Weekend Reads 022318: Copyright, walls, and botnets

Rejecting years of settled precedent, a federal court in New York has ruled [PDF] that you could infringe copyright simply by embedding a tweet in a web page. Even worse, the logic of the ruling applies to all in-line linking, not just embedding tweets. If adopted by other courts, this legally and technically misguided decision would threaten millions of ordinary Internet users with infringement liability. —Daniel Nazer @EFF

Security advances throughout the centuries have been mostly technical adjustments in response to evolving weaponry. Fortification — the art and science of protecting a place by imposing a barrier between you and an enemy — is as ancient as humanity. From the standpoint of theory, however, there is very little about modern network or airport security that could not be learned from a 17th century artillery manual. That should trouble us more than it does. —Jack Anderson

Akamai’s Fourth Quarter, 2017 State of the Internet, was released today in which it states that the analysis of more than 7.3 trillion bot requests per month has found a sharp increase in the threat of credential abuse, with more than 40 percent of login attempts being malicious. Additionally, the report warns DDoS attacks Continue reading

Brick Dome and Lamp

Worth Reading: MedSec and hackable IoT

In Fall 2016 I was invited to come to Miami as part of a team that independently x0000_sjm_quadraassuramp20crt20dvalidated some alleged flaws in implantable cardiac devices manufactured by St. Jude Medical (now part of Abbott Labs). These flaws were discovered by a company called MedSec. —Matthew Green @cryptographyengeering

Worth Reading: Analyzing Keilhos

This network forensics video tutorial covers how to analyze SPAM email traffic from the Kelihos botnet. —Erik Hjelmvik @NetRecSec

Short Take: The Broadcom SDKLT Announcement

My first short take at The Network Collective is up discussing the Broadcom SDKLT announcement. Does this really mean the end of vendors or network engineering? You can guess my answer, or you can watch the video and hear it for yourself.

Worth Reading: Cisco’s ASA vulnerability exploited

Hackers are actively trying to exploit a high-severity vulnerability in widely used Cisco networking software that can give complete control over protected networks and access to all traffic passing over them, the company has warned. —Dan Goodin @ARS Technica

Worth Reading: The dawn of OpenSource

Open Source software became a movement 20 years ago this month. To mark the occasion, Christine Peterson shared a never-before-published memoir about that day in February of 1998 when she coined the phrase Open Source. —David Cassel @The New Stack

History of Networking: Policy with Joel Halpern

Policy at Internet scale is a little understood, and difficult (potentially impossible) to solve problem. Joel Halpern joins the History of Networking over at the Network Collective to talk about the history of policy in the Internet at large, and networked systems in general.

Worth Reading: Pushed to th Edge

Anything with a benefit in efficiency will always find its niche, and it will change to plug into new niches as they arise and make use of ever-cheaper technologies as they advance from the edges. —Timothy Prickett Morgan @The Next Platform

Worth Reading: Asking the wrong questions

The National Academy of Sciences (NAS) released a much-anticipated report yesterday that attempts to influence the encryption debate by proposing a “framework for decisionmakers.” At best, the report is unhelpful. At worst, its framing makes the task of defending encryption harder. —Andrew Crocker and Nate Cardozo @EFF

On the ‘net: Spectre, Meltdown, and Flexible Scaleout

The recent Meltdown and Spectre attacks illustrate the problematic nature of modern computing systems. While the earlier Rowhammer attack could read or attack one process running in a virtual environment from another process running on the same processor, the Meltdown and Spectre attacks are of a completely different class, enabling a process to read large amounts of information from another process’ memory space. @GestaltIT

Worth Reading: Three strategies for navigating moral disagreement

We in America and Western Europe, and by now many other places in the world, have this idea of people as fundamentally rational. On this account, our profound cognitive abilities are designed to help us discover objective truths about the world through logical argument and empirical observation. Contemporary research in cognitive science, psychology and related fields paints a much different picture. —Musa Al-Gharbi @Heterodox Academy

Worth Reading: How bad is IPv4 address exhaustion?

I often get asked questions along the lines of “How bad is IPv4 address exhaustion, honestly?”. I take the responsibility of answering questions like these seriously; I think it’s important that a broad cross section of people understand the issue. —Paul Wilson @APNIC

Enterprise versus Provider?

Two ideas that are widespread, and need to be addressed—

FANG (read this hyper/web/large scale network operators) have very specific needs; they run custom-built single-purpose software in a very big scale. So all the really want/need are dumb boxes and smart people. … Enterprise have another view, they want smart boxes run by dumb people.

First, there is no enterprise, there are no service providers. There are problems, and there are solutions.

When I was young (and even more foolish than I am now) I worked for a big vendor. When this big vendor split the enterprise and service provider teams, I thought this kindof made sense. After all, providers have completely different requirements, and should therefore run with completely different technologies, equipment, and software. When I thought of providers in those days, I thought of big transit network operators, like AT&T, and Verizon, and Orange, and Level3, and Worldcom, and… The world has changed since then, but our desire to split the world into two neat halves has not.

If you want to split the world into two halves, split it this way: There are companies who consider the network an asset, and companies that consider the network a Continue reading

Worth Reading: How self sufficient do you want to be?

The first car I got decades ago was a simple mechanical beast – you’d push something, and a cable would make sure something else moved somewhere. I could also fix 80% of the problems, and people who were willing to change spark plugs and similar stuff could get to 90+%. —Ivan Pepelnjak

Weekend Reads 180216: Skimmers and MITM and x509 Covert Channels, oh my…

When you realize how easy it is for thieves to compromise an ATM or credit card terminal with skimming devices, it’s difficult not to inspect or even pull on these machines when you’re forced to use them personally — half expecting something will come detached. For those unfamiliar with the stealth of these skimming devices and the thieves who install them, read on. @Krebs on Security

Here is a short blog post that explains how you can make your own Man-in-the-Middle (MitM) setup for sniffing the traffic between a SIM card and the backend server. This is NOT a new research but I hope this will help anyone who doesn’t have a telco background to get started to play with mobile data sniffing and fake base stations. This is applicable to many scenarios today as we have so many IoT devices with SIM cards in it that connects to the backend. —Priya Chalakkal @The Insinuator

He got the idea while analyzing the Vawtrak malware after discovering that it read multiple fields in the X.509 certificate provided by the server before proceeding. Jason initially thought these fields were used as a C2 channel, but then realized that Vawtrak performed a Continue reading

Windowed Dome

Worth Reading: The Future of IPv6

In reviewing the IPv6 threat concerns identified in the 13th Annual Worldwide Infrastructure Security Report (WISR), I am stricken by how today’s perceived threats are similar to what was observed and expected by early adopters 10 (or even 15) years ago. —Bill Cerveny @Arbor

Worth Reading: SDN and tech policy

Software-defined networking (SDN) describes a type of network design where a software program runs separately from the underlying hardware routers and switches can control how traffic is forwarded through the network. —Nick Feamster @Freedom to Tinker

On the ‘net: Rethinking Firewalls

In January of 1995, Network Translation’s PIX firewall received the “hot product of the year” award from Data Communications Magazine. While the PIX was originally designed to perform Network Address Translation (NAT), doing for the IP host market what the PBX market did for the telephone, the PIX itself quickly morphed into the original appliance-based firewall. In those heady days in the Cisco Technical Assistance Center (TAC), we spent hours thinking through how best to build a Demilitarized Zone (DMZ) using PIX’s and routers so the network simply could not be penetrated. We built walls around our networks to defend them against the hoards of horseback riding invaders. @ECI