Response: Rate-limiting State and Internet Frailty – ACM

etm-response-logo

This article from the Association of Computing Machinery and written by no less than Paul Vixie. It is a detailed review of the basic facts of the Internet being smart at the edge and dumb in the middle. By design, the Internet core is stupid, and the edge is smart. This design decision has enabled […]

Snowden, NSA Exploit Kits and Commercial Espionage

A few months back, Der Spiegel published a carefully selected cache of documents about the NSA Exploit Kits used to compromise a wide range of commercial network and security hardware and software. I haven’t seen anyone discussing the implications for commercial espionage. NSA Exploit Catalog A few months back, Der Spiegel published a carefully selected […]

Response: Targeted Internet Traffic Misdirection – Renesys

The report shows strong evidence that very specific prefixes were hijacked and diverted to countries where legal jurisdiction could be reasonably assumed to be weak. Renesys does not say which prefixes were hijacked but consider hijacking a corporate PI space and capturing a copy of all the email to & from a large company (email […]

Response: Digital Attack Map

digital-attack-map-opt

This site displays a list a DDOS attacks that are happening at any time. This graphic shows a 300Gbps DDOS in the United States that lasted for six days. Fascinating (and a reminder that you can’t handle DDOS on your enterprise WAN connection).   Digital Attack Map is a live data visualization of DDoS attacks […]

Response: Cisco Closes Sourcefire Acquisition; Delivers Threat-Centric Security Model

Response Logo

The announcement is a major change in Cisco Security strategy and perspective and, I think, a promising step forward: From a strategic standpoint, we will focus on a “threat-centric” security model moving forward – meaning that we will put a heavier focus on the threats themselves versus policy or controls. Given the fast-changing threat landscape, […]

Response: So What ? Chaos Computer Club breaks Apple TouchID

Although yet to be confirmed, the Chaos Computer Club have been able to circumvent the fingerprint reader on an iPhone.

Big Deal. Big Hoopy Doo Deal. Golf Claps for the Kleva Kids.

Let me explain. The idea of retina or finger print scanning for any serious security application has long been discredited but not for the reasons that most people expect.

Response:How to remain secure against NSA surveillance – Bruce Schneier

Response Logo

Bruce Schneier has been reviewing documents from Snowden and believes that all security platforms have been compromised by governments : Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent […]