Posts Tagged internet security

Repeated attacks hijack huge chunks of Internet traffic.

From: Ars Technica

Man-in-the-middle attacks divert data on scale never before seen in the wild.

The hacks, which exploit implicit trust placed in the border gateway protocol used to exchange data between large service providers, affected “major financial institutions, governments, and network service providers” in the US, South Korea, Germany, the Czech Republic, Lithuania, Libya, and Iran.

more

, ,

No Comments

NSA has Laid the Foundation for a Police State

From: MIT

… by eavesdropping on all Americans, they’re building the technical infrastructure for a police state.

We’re not there yet, but already we’ve learned that both the DEA and the IRS use NSA surveillance data in prosecutions and then lie about it in court. Power without accountability or oversight is dangerous to society at a very fundamental level.

more

, , , , ,

No Comments

Google Accidentally Transmits Self-Destruct Code to Army of Chrome Browsers

From: Wired Enterprise

Google’s Gmail service went down for about 20 minutes on Monday. That was annoying, but not exactly unprecedented. These sorts of outages happen all the time. What was strange is that the Gmail outage coincided with widespread reports that Google’s Chrome browser was also crashing.

Late Monday, Google engineer Tim Steele confirmed what developers had been suspecting. The crashes were affecting Chrome users who were using another Google web service known as Sync, and that Sync and other Google services — presumably Gmail too — were clobbered Monday when Google misconfigured its load-balancing servers.

more

, , , , , ,

No Comments

Spy Law Extended For 5 Years

From Threat Level:

The FISA Amendments Act, (.pdf) which is expiring at year’s end, allows the government to electronically eavesdrop on Americans’ phone calls and e-mails without a probable-cause warrant so long as one of the parties to the communication is believed outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”

, , , ,

No Comments

Iranian hackers obtain fraudulent HTTPS certificates

From: EFF

Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get?

On March 15th, an HTTPS/TLS Certificate Authority (CA) was tricked into issuing fraudulent certificates that posed a dire risk to Internet security. Based on currently available information, the incident got close to – but was not quite – an Internet-wide security meltdown. These events show why we urgently need to start reinforcing the system that is currently used to authenticate and identify secure websites and email systems.

more

 

 

, , , , , , ,

No Comments