Security

Not a simple matter for ISPs to block botnet traffic

Legions of consumers are not taking reasonable steps to combat botnets, leading some some experts to suggest that ISPs should monitor broadband connections and block botnet-generated traffic.
A botnet is a network of servers or PCs that have been surreptitiously infected with malicious software for the purpose of generating Internet traffic without the owners’ knowledge or consent for some criminal purpose. Antivirus software offered by vendors such as McAfee, Microsoft or Symantec eliminate malicious software, but many consumers don’t utilize these products even when they are available for free.

Read More ›

Why antagonize China?

From George Gilder’s column in today’s Wall Street Journal, Meanwhile, Secretary of State Hillary Clinton and the president’s friends at Google are hectoring China on Internet policy. Although commanding twice as many Internet users as we do, China originates fewer viruses and scams than does the U.S. and with Taiwan produces comparable amounts of Internet gear. As an authoritarian regime, it obviously will not be amenable to an open and anonymous net regime. Protecting information on the Internet is a responsibility of U.S. corporations and their security tools, not the State Department. The full column is here.

Breach the cyberwalls

Congress could increase funding for organizations which enable foreign citizens to breach Internet firewalls operated by closed society regimes, according to Senator Arlen Specter (D-PA). The money would aid groups like the Global Internet Freedom Coalition, maker of the FreeGate software described by Nicholas D. Kristof: … small enough to carry on a flash drive. It takes a surfer to an overseas server that changes I.P. addresses every second or so, too quickly for a government to block it, and then from there to a banned site …. E-mails sent with it can be encrypted. And after a session is complete, a press of a button eliminates any sign that it was used on that computer The coalition is running Read More ›

Who Will Protect Cyberspace?

President Obama received a Cyberspace Policy Review from cybersecurity experts this week and pledged to create an Office of Cybersecurity Coordinator in the White House. A federal cybersecurity coordinator may help government agencies better coordinate their responsibilities and authorities and eliminate duplicative or inconsistent efforts. But most of the networks and computers which power the world’s most dynamic economy and support the strongest military are owned and operated by the private sector, as the cybersecurity experts and the President acknowledged. The private sector has been hard at work improving the reliability of software and building security features into the network. The importance of the network in combating cyber attacks has largely been overlooked. Network operators eliminate most spam, which, according Read More ›

New focus on cybersecurity

Senate Commerce Chairman John D. Rockefeller, IV (D-WV) this week conducted a hearing entitled “Cybersecurity — Assessing Our Vulnerabilities and Developing An Effective Defense” during which he signalled that cybersecurity will be a major focus of the committee. Mentioning his experience as a member and former chairman of the Senate Intelligence Committee, Rockefeller commented I know the threats we face. Our enemies are real, they are sophisticated, they are determined and they will not rest. I do not believe it is only the job of the Intelligence Committee or our national security and defense agencies to protect us from the threats we face. This committee can and must play a very proactive role in keeping Americans safe. * * * Read More ›

Stealing encrypted data

Researchers at Princeton have figured out how to crack encrypted files stored on a computer’s hard drive, according to the New York Times. “Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power,” Edward W. Felten, a Princeton computer scientist, wrote in a Web posting. “Just put the chips back into a machine and you can read out their contents.” This technique — which enabled the researchers to retrieve encryption keys from DRAM chips — can’t be carried out remotely via the Internet or a WiFi connection, only if your computer is stolen or seized. One way to look at this is to lament that one can’t be sure anything Read More ›

Spyware legislation advances in Senate

The Senate Commerce Committee approved a modified version of S. 687, a bill sponsored by Senator Conrad Burns (R-MT) and Senator Barbara Boxer (D-CA) which would target a variety of malicious practices that include: computer hijacking, spam zombies, endless loop pop-up advertisements and fraudulent software installation. A similar measure (H.R. 29) introduced by Rep. Mary Bono (R-CA) and Rep. Ed Towns (D-NY) has passed the House. The House has also approved H.R. 744, by Rep. Bob Goodlatte (R-VA) and Rep. Zoe Lofgren (D-CA), which addresses criminal penalties and prosecutorial tools related to spyware. Spyware legislation is beneficial because it will promote consumer awareness and assist law enforcement. But technological solutions to the problem may ultimately prove more important. The industry Read More ›

Ratify the Cybercrime Convention

It is already against the law in the U.S. to interfere with someone else’s computer or commit traditional crimes with the aid of a computer, however many countires have gaps in their criminal laws governing computer-related crimes and have become havens for cyber-criminals. Another problem is that electronic evidence of crime is difficult for law enforcers to locate and secure when it crosses borders. A treaty is awaiting final Senate approval that would fully criminalize computer-related offenses in other countries and require each country to have the power to quickly preserve and disclose stored computer data, compel the production of electronic evidence by ISPs, to search and seize computers and data, and to collect traffic data and content in real Read More ›