Explosions Leave Crimea in the Dark

11988406_541157619375726_6452207849448768237_n

11988406_541157619375726_6452207849448768237_n
Above photo credit: http://varlamov.ru/

Just after midnight local time on 22 November, saboteurs, presumably allied with Ukrainian nationalists, set off explosives knocking out power lines to the Crimean peninsula.  At 21:29 UTC on 21 November (00:29am on 22-Nov, local time) , we observed numerous Internet outages affecting providers in Crimea and causing significant degradation in Internet connectivity in the disputed region.

With Crimean Tatar activists and Ukrainian nationalists currently blocking repair crews from restoring power, Crimea may be looking at as much as a month without electricity as the Ukrainian winter sets in.  Perhaps more importantly, the incident could serve as a flash point spurring greater conflict between Ukraine and Russia.  ua_map

Impacts

The impacts can be seen in the MRTG traffic volume plot from the Crimea Internet Exchange — the drop-offs are noted with red arrows and followed by intermittent periods of partial connectivity.

cr-ix2
Dyn’s latency measurements into Miranda-Media, the Crimean local agent of Russian state operator Rostelecom, show that some parts of the network remain reachable despite the power loss.  However, while backup generators may be keeping the networking infrastructure online, it won’t be of much good for the people of Crimea Continue reading

Reaction: Personal Integrity

There is, on a daily basis, a choice you must make as a geek, as someone who is involved in technology — particularly in the world of computer networking. The choice we always face, every one of us, is whether to champion a particular product or service, or to champion solving the problem at hand. Between doing what’s best for a vendor — or even harder, what’s best for our career — or doing what’s best for our customer (whoever that customer might be). In other words, what to do with our personal integrity.

I know it’s hard, when you’re working for a vendor, not to just throw yourself into a product to the point of seeing it as the hammer that solves every problem, whether a nail or not. I know it’s hard, when you work for a smaller company, or in what feels like a “side alley” of our little industry (what Ethan calls a “mud puddle”) not to try to throw yourself at being famous, or warping the direction of the company so you can learn something new. I once worked on an account where I’d been asking to come in and help them switch from EIGRP Continue reading

How Lockheed Martin, Cisco and PWC manage cybersecurity

Cybersecurity remains a top priority for companies in all industries. The reason is clear. Criminals and other parties have access to inexpensive tools and training to attack companies and governments. The New York Times reported on the rise of ransomware earlier in 2015. This type of malicious software encrypts a user’s data and demands a payment to release it (or the data will be destroyed).Many companies are deploying greater resources to turn the tide of hackers: Google has a team of 10 full time hackers working to eliminate flaws. Given these threats, executives and technology leaders are asking for best practices and technologies. Developing security awareness in staff, growing security professionals and equipping CIOs to monitor security remain vital components to a successful security management strategy.To read this article in full or to leave a comment, please click here

Using Light-O-Rama to create holiday light shows

If you want to have a holiday light show that will back up traffic and make people of all ages smile (except Grinches and Scrooges), then you might be interested in Light-O-Rama. It’s been used by contestants in the Great Light Fight and was running behind the scenes of the first viral video of Christmas lights to Wizards in Winter. Incidentally, it took the electrical engineer who set up that light show about two months and 16,000 lights; for each minute of the song, it took him about one hour to sequence 88 Light-O-Rama channels. One LOR hardware controller generally has 16 channels.To read this article in full or to leave a comment, please click here

Dell admits installing security hole on laptops, apologizes, offers fix

Dell acknowledges a root certificate it installed on its laptops was a bad idea and is pushing a patch to permanently remove it.In a blog post company spokesperson Laura Thomas says eDellRoot was installed as a support tool to make it faster and easier for customers to service the devices. But some of those customers discovered the certificate and recognized it as a serious security threat.To read this article in full or to leave a comment, please click here

Blogging Rule#1: Be Useful

I love stumbling upon new networking-focused blogs. Many of my old friends switched to the dark side vendors and stopped blogging, others simply gave up, and it seems like there aren’t that many engineers that would like to start this experiment.

One of the obvious first questions is always “what should I write about” and my reply is always “it doesn’t really matter – make sure it’s useful.”

Read more ...

