Cyberespionage groups are stealing digital certificates to sign malware

An increasing number of cyberespionage groups are using stolen code-signing certificates to make their hacking tools and malware look like legitimate applications.The latest example is a China-based hacker group that has launched targeted attacks against government and commercial organizations from around the world over the past two years.The group's activities were uncovered by researchers from Symantec in late 2015 when they detected a digitally signed hacking tool that was used in an attack against one of the company's customers.The tool, a Windows brute-force server message block (SMB) scanner, was signed with a digital certificate that belonged to a South Korean mobile software developer. This immediately raised red flags as a mobile software company would have no reason to sign such an application.To read this article in full or to leave a comment, please click here

Worth Reading: DRM and HTML5

The World Wide Web Consortium (W3C), which makes the core standards that the Internet runs on, is in the midst of a long, contentious effort to add “DRM” (Digital Rights Management1) to HTML5, the next version of the Web. Laws like the Digital Millennium Copyright Act (which has analogs all over the world) give companies the power to make legal threats against people engaged in important, legitimate activities. Because the DMCA regulates breaking DRM, even for legal reasons, companies use it to threaten and silence security researchers who embarrass them by pointing out their mistakes, and to shut down competitors who improve their products by adding legitimate features, add-ons, parts, or service options. The Web relies on the distributed efforts of independent security researchers, and its historic strength has been the ability of companies and individuals to innovate without permission, even when they were disrupting an existing business. -via the EFF

The post Worth Reading: DRM and HTML5 appeared first on 'net work.

Open Source NFV for Cost-Effective, High-Performance Networking

DPDK is now the open source framework for high-performance packet processing.

Datanauts 027: What Is A Cloud-Native Application?

What does it mean for an application to be “cloud-native”? The Datanauts and guest Tony Bourke dive into the fundamentals of applications designed to live in the cloud.

The post Datanauts 027: What Is A Cloud-Native Application? appeared first on Packet Pushers.

Datanauts 027: What Is A Cloud-Native Application?

What does it mean for an application to be “cloud-native”? The Datanauts and guest Tony Bourke dive into the fundamentals of applications designed to live in the cloud.

The post Datanauts 027: What Is A Cloud-Native Application? appeared first on Packet Pushers.

Thoughts On Encryption

The debate on encryption has heated up significantly in the last couple of months. Most of the recent discussion has revolved around a particular device in a specific case but encryption is older than that. Modern encryption systems represent the culmination of centuries of development of making sure things aren’t seen.

Encryption As A Weapon

Did you know that twenty years ago the U.S. Government classified encryption as a munition? Data encryption was classified as a military asset and placed on the U.S. Munitions List as an auxiliary asset. The control of encryption as a military asset meant that exporting strong encryption to foreign countries was against the law. For a number of years the only thing that could be exported without fear of legal impact was regular old Data Encryption Standard (DES) methods. Even 3DES, which is theoretically much stronger but practically not much better than it’s older counterpart, was restricted for export to foreign countries.

While the rules around encryption export have been relaxed since the early 2000s, there are still some restrictions in place. Those rules are for countries that are on U.S. Government watch lists for terror states or governments deemed “rogue” states. Continue reading

AT&T wants the world to see its software for spinning up services

AT&T has revealed details of a software platform that makes it easier for customers to order new services, and the company may release the code as open source for other service providers to use.The massive U.S. carrier has been on a full-tilt push to put its network under software control for the past several years, aiming to slash the time and effort required to deliver new services and change settings like the speed of a customer's connections. It's starting to offer subscribers a way to set up or modify services instantly through a Web portal. The effort is also helping AT&T save money, partly by using generic "white box" hardware.To read this article in full or to leave a comment, please click here

AI is not as remarkable as it sounds

Artificial intelligence (AI) may conjure up far-fetched ideas of robot assistants, or perhaps an all-seeing presence like HAL 9000, the sentient machine in the movie 2001. But the likelier truth is that AI will come in the form of software running in your data center.And it will be coming very soon: Research firm Gartner predicts that "smart machines" will have a widespread impact on business within the next four years.In general terms it's likely that AI will be able to help IT departments do their job - and help businesses be more productive – by ensuring that "processes get applied, stuff is accurate, errors are eliminated, and compliance is met," according to Dr Stuart Anderson, a research fellow at the Future of Humanity Institute at the University of Oxford.To read this article in full or to leave a comment, please click here

Scrutinizing The Cisco-Arista Legal Findings

Software-Defined Architecture: What To Consider

A scheme in India to help the poor raises privacy concerns

India’s legislators are on Wednesday debating a law that would allow the government to collect biometric and demographic information from people in return for distributing to them government benefits and subsidies.A number of legislators and civil rights activists are concerned about the absence of strong privacy safeguards in the legislation and a provision in the law that allows the government to access the data collected for national security reasons. There is also concern that such a large centralized database of personal information could be hacked and critical information leaked.Activists are also wary that the program could be extended by the government to make it a mandatory digital ID card for people in the country. Already some telecommunications services and financial services companies use the biometric identity as an optional way for verifying customers.To read this article in full or to leave a comment, please click here

Table Sizes in OpenFlow Switches

This article was initially sent to my SDN mailing list. To register for SDN tips, updates, and special offers, click here.

