has been called an idiot for how he managed the disclosure. Let me try to respond a little here, without verging into taking any of this personally... more»