As China moves to payment cards, cybercriminals follow

As China increasingly embraces payment cards over cash, Trend Micro is seeing an uptick in cybercriminal activity aimed at card fraud. The security company published a new study of the Chinese underground cybercriminal market, which shows a strong interest in ways to capture payment card details. "Cybercriminals quickly jumped on the noncash payment bandwagon," wrote report author Lion Gu of Trend Micro's Forward-Looking Threat Research Team. The market for such tools has been strong in countries that heavily use payment cards, so it's probably not surprising that the trade would rise in China.To read this article in full or to leave a comment, please click here

Dell security error widens as researchers dig deeper

The fallout from a serious security mistake made by Dell is widening, as security experts find more issues of concern.Researchers with Duo Security have found a second weak digital certificate in a new Dell laptop and evidence of another problematic one circulating.The issue started after it was discovered Dell shipped devices with a self-signed root digital certificate, eDellRoot, which is used to encrypt data traffic. But it installed the root certificate with the private encryption key included, a critical error that left many security experts aghast.To read this article in full or to leave a comment, please click here

Dell installs self-signed root certificate on laptops, endangering users’ privacy

Dell laptops are coming preloaded with a self-signed root digital certificate that lets attackers spy on traffic to any secure website.The reports first surfaced on Reddit and were soon confirmed by other users and security experts on Twitter and blogs. The root certificate, which has the power of a certificate authority on the laptops it's installed on, comes bundled with its corresponding private key, making the situation worse.With the private key, which is now available online, anyone can generate a certificate for any website that will be trusted by browsers such as Internet Explorer and Google Chrome that use the Windows certificate store on affected laptops. Security experts have already generated proof-of-concept certificates for *.google.com and bankofamerica.com.To read this article in full or to leave a comment, please click here

Peak Fibre Channel

There have been several articles talking about the death of Fibre Channel. This isn’t one of them. However, it is an article about “peak Fibre Channel”. I think, as a technology, Fibre Channel is in the process of (if it hasn’t already) peaking.

There’s a lot of technology in IT that doesn’t simply die. Instead, it grows, peaks, then slowly (or perhaps very slowly) fades. Consider Unix/RISC. The Unix/RISC market right now is a caretaker platform. Very few new projects are built on Unix/RISC. Typically a new Unix server is purchased to replace an existing but no-longer-supported Unix server to run an older application that we can’t or won’t move onto a more modern platform. The Unix market has been shrinking for over a decade (2004 was probably the year of Peak Unix), yet the market is still a multi-billion dollar revenue market. It’s just a (slowly) shrinking one.

I think that is what is happening to Fibre Channel, and it may have already started. It will become (or already is) a caretaker platform. It will run the workloads of yesterday (or rather the workloads that were designed yesterday), while the workloads of today and tomorrow have a vastly different set of Continue reading

Dell computers shipping with potentially dangerous root certificate authority

At least some Dell laptops are shipping with a trusted root certificate authority pre-installed, something that those who discovered the CA are comparing to the Superfish adware installed on Lenovo machines that left them open to man-in the-middle attacks. Called eDellRoot, the trusted root CA comes as part of the standard software load on new Dell machines. A Reddit contributor who uses rotocowboy for a screen name says the implications could be dire. “For those that are unfamiliar with how this works,” he writes, “a network attacker could use this CA to sign his or her own fake certificates for use on real websites and an affected Dell user would be none the wiser unless they happened to check the website's certificate chain. This CA could also be used to sign code to run on people's machines, but I haven't tested this out yet.”To read this article in full or to leave a comment, please click here

Some notes on the eDellRoot key

It was discovered this weekend that new Dell computers, as well as old ones with updates, come with a CA certificate ("eDellRoot") that includes the private key. This means hackers can eavesdrop on the SSL communications of Dell computers. I explain how in this blog post, just replace the "ca.key" with "eDellRoot.key".

If I were a black-hat hacker, I'd immediately go to the nearest big city airport and sit outside the international first class lounges and eavesdrop on everyone's encrypted communications. I suggest "international first class", because if they can afford $10,000 for a ticket, they probably have something juicy on their computer worth hacking.

I point this out in order to describe the severity of Dell's mistake. It's not a simple bug that needs to be fixed, it's a drop-everything and panic sort of bug. Dell needs to panic. Dell's corporate customers need to panic.

Note that Dell's spinning of this issue has started, saying that they aren't like Lenovo, because they didn't install bloatware like Superfish. This doesn't matter. The problem with Superfish wasn't the software, but the private key. In this respect, Dell's error is exactly as bad as the Superfish error.
1 3,232 3,233 3,234 3,235 3,236 3,837