Worth Reading: An observatory for path transparency measurement

30 October 2017

Though the end-to-end principle and the four-layer TCP/IP architecture suggest that what happens above the IPv4 or IPv6 header isn’t any of the network’s business, the widespread deployment of firewalls, network address translators, proxies, and other middleboxes at layers four and seven mean that, in practice, TCP usually works, UDP usually works, and for everything…

Worth Reading: Raw sockets in IPv6

27 October 2017

As part of a measurement experiment, we wanted an implementation of an IPv6 UDP server and a TCP server that generated fragmented IPv6 packets. However, as an added condition, we wanted the application to directly control the packet fragmentation function. The conventional standard socket interface masks any visibility to the underlying packet transactions, and therefore…

Humor for the Day: Facebook simplifies its privacy policy

26 October 2017

“We wanted to be more forthright with our users,” Facebook CEO Mark Zuckerberg told reporters. “We could give you this boring tome of legalese, or we could simply put it in terms everyone can understand. —The Babylon Bee

Worth Reading: 4 Tips to Fight Propoganda

25 October 2017

Disturbingly, both men confirmed the totality of propaganda in our society. And they did that many, many decades ago and well before the internet, social media, cable TV, or data mining. By 2017, many generations have been raised from infancy immersed in corporate, political, and ideological propaganda. Your grandparents were victims of propaganda, your parents…

Worth Reading: TLS and Data Center Monitoring

24 October 2017

Over the course of four years, Transport Layer Security (TLS) 1.3 has been designed to be more secure in order to prevent the interception of sessions over the Internet. It has a more secure key exchange, based on the Elliptic Curve Diffie-Hellman algorithm, formally deprecating the use of RSA static keys to ensure forward secrecy…

Worth Reading: The Economics of DDoS

23 October 2017

These days, there are typically three parties to a distributed denial of service attack. You probably know about two of them: the perpetrator and the target. Less well known is the vast and growing number of third-party providers of DDoS attacks as a service. Brazenly advertising their wares online, these providers will perform an attack…

Worth Reading: Stealing Passwords by Asking

20 October 2017

Do you want the user’s Apple ID password, to get access to their Apple account, or to try the same email/password combination on different web services? Just ask your users politely, they’ll probably just hand over their credentials, as they’re trained to do so. —Felix Krause

Worth Reading: Stop Blaming Open Source

19 October 2017

Despite the known threats, many organisations continue to point fingers at open source platforms for poor security practices. But do you really think these platforms are the ones that need to be blamed? Coming back to the Equifax example, soon after this, the company began to examine how the breach occurred, many unsubstantiated reports and…

Worth Reading: Responsible Encryption Fallacies

18 October 2017

Moreover, instead being a solution to cyber threats, law enforcement has become a threat itself. The DNC didn’t have the FBI investigate the attacks from Russia likely because they didn’t want the FBI reading all their files, finding wrongdoing by the DNC. It’s not that they did anything actually wrong, but it’s more like that…

Worth Reading: 10 Layers of Container Security

17 October 2017

Containers provide an easy way to package applications and deliver them seamlessly from development to test to production. This helps ensure consistency across a variety of environments, including physical servers, virtual machines (VMs), or private or public clouds. These benefits are leading organizations to rapidly adopt containers in order to easily develop and manage the…