Thursday, March 28, 2013

Is this a cyber-attack that equates to a Pearl Harbor, or a mini-Pearl Harbor, or perhaps a childish prank? Does a physical attack on cyber infrastructure equal a cyber-attack on physical infrastructure?
Egypt's Naval forces claim they have captured three scuba divers who were trying to cut an undersea Internet cable in the Mediterranean. Col. Ahmed Mohammed Ali said in a statement that the divers were caught while “cutting the undersea cable” of Telecom Egypt. Internet services have been disrupted since March 22 in Egypt. From the article: "The statement was accompanied by a photo showing three young men, apparently Egyptian, staring up at the camera in what looks like an inflatable launch. It did not have further details on who they were or why they would have wanted to cut a cable."

(Related) Now what do you think?

(Related) Still just a series of coinkydinks?
UAE Etisalat users face disruption after cable cut


This is the equivalent of giving people who rent storage lockers a brand new shiney padlock!
Amazon Woos the Paranoid With Crypto Cloud Service
Amazon’s cloud services just keep getting bigger, but the fact remains that many people are still worried that this cloud computing thing just isn’t as secure as the systems you might set up in your own data center.
If Amazon wants its service to continue growing at their current rate it has to change this perception. This week the company stepped up this crusade, unveiling a new service for creating and managing encryption keys in the cloud.
The service is called CloudHSM. HSM stands for Hardware Security Modules — physical devices that handle the creation and management of cryptographic keys. These aren’t a new thing, but they’re new to Amazon Web Services, or AWS, a set of online services that provide access to all sorts of computing power, including virtual servers and data storage and more.

(Related) Now all they need to do is actually use the padlock...
How Private Data Became Public on Amazon's Cloud
Companies that use Amazon's popular cloud computing service have accidentally [This is clearly NOT an accident. Someone (probably an entry level IT guy) turned this off and no one (management) checked! Bob] disclosed confidential information including sales records and source code, highlighting the risks of moving sensitive data to the Web, according to new research.
… Rapid7 said the documents were public because many of Amazon's customers overrode a key security mechanism intended to keep such information private, likely by accident as the result of poorly designed third-party management software.
Apparently this is just one company that hired some computers from some e-crooks. Imagine a case where a country takes control of all the computers they can locate, and uses them to attack another country.
March 27, 2013
BBC News - Global internet slows after 'biggest attack in history'
"The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history. A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet. It is having an impact on popular services like Netflix - and experts worry it could escalate to affect banking and email systems. Five national cyber-police-forces are investigating the attacks. Spamhaus, a group based in both London and Geneva, is a non-profit organisation which aims to help email providers filter out spam and other unwanted content. To do this, the group maintains a number of blocklists - a database of servers known to be being used for malicious purposes. Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host which states it will host anything with the exception of child pornography or terrorism-related material."
[From the article:
Spamhaus has alleged that Cyberbunker, in cooperation with "criminal gangs" from Eastern Europe and Russia, is behind the attack.
… Mr Linford said the attack's power would be strong enough to take down government internet infrastructure.
"If you aimed this at Downing Street they would be down instantly," he said. "They would be completely off the internet."
He added: "These attacks are peaking at 300 Gbps (gigabits per second).
"Normally when there are attacks against major banks, we're talking about 50 Gbps"
… Spamhaus said it was able to cope as it has highly distributed infrastructure in a number of countries.
The group is supported by many of the world's largest internet companies who rely on it to filter unwanted material.
Mr Linford told the BBC that several companies, such as Google, had made their resources available to help "absorb all of this traffic".
The attacks typically happened in intermittent bursts of high activity. [When the criminal computers are “between jobs?” Bob]


Find a similar, less technical example and see what has truly changed...
"The Supreme Court of Canada has ruled that text messages are private communication (Official Ruling) and therefore police are required to get a warrant to gain access to the text messages of private citizens. The CBC reports: '[Supreme Court Justice Rosalie Silberman] Abella said the only practical difference between text messaging and traditional voice communications is the transmission process. "This distinction should not take text messages outside the protection to which private communications are entitled," she wrote.'"
Quite different from the attitude in the U.S.


Perhaps we should read this...
March 27, 2013
EFF Commentary on Expanded Powers of Computer Fraud And Abuse Act Reform
EFF: "Law professor and historian Tim Wu has called the Computer Fraud and Abuse Act (CFAA) the “worst law in technology.” The Ninth Circuit Court of Appeals has described the government’s interpretation of it “expansive,” “broad,” and “sweeping.” And Orin Kerr, former federal prosecutor and law professor, has detailed how the government could use it to put "any Internet user they want [in jail]." So it's pretty surprising to see that now, instead of reining in the CFAA’s dangerous reach, the House Judiciary Committee is floating a proposal to dramatically expand it and is reportedly planning to rush it to the floor of Congress during its April “cyber” week... Techdirt’s Mike Masnick posted a new draft and analysis of the CFAA expansion bill on Monday."


I expect a lot of my students will telecommute.
March 27, 2013
Costs and Benefits Advantages of Telecommuting For Companies
The Telework Research Network: "We’re read over 500 studies about telecommuting and here are what we’ve found to be the most common advantages for the companies that establish work from home programs. The following pros and cons of work from home programs aren’t just our view, they’re the outcomes from a wide range of studies. Visit our Research: Pros & Cons page for additional information about how individuals and communities can benefit from telecommuting as well."


Think of the infrastructure Walmart is creating here. First in-store lockers and then customers for store-to-door delivery. Revise that to mailboxes and postal carriers and you can immediately see they are trying to take over the Postal Service and probably all the express services... (Or perhaps split it with Amazon to avoid the taint of monopoly)
"Amazon has been placing lockers in brick-and-mortar retail stores, such as 7-Eleven, for pickup of online purchases. Walmart plans to pilot a similar program, presumably making it easier to pick up online purchases at Wal-Mart. 'Wal-Mart hopes its network of physical stores, which number about 4,000 in the United States, will give it an edge as consumers increasingly use smart phones while they shop. Wal-Mart has been testing the shipping of online orders from a small number of its physical stores for about two years. In 2013, the company plans to expand this program from about 25 stores currently to a total of roughly 50 stores. ... Two-thirds of the U.S. population live within five miles of a Wal-Mart store."

(Related)
Wal-Mart may get customers to deliver packages to online buyers
… Wal-Mart has millions of customers visiting its stores each week. Some of these shoppers could tell the retailer where they live and sign up to drop off packages for online customers who live on their route back home, Anderson explained.
Wal-Mart would offer a discount on the customers' shopping bill, effectively covering the cost of their gas in return for the delivery of packages, he added.


Amusing. Perhaps I'll be able to point out some of the things I did...
NSA Declassifies — Sort Of — Its Super-Secret Internal Magazine
… Titled Cryptolog: The Journal of Technical Health, its existence has been known for years, having been mentioned in books about the agency by authors like James Bamford. But its contents, like so much else about the agency and its work, have remained a secret.
That changed today, when the NSA declassified about a quarter century of back issues of the publication running from 1974 to 1997. You can have a look at the results here.


We probably should start thinking about this. They are showing the classic signs... “When in doubt, yell louder!”
What happens if North Korea collapses?
North Korea shut down its last military hotline to South Korea on Wednesday, warning that nuclear war was imminent. The threat was the latest in a series of increasingly belligerent statements made by the Hermit Kingdom since world leaders imposed sanctions as punishment for the communist regime's recent missile and nuclear tests. Pyongyang has threatened to nuke both South Korea and the U.S.

No comments: