Short Take – HTTPS Interception
HTTPS was created to ensure end to end encryption of web traffic but both good guys and attackers circumvent this with man-in-the-middle interception. In this Short Take, Russ talks about some of the mechanics of HTTPS interception as well as some implications of doing it intentionally.
Russ White
The post Short Take – HTTPS Interception appeared first on Network Collective.
New Malware Uninstalls Cloud Security Products, Unit 42 Researchers Say
The new code can uninstall agent-based security software by Tencent Cloud and Alibaba Cloud, the top two cloud providers in China.
Will Germany be Next to Block Huawei From 5G Networks?
The German government is said to be planning measures that would basically block Huawei from participating in future 5G networks.
Race to Operationalize Cloud Native Applications Underway
IT operations teams need to get ahead of Kubernetes deployments that will soon span the extended enterprise.
Internet Society Delhi Chapter and CCAOI Organize Webinar on India’s Draft Intermediary Rules
On 10 January, the Internet Society Delhi Chapter and CCAOI jointly organised an interactive webinar on the draft Information Technology [Intermediary Guidelines (Amendment) Rules] 2018 (“the draft Intermediary Rules”) to improve understanding of it and to encourage members and other Indian stakeholders to submit their comments to the Ministry of Electronics and Information Technology (MeitY) during their public comment period. The draft Intermediary Rules seeks to modify Section 79(2)(c) of the Information Technology Act, 2000 (the IT Act). Section 79 of the IT Act introduces obligations for intermediaries to meet to gain exemption from liability over the third-party information that they “receive, store, transmit, or provide any service with respect to.” These proposed changes were developed by MeitY to try to address misinformation and harmful content on social media, which have been connected with lynching and other recent violent acts of vigilantism.
The session was moderated by Subhashish Panigrahi, chapter development manager for Asia-Pacific at the Internet Society, and Amrita Choudhury, treasurer of the Internet Society Delhi Chapter and director of the CCAOI.
The changes to the IT Act proposed in the draft Intermediary Rules would require intermediaries to provide monthly notification to users on content they should not share; ensure that the originator Continue reading
Vodafone, IBM Launch $550 Million Multi-Cloud Joint Venture
The new organization, co-led by Vodafone and IBM, will provide European companies with technologies that integrate and manage multiple clouds.
Cybeats Releases IoT Security, Monitoring App on Palo Alto Networks Framework
The Cybeats IoT Radar app provides internal defense, monitoring, and lifecycle management directly to IoT devices.
VMware PKS Update Embraces Azure, Kubernetes Security
VMware CEO Patrick Gelsinger told attendees at a recent investor conference that the company was “seeing [a] good uptick” in adoption of PKS.
One-Click DNSSEC with Cloudflare Registrar
When you launch your domain to the world, you rely on the Domain Name System (DNS) to direct your users to the address for your site. However, DNS cannot guarantee that your visitors reach your content because DNS, in its basic form, lacks authentication. If someone was able to poison the DNS responses for your site, they could hijack your visitors' requests.
The Domain Name System Security Extensions (DNSSEC) can help prevent that type of attack by adding a chain of trust to DNS queries. When you enable DNSSEC for your site, you can ensure that the DNS response your users receive is the authentic address of your site.
We launched support for DNSSEC in 2014. We made it free for all users, but we couldn’t make it easy to set up. Turning on DNSSEC for a domain was still a multistep, manual process. With the launch of Cloudflare Registrar, we can finish the work to make it simple to enable for your domain.
You can now enable DNSSEC with a single click if your domain is registered with Cloudflare Registrar. Visit the DNS tab in the Cloudflare dashboard, click "Enable DNSSEC", and we'll handle the rest. If you are Continue reading
Update on Latin America and Caribbean Workshop for Chapter Leaders
In July 2018, the Internet Society’s Latin America and Caribbean Bureau held another edition of the Workshop for Chapter Leaders. Besides discussing the challenges and opportunities of participation in their respective chapters, the 34 attendees began the implementation of several projects related to our 4 key issues of 2018. Starting 2019, I am glad to share with you the main results of these projects.