Usman asked a few questions in his comment on my blog, including:

At the moment, local RIB gets downloaded to FIB and we get packet forwarding on a router. If we start evaluating too many fields (PBR) and (assume) are able to push these policies to the FIB - what would become of the FIB table size?

Short answer: It would explode ;)

General – How to Build a Network Pt.1

Building a strong network of people is very important in creating a successful career in IT. In these posts we will start first look at why building a network is important and in the other posts we will look at how to actually build the network and how to make sure that you are also contributing to the network and not only exploiting it.

If you came here to read about connecting cables or routing protocols, sorry, this is not that kind of post. This post is about how to build a network of people.

People often understimate the power of having a big reach in the industry through a network of people. I often hear in my role that I’m almost too effective sometimes. Part of that is because I have a very good network of people that I trust and rely on. In this blog we will look at WHY you want to build a network of people.

The Borg Mind – Have you heard of Star Trek? No? Are you sure you work in IT? Jokes aside, there is species called the Borg in the series which do not so nice things. What it is nice about Continue reading

Large advertising-based cyberattack hit BBC, New York Times, MSN

Major websites including the BBC, Newsweek, The New York Times and MSN ran malicious online advertisements on Sunday that attacked users' computers, a campaign that one expert said was the largest seen in two years.The websites weren't at fault. Instead, they are unwitting victims of malvertising, a scheme where cyberattackers upload harmful ads to online advertising companies, which are then distributed to top-tier publishers.Tens of thousands of computers could have been exposed to the harmful advertisements on Sunday, which means some running vulnerable software may have been infected with malware or file-encrypting ransomware.Some bad ads were still appearing on some websites including the BBC on Monday, said Jerome Segura, a senior security researcher with Malwarebytes, in a phone interview Tuesday.To read this article in full or to leave a comment, please click here

Ubiquity gear replacing BT HomeHub router

These are my notes from setting up Ubiquity wifi access point and router to replace the horrible BT HomeHub 5.

What’s wrong with BT HomeHub?

• It can’t hand out non-BT DNS servers (and BT’s DNS servers MITM your queries and spoof NXDOMAIN if the reply has rfc1918 addresses in them. This is known and they “can’t” turn this off)
  • This means that I had to turn off the DHCP server and run my own on a raspberry pi. So I’m actually replacing two devices. It was already not a all-in-one-box solution.
• The port forwarding database is not using unique key constraints, so you have to try and re-try adding port forwardings until you’re lucky and don’t hit a key collision.
• Only one wifi network. I want untrusted things (IoT) to be firewalled from the rest.
• I want to deny Internet access to some IoT things. I don’t need them to be able to connect anywhere. HomeHub doesn’t support that.
• Wifi range is not great. Not terrible, but bad enough that it doesn’t cover my home.
• I don’t know if it’s to blame, but I did not have a good experience trying to set up a second AP to automatically roam Continue reading

Ubiquity gear replacing BT HomeHub router

These are my notes from setting up Ubiquity wifi access point and router to replace the horrible BT HomeHub 5.

What’s wrong with BT HomeHub?

• It can’t hand out non-BT DNS servers (and BT’s DNS servers MITM your queries and spoof NXDOMAIN if the reply has rfc1918 addresses in them. This is known and they “can’t” turn this off)
  • This means that I had to turn off the DHCP server and run my own on a raspberry pi. So I’m actually replacing two devices. It was already not a all-in-one-box solution.
• The port forwarding database is not using unique key constraints, so you have to try and re-try adding port forwardings until you’re lucky and don’t hit a key collision.
• Only one wifi network. I want untrusted things (IoT) to be firewalled from the rest.
• I want to deny Internet access to some IoT things. I don’t need them to be able to connect anywhere. HomeHub doesn’t support that.
• Wifi range is not great. Not terrible, but bad enough that it doesn’t cover my home.
• I don’t know if it’s to blame, but I did not have a good experience trying to set up a second AP to automatically roam Continue reading

Managing Cisco IOS Upgrades with Ansible

I was recently asked to automate the way a client handles Cisco IOS upgrades. As I’ve been using Ansible a lot lately I decided to start there. Basically the steps required to do the upgrade can be broken down into parts which map quite nicely to tasks in an Ansible playbook. Even if you aren’t using IOS you might find it interesting to see how different Ansible modules can be combined in order to complete a set of tasks.

AT&T Considers Open Sourcing Its SDN ‘Foundation’

John Donovan introduces Ecomp on the ONS 2016 stage.

Managing Cisco IOS Upgrades with Ansible

I was recently asked to automate the way a client handles Cisco IOS upgrades. As I’ve been using Ansible a lot lately I decided to start there. Basically the steps required to do the upgrade can be broken down into parts which map quite nicely to tasks in an Ansible playbook. Even if you aren’t using IOS you might find it interesting to see how different Ansible modules can be combined in order to complete a set of tasks.
Continue reading

Privacy issues hit all branches of government at once

In a rare confluence of events, all three branches of the federal government are weighing changes that would affect when and how personal data is accessed.The approaches are somewhat contradictory: Some moves would protect citizen privacy, while others could result in more access by government agencies to records kept by businesses and smartphone users about personal information. Encryption technology is usually at the center of the discussions, with intelligence officials eager to find ways to detect communications on smartphones used by criminals and terrorists.Various actions are taking place in the federal judiciary, before Congress, as well as the executive branch.To read this article in full or to leave a comment, please click here