Google threatens action against Symantec-issued certificates following botched investigation

Google wants Symantec to disclose all certificates issued by its SSL business going forward, after what Google considers a botched investigation into how Symantec employees issued SSL certificates for domain names that the company did not own. The browser maker also wants the security firm to publish a detailed analysis of how the incident was investigated. Through its acquisition of Verisign's authentication business unit in 2010, Symantec became one of the largest certificate authorities (CAs) in the world. Such organizations are trusted by browsers and operating systems to issue digital certificates to domain owners which are then used to encrypt online communications.To read this article in full or to leave a comment, please click here

Risky Business #387 — Hack people to death!

In this week's feature interview we're chatting with Chris Rock from Kustodian. Chris did a great presentation at Ruxcon last week about how easy it is to hack people to death!

He's found out just how easy it is to register births and deaths in the united states and Australia via online systems. He says it's a problem that could result in a virtual baby harvest for fraudsters who plan ahead. It's really fun stuff, that's this week's feature.

read more

An introduction to network namespaces

Network namespaces allow you to provide unique views of the network to different processes running on a Linux host.  If you’re coming from a traditional networking background, the closest relative to network namespaces would be VRF (Virtual Routing and Forwarding) instances.  In both cases the constructs allow us to provide a different network experience to different processes or interfaces.  For the sake of starting the conversation, let’s quickly look at an example of both VRFs and network namespaces so you get an idea of how they work.

The easiest scenario to illustrate either of these technologies is out of band management.  Take for instance this very simple network diagram…

image     
Note: I’m being purposefully vague here about the network layout and addressing.  Bear with me for a moment while I get to the point. 

As you can see, we have two users that live on the same segment (forgive me for not drawing an Ethernet segment connecting the two).  Let’s assume that the user on the left has to traverse northbound to get to resources that hang off the top network cloud.  Let’s also assume the user on the right has to Continue reading

Active Route Manager

SDN Active Route Manager has been released on GitHub, https://github.com/sflow-rt/active-routes. The software is based on the article White box Internet router PoC. Active Route Manager peers with a BGP route reflector to track prefixes and combines routing data with sFlow measurements to identify the most active prefixes. Active prefixes can be advertised via BGP to a commodity switch, which acts as a hardware route cache, accelerating the performance of a software router.
There is an interesting parallel with the Open vSwitch architecture, see Open vSwitch performance monitoring, which maintains a cache of active flows in the Linux kernel to accelerate forwarding. In the SDN routing case, active prefixes are pushed to the switch ASIC in order to bypass the slower software router.
In this example, the software is being used in passive mode, estimating the cache hit / miss rates without offloading routes. The software has been configured to manage a cache of 10,000 prefixes. The first screen shot shows the cache warming up.

The first panel shows routes being learned from the route reflector: the upper chart shows the approximately 600,000 routes being learned from the BGP route reflector, and the lower chart shows the rate at which Continue reading

The Benefits of a Proper Development Environment

I’ve had a number of folks approach me about the topic of development environments, so I figured it was worth a blog post.

Maybe you’re curious what a development environment is, or perhaps you’re working through the challenge of developing code on one platform, and deploying on another. Maybe you already have a development environment - like a virtual machine - but you aren’t happy with your workflow, and feel it could use some upgrades.

If any of the above apply to you, this post should be useful to you.

A Continuous Integration Story

Imagine yourself as a member of a software development team. You’re all working on the MegaAwesome project, which aims to solve global warming, world hunger, and basically anything wrong on this earth. With such high aspirations, it is important to put a process in place that ensures maximum developer efficiency, while maintaining an uncompromisingly high level of quality.

Any mature software development team will leverage version control like Git to ensure changes to the codebase are properly tracked and managed. They will also likely leverage some kind of continuous integration, or build server like Jenkins to run automated static code analysis (i.e. PEP8) or unit Continue reading

The Benefits of a Proper Development Environment

I’ve had a number of folks approach me about the topic of development environments, so I figured it was worth a blog post. Maybe you’re curious what a development environment is, or perhaps you’re working through the challenge of developing code on one platform, and deploying on another. Maybe you already have a development environment - like a virtual machine - but you aren’t happy with your workflow, and feel it could use some upgrades.

The Benefits of a Proper Development Environment

I’ve had a number of folks approach me about the topic of development environments, so I figured it was worth a blog post. Maybe you’re curious what a development environment is, or perhaps you’re working through the challenge of developing code on one platform, and deploying on another. Maybe you already have a development environment - like a virtual machine - but you aren’t happy with your workflow, and feel it could use some upgrades.

Verizon focuses on lowering costs for IoT apps, network

On Wednesday Verizon launched ThingSpace, a development platform for companies of all sizes to create Internet of Things applications more efficiently and then later manage those apps.The carrier also announced it is creating a new dedicated network core for IoT connections that can scale far beyond the ability of its existing networks with the intent to reach billions of sensors and devices."Continued innovation in smart cities, connected cars and wearables demonstrates that IoT is the future for how we will live and work," said Mike Lanman, senior vice president of enterprise products at Verizon during an event held at Verizon's San Francisco Innovation Center. He said Verizon is taking a "holistic approach" to help expand the IoT market from millions of connections to billions. The event was webcast.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Employees snoop on corporate systems if they can, researchers find

A recent study examined how one financial institution's employees behaved on the corporate network over a six-month period."Some of that behavior included occasions when employees were able to access information that should have been off-limits," a National Science Foundation press release says of the study.The researchers found that the workers snooped where they shouldn't have.Insider threats The insider threat is "one of the most serious risks in the cybersecurity world," the researchers think."Most countermeasures were developed for external attacks," says Jingguo Wang, an information systems and operations management professor at the University of Texas at Arlington, who was involved in the study.To read this article in full or to leave a comment, please click here

OMG, the machines are breeding! Mankind is doomed! DOOMED!!!

My Tesla has the same MAC address vendor code as an AR Drone. These are two otherwise unrelated companies, yet they share the same DNA. Flying drones are mating with land-based autonomous vehicles. We are merely months away from Skynet gaining self-awareness and wiping out mankind.

You can see this in the screenshot below, were we see the output of a hacking program that monitors the raw WiFi traffic. The AR Drone acts as an access-point so that your iPhone can connect to it in order to fly the drone's controls. The Tesla, on the other hand, is looking for an access-point named "Tesla Service", so that when you drive it in for service, it'll automatically connect to their office and exchange data. As you can see, both devices have the same vendor code of "90:03:B7" for Parrot SA.


Here is a picture of the AR Drone cavorting with the car. The top arrow points to the drone, the bottom arrow points to the car.


So why the relationship? Why does the Tesla look like a drone on WiFi?

The company Parrot SA started out creating kits for cars that contain WiFi, Bluetooth, and voice control. Since they were already Continue reading

Biometric data becomes the encryption key in Fujitsu system

Fujitsu says it has developed software that uses biometric data directly as the basis for encryption and decryption of data, simplifying and strengthening security systems that rely on biometrics such as fingerprints, retina scans and palm vein scans.Current security systems that rely on encryption require the management of encryption keys, which are stored on secure smartcards or directly on PCs. Biometric scans can be used as a way of authenticating the user and providing access to those encryption keys in order to decrypt data.Fujitsu's system uses elements extracted from the biometric scan itself as a part of a procedure to encrypt the data, making the biometric scan an integral part of the encryption system and removing the need for encryption keys.To read this article in full or to leave a comment, please click here

Sony BMG Rootkit Scandal: 10 Years Later

Ben Edelman/Wikipedia A warning pops up on computer screen about Sony BMG rootkit on music CD Hackers really have had their way with Sony over the past year, taking down its Playstation Network last Christmas Day and creating an international incident by exposing confidential data from Sony Pictures Entertainment in response to The Interview comedy about a planned assassination on North Korea’s leader. Some say all this is karmic payback for what’s become known as a seminal moment in malware history: Sony BMG sneaking rootkits into music CDs 10 years ago in the name of digital rights management.To read this article in full or to leave a comment, please click here

A short history of Sony hacks

Target on its backThe giant Japanese electronics company dazzled us with its Walkman and Discman in the late 70s/early 80s, as well as with its TVs, cameras and game consoles over the years. But things took a bad turn in 2005…(SEE ALSO: Sony BMG Rootkit Scandal: 10 Years Later)To read this article in full or to leave a comment, please click here