Weekend Reads 032020

I taught a four hour webinar yesterday, so I’m running a bit behind this week. 🙂

Recently, there were news articles about a large software provider who experienced a global outage due to an expired digital certificate — and this is not the first time this kind of issue has hit the news. Digital certificate outages, when an organization forgets to replace an expiring certificate for a business-critical domain name, continues to cause business disruption and security risks. —Ken Linscott

This past week I had two items pop up on my alerts. The first was about Facebook suing domain registrar Namecheap for allowing domains that impersonate the social media company and can be used for scams. The second was a plea by the Electronic Frontier Foundation to join in its crusade to stop the sale of the .ORG domain. It took me a moment to realize these are linked. —David McConnell

It’s become commonplace to find free USB charging stations in many public areas, from airports to hospital waiting rooms. While this seems like a thoughtful accommodation, a quick recharge from a USB port in a public setting could actually put your data at risk of being stolen.

After suffering numerous delays and setbacks in its 10nm chip design, Intel finally launched its Ice Lake processors in late 2019. On the desktop side of things, though, 10nm still feels distant. —Chuong Nguyen

People are growing increasingly alarmed by recent examples of bad actors abusing proxy services offered by registrars. While proxy services are designed to protect the privacy of legitimate domain name users — they do the opposite when abused by cybercriminals. —Russell Pangborn

Last year, some security researchers were discussing a doomsday scenario, that without investing in quantum encryption, there would soon be no way to feel secure over the Internet. (I would add, that a feeling of security over the Internet is misleading at best.) Allow me to break down some of these security peculiarities, which could be worrisome. —Igor Bielopolskyi

But it turns out ‘Target Row Refresh,’ promoted as a silver bullet to mitigate rowhammer attacks, is also insufficient and could let attackers exec —Mohit Kumar

It has been a long time since plain vanilla programmable logic circuits known as field programmable gate arrays have been available in a raw form. For many years, Xilinx, Altera, and others making what we call FPGAs have been adding hard-coded circuits for certain functions that might otherwise be synthesized from gates, and perhaps more than any other discrete device sold today, what we call an FPGA is a true system on chip, with all kinds of compute, memory, and interconnect resources all expressed in the transistors of the device. —Timothy Prickett Morgan

How did GDPR affect the internet economy? News reports, opinion pieces, and ‘white papers’ point towards costly investments for business, as well as unanticipated consequences. Yet, neither systematic data collection, nor analysis of a census of experiences, informs the headlines. —Ran Zhuo, Bradley Huffaker, KC Claffy, Shane Greenstein

One of the hottest topics in the news related to coronavirus is working from home. Companies of all sizes are telling employees to work from home as a way to help curb the spread of the virus. Companies without work-at-home policies are scrambling to define how to make this work to minimize disruption to their business. —Doug Dawson