Weekend Reads 071020
Better late that never … 🙂
For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that’s a good thing. Running just at the margins is efficient. A single just-in-time global supply chain is efficient. Consolidation is efficient. And that’s all profitable. Inefficiency, on the other hand, is waste. Extra inventory is inefficient. Overcapacity is inefficient. Using many small suppliers is inefficient. Inefficiency is unprofitable. —Bruce Schneier
In this post, we describe the challenges associated with measuring anycast services and propose a tool called the Border Gateway Protocol (BGP) Tuner. By using our open-source tool, operators can see in advance how changes in their BGP policies may impact the traffic load distribution over the anycast sites. This post is a short description of our technical report available here. —Joao M. Ceron
There are increasing calls to break up, tax, regulate or [other intervention here] Big Tech. What I’m curious about is what for. —Matt Webb
Hence I made a self-experiment in which I generated two certificates with random names, monitoring the authoritative DNS servers as well as the IPv6 addresses of those names in order to check who is resolving/connecting to otherwise unknown hostnames. —Johannes Weber
This is not OK. When a home becomes an office, it remains a home. Workers should not be subject to nonconsensual surveillance or feel pressured to be scrutinized in their own homes to keep their jobs. —Bennet Cyphers and Karen Gullo
In the first quarter of 2020, distributed denial-of-service (DDoS) attacks jumped more than 542% compared with the last quarter of 2019 and more than 278% year-over-year. NexusGuard researchers suggest the spike may be linked to a parallel increase in malicious cyber activity during the COVID-19 pandemic. —Dark Reading
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on vulnerabilities in Netgear routers that remote attackers can exploit to take control of them. These routers are typically used in home networks. The agency acknowledges the coronavirus-related rise in working from home has elevated this consumer problem to an issue for many enterprises. —Dark Reading
The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse. —Krebs on Security
Here’s my little article about (almost) everything I know about Apple Lightning and related technologies: Tristar, Hydra, HiFive, SDQ, IDBUS and etc. But first a tiny warning…
DNS Response Policy Zones (RPZ) provide a cost-effective security method similar to a firewall. It allows a nameserver administrator to apply custom policies on top of the global DNS and set alternative routes for queries, in particular, bad domains. —Swapneel Patnekar
Think about it: When we picture the great seagoing voyages of discovery, there were cooks, chandlers, medics, and all sorts of other support staff. But that’s not the case in space. And the reasons why have critical echoes for professionals in cybersecurity. —Curtis Franklin Jr.
There is a general misunderstanding about what makes a vulnerability dangerous. Hype and publicity tend to be focused on the most advanced threats and tactics. In response to this, security teams focus more on controlling these advanced attacks rather than the more mundane ones, largely because the business supports these sensational cases more easily — at least until the memory has faded. —Douglas Ferguson
As we approach four months since the WHO declared COVID-19 to be a pandemic, and with lockdowns and other restrictions continuing in much of the world, it is worth reflecting on how the Internet has coped with the changes in its use, and on what lessons we can learn from these for the future of the network. —Jari Arkko
What makes Thiel (think PayPal, Facebook, Palantir, Airbnb, Lyft, and Elon Musk’s SpaceX) unique is that he so much contradicts the Valley stereotype and is certainly not afraid to tell the Valley its faults. In fact, he moved down to Los Angeles in 2018, fed up with the Valley as a one-party state. He suggested in 2019 that Google be investigated for treason for refusing to work with the Pentagon but helping the Chinese military.