Symantec partners with hosting providers to offer free TLS certificates to website owners

Symantec wants to see the encrypted Web grow and will offer free basic SSL/TLS certificates to domain owners through Web hosting companies that join its new Encryption Everywhere program.The company has already signed partnerships with more than ten hosting providers, including InterNetX, CertCenter, Hostpoint and Zoned in Europe, and is close to finalizing deals with ten others. The customers of those companies will receive a basic website encryption package that includes a standard TLS certificate valid for one year.Depending on their needs, customers will also be able to opt for paid premium packages that include extended validation (EV) certificates or wildcard certificates that are valid for multiple websites hosted on different subdomains.To read this article in full or to leave a comment, please click here

Networking’s not so bad

Ivan’s post this week was a good reminder that other parts of IT aren’t perfect either. It’s not all roses on the other side of the fence. Networking has done many good things, and often showed the way.

Consider a conversation between a sysadmin & a network engineer:

Look at how I can virtualise these systems! Now I can isolate users and consolidate hardware resources. They have no idea they’re on the same hardware. It’s incredible!

Oh. Bit like these VLANs, VRFs, and VDCs we’ve been doing for 15+ years now?

Look at how I can use Puppet to define this server’s complete configuration using a single text file! This is amazing! I can use version control for my infrastructure!

Oh. You mean like this single text file that defines the configuration of my network device here? Yes, yes that does seem useful.

Why do you networking people have so many different ways of configuring systems? Why don’t you just have one common API?

Oh. You mean like the way that there’s a Universal install script Linux systems?

SNMP sucks. The data format is terrible, implementations are inconsistent. Why don’t you switch to gRPC?

Wait, weren’t you telling me last Continue reading

Top websites affected by Angler exploit kit malvertising, security vendors say

Tens of thousands of Web browsers may have been exposed to ransomware and other malware over the last few days after malicious advertisements appeared on high-profile websites, security vendors said Monday.The malicious advertisements are connected to servers hosting the Angler exploit kit, a software package that probes a computer for software vulnerabilities in order to deliver malware, Trend Micro said.Security vendor Trustwave wrote on Monday that it also detected a large Angler-related malvertising campaign.To read this article in full or to leave a comment, please click here

Google has doubled its bounty for a Chromebook hack to US$100,000

Google doubled the bounty it will pay for a successful exploit of its Chromebook laptop to US$100,000, sweetening the pot in hopes of drawing more attention from security researchers.The larger reward is intended for someone who finds a persistent compromise of a Chromebook in guest mode, according to Google's security blog on Monday."Since we introduced the $50,000 reward, we haven’t had a successful submission," Google wrote. "That said, great research deserves great awards, so we’re putting up a standing six-figure sum, available all year round with no quotas and no maximum reward pool."To read this article in full or to leave a comment, please click here

Pica8 overcomes white box obstacles

The evolution to software defined networking (SDN) is well underway. ZK Research (I am an employee of ZK Research) shows that almost 80% of organizations are interested in the topic, although fewer than 10% have actually deployed the technology. This means there are a huge number of organizations trying to understand the best way to deploy SDN. One such way is to leverage the cost benefits of a white box switch with some sort of standards-based technology such as OpenFlow. Low cost hardware, industry standards and a few best practices should make for a relatively straightforward deployment. Not so fast. Not all white boxes are created equal. While all white box switches do offer compelling economics, they are known to have some performance issues. White box switches deployed as a top of rack (ToR) need handle tens of thousands of flows.To read this article in full or to leave a comment, please click here

The Design Mindset (1)

How does a network designer, well, actually design something? What process do you use as a designer to get from initial contact with a problem to building a new design to deploying a solution? What is the design mindset? I’ve been asking myself just this question these last few months, going through old documentation to see if I can find a pattern in my own thinking that I could outline in a way that’s more definite than just “follow my example.” What I discovered is my old friends the OODA loop and the complexity model are often in operation.

So, forthwith, a way to grab hold of a designer mindset, played out in an unknown number of posts.

Begin with observe. Observation is the step we often skip, because we’ve either worked on the network for so long “we don’t need to,” or we’re “so experienced we know what to look for.” This is dangerous. Let me give you an example.

ooda-complexityA long time ago, in a small shire on the borders of reality (it seems now), I worked on a piece of equipment we called the funnyman. Specifically, this was the FNM-1, which was used to detect runway Continue reading

Ukraine Emerges as Bogus Routing Source

decision_marketing

Last fall, the Interior Minister of Ukraine announced the creation of a national Cyberpolice (Кіберполіцію) to protect the country from everything from credit card fraud to malware.  Here’s something that would be great to add to their list: fraudulent BGP routing out of Ukraine.  Last year, we reported on an incident in which Ukrainian ISP Vega hijacked routes from British Telecom (including that of the UK’s Atomic Weapons Establishment), an event that could perhaps be chalked up to an innocent mistake.  However, the fraudulent routing we’re now seeing from Ukraine is deliberately designed to go unnoticed.  We’ll review some of this new behavior in this blog.

Governments take note

The profile of this issue has grown in the past year as governments have had to respond to their address space being fraudulently used.  Last July, the Dutch Minister of Foreign Affairs (pictured right) was confronted with parliamentary questions concerning an incident where “attackers” had commandeered IP address space belonging to the Ministry of Foreign Affairs the previous year.  In that incident, on 18 November 2014, Decision Marketing (AS62228) out of Sofia, Bulgaria began globally announcing eleven BGP routes that did not belong to Continue reading

OED tools: bash oneliners

Linux scripting is a skill every network/system engineer should learn in the early stages of the career. Plenty of guides available in the interwebz, The Bash Academy is a good start. A particular type of scripts are the one-liners: just a line of code to solve a problem. This is the latest I’ve used while […]

Documents with malicious macros deliver fileless malware to financial-transaction systems

Spammed Word documents with malicious macros have become a popular method of infecting computers over the past few months. Attackers are now taking it one step further by using such documents to deliver fileless malware that gets loaded directly in the computer's memory.Security researchers from Palo Alto Networks analyzed a recent attack campaign that pushed spam emails with malicious Word documents to business email addresses from the U.S., Canada and Europe.The emails contained the recipients' names as well as specific information about the companies they worked for, which is not typical of widespread spam campaigns. This attention to detail lent more credibility to spam messages and made it more likely that victims would open the attached documents, the researchers said.To read this article in full or to leave a comment, please click here

Snuggling Up to Papers We Love – What’s Your Favorite Paper?


From a talk by @aysylu22 at QCon London on modern computer science applied to distributed systems in practice.

 

 

There has been a renaissance in the appreciation of computer science papers as a relevant source of wisdom for building today's complex systems. If you're having a problem there's likely some obscure paper written by a researcher twenty years ago that just might help. Which isn't to say there aren't problems with papers, but there's no doubt much of the technology we take for granted today had its start in a research paper. If you want to push the edge it helps to learn from primary research that has helped define the edge.

If you would like to share your love of papers, be proud, you are not alone:

An Abundance of Incident Response Bottlenecks

Manual processes represent a major incident response bottleneck at enterprise organizations.  Here are a few alarming data points from some recent ESG research (note: I am an ESG employee):1.       27% of enterprise organizations (i.e. those with more than 1,000 employees) spend at least 50% of their incident response time on manual processes like filling out paper work, finding a particular person, physically viewing multiple security management tools, etc.2.       93% of organizations believe that their incident response efficiency and effectiveness is limited by the time and effort required for manual processes.As if this wasn’t bad enough, IR process issues are exacerbated by a few other challenges:To read this article in full or to leave a comment, please click here