Sep 6 2013

NSA and GCHQ unlock encryption

Computer ScreenUS and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.

NSA Exploit diagramThis network diagram, from a GCHQ pilot program, shows how the agency proposed a system to identify encrypted traffic from its internet cable-tapping programs and decrypt what it could in near-real time.
The agencies insist that the ability to defeat encryption is vital to their core missions of counter-terrorism and foreign intelligence gathering.

But security experts accused them of attacking the internet itself and the privacy of all users. “Cryptography forms the basis for trust online,” said Bruce Schneier, an encryption specialist and fellow at Harvard’s Berkman Center for Internet and Society. “By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet.” Classified briefings between the agencies celebrate their success at “defeating network security and privacy”.

Read more: The Guardian

If I think about it, what does this mean for the possibility that organized crime also has the opportunity to use these techniques. Then our whole eCommerce will crumble. Something to think about.

By • Tags:

Aug 24 2013

How well do you know SSL

Qualys SSL Labs

Qualys SSL Labs LogoThere is little doubt that SSL1 is the technology that protects the Internet. By transforming insecure communication channels into opaque data streams, SSL allows sensitive data to reach its destination uncompromised.

SSL Labs is a collection of documents, tools and thoughts related to SSL. It’s an attempt to better understand how SSL is deployed, and an attempt to make it better. I hope that, in time, SSL Labs will grow into a forum where SSL will be discussed and improved.

SSL Labs is a non-commercial research effort, and we welcome participation from any individual and organization interested in SSL.

Qualys Labs main website: Qualys Labs

By • Tags:

Aug 20 2013

ZMap network scanner

ZMap LogoZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet.

ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems distributed across the Internet. While ZMap is a powerful tool for researchers, please keep in mind that by running ZMap, you are potentially scanning the ENTIRE IPv4 address space and some users may not appreciate your scanning. We encourage ZMap users to respect requests to stop scanning and to exclude these networks from ongoing scanning.

ZMap main website: ZMap

By • Tags: ,

Aug 16 2013

The forgotten systems

We all know the moments when new systems are put into use, and all the blood sweat and tears that has gone into it is soon forgotten. Finally the system is running and we can make use of it and it will simplify our work.

Old ServersBut there comes a day when the system is outdated and new ones are about to be taken into use. Then what happens to the old systems?

Depending on the function, you even have to do with legislation that demands that you keep the systems running because data on it, should be kept for more than 5 years du to for example tax legislation. There are usually quite valid reasons for these system to keep them up and running.

But don’t forget these old systems let them participate in the patch and security policies because they are often forgotten and then they are an easy target to gain access and can be a jump server into the rest of your IT systems.

Some advice:

  • On a regular bases PEN (Penatration testing – for example with Qualys) test your systems
  • Isolate these systems so they can still be used but only when necessary
  • Check regularly if these systems are being used
  • Take decommissioning seriously

And perhaps unnecessarily, but we should also apply these advices to test, research and acceptance systems. These are also quite often overlooked when it comes to potential security risks.

 

By • Tags:

« 3 4 5 6