Participation showed a strong preference for Internet access issues. As a result, 10 of the 23 projects implemented were focused on Community Networks. Following our vocation in favor of the multistakeholder approach and the participation of the community, 8 of the projects took Internet Governance as a central theme. The remaining 5 projects focused on trust and security by focusing on Internet of Things (IoT) and Internet routing security through MANRS.
The results are inspiring, since they reflect the diversity of the Latin American and Caribbean region. In Community Networks, projects include a broad spectrum of related topics, ranging from the deployment and implementation of networks to the analysis and mapping of regulatory conditions to ensure such deployment. In addition, some of the projects focused on capacity building through webinars.
In terms of Internet Governance, awareness Continue reading
Huawei’s Got 99 Problems and Futurewei’s One
And Poland arrested a Chinese Huawei employee and charged him with spying for Beijing.
Short Take – IPv6 Security Considerations
It this Network Collective Short Take, Russ White discusses security considerations when deploying and operating IPv6.
Russ White
The post Short Take – IPv6 Security Considerations appeared first on Network Collective.
Get IoT Smart: Homework for Many Indonesians
Today’s guest post is from Bhredipta Socarana, an Intellectual Property lawyer based in Indonesia and a Youth@IGF Fellow.
As one of the most populated countries, Indonesia has grown as one of the biggest markets for technology development. From the import of various over-the-top platforms to the implementation of Artificial Intelligence, technology has changed the Indonesian livelihood, including my own. This is also the case for Internet of Things (IoT).
As an emerging country, Indonesia admittedly has not been an advance player in responding to technology improvement. Despite the heavy invasion of technology-related products, many Indonesians have homework to do, especially for IoT. The business player needs to be aware of the responsibility of manufacturing and distributing IoT, while the public must also be aware of the various risks that they may be exposed to using IoT products.
Through the rapid development of technology and the intention of the Indonesian government to push the public to enter the “Industrial Revolution 4.0,” it will be mostly impossible to prevent penetration of IoT to our life. This leaves the public with the need to get smart with IoT.
Privacy and cybersecurity are among the issues revolving around IoT, and the need to have a Continue reading
Cloud Security Acquisitions, OneLogin $100M Funding Round Preview What’s In Store
The opening days of 2019 also saw Sophos purchase cloud security startup Avid Secure and Akamai Technologies reach a deal to acquire Janrain.
Martello Technologies Uses SD-WAN to Optimize IoT Systems
The work is part of its participation in the Blackberry and L-Spark Accelerator Program, a program building network performance management technologies for IoT.
Geo IP Databases are Highly Inaccurate
Lots of network monitoring platforms use GeoIP databases to track/monitor sources. These databases are, perhaps, 75% accurate (for some definition of accurate). This is your regular reminder to have a sense of caution about location based on public IP address. John S. and his mother Ann live in the house, which is in Pretoria, the […]
The post Geo IP Databases are Highly Inaccurate appeared first on EtherealMind.
Forget the uCPE, 2019 Will Usher in the uSD-WAN
In 2019 SD-WAN solutions will converge toward a universal archetype.
Enterprises Spent $125B on IT Infrastructure in 2018, Says Synergy Research
While Cisco maintained its dominance in the enterprise infrastructure market, HPE beat out the vendor in the data center server segment of the market.
What Makes IoT A Security Risk?
IoT security is a pretty hot topic in today’s world. That’s because the increasing number of smart devices is causing issues with security professionals everywhere. Consumer IoT devices are expected to top 20 billion by 2020. And each of these smart devices represents an attack surface. Or does it?
Hello, Dave
Adding intelligence to a device increases the number of ways that it can compromised. Take a simple thermostat, for example. The most basic themostat is about as dumb as you can get. It uses the expansion properties of metal to trigger switches inside of the housing. You set a dial or a switch and it takes care of the rest. Once you start adding things like programmability or cloud connection, you increase the number of ways that you can access the device. Maybe it’s a webpage or an app. Maybe you can access it via wireless or Bluetooth. No matter how you do it, it’s more available than the simple version of the thermostat.
What about industrial IoT devices? The same rule applies. In this case, we’re often adding remote access to Supervisory Control And Data Acquistion (SCADA) systems. There’s a big market from enterprise IT providers to create Continue reading
Consensys and AMD Build Blockchain-Based Cloud Infrastructure
The new company, called W3bcloud, is developing data center products to support blockchain-based workloads and applications.