888.4.NATNET
Facebook Twitter LinkIn Blog Instagram YouTube Google Plus

Monthly Archives: April 2014

28
Apr
2014

The DarkMarket Dangers Of The Digital Freedom Wars

by Bill

DarkMarketThe battle over internet privacy and security continues to be waged in new interesting ways by entities on both side of the divide. This week Wired Magazine reported on a new DarkMarket Prototype that is designed to replicate the unregulated sort of marketplace that was once made famous by the illegal Silk Road website. The interesting twist that has free spirits excited as law and order groups become increasingly concerned is the inclusion of a new peer-to-peer fully distributed system architecture.

The Silk Road site made use of Bitcoin payments and Tor IP masking to hide identities, but once the alleged owner was located it became only a matter of time before the underlying data is available to law enforcement agencies. DarkMarket, which is a proof of concept ‘working prototype’ being given away as open source material for an anonymous developer to finish off uses a P2P platform and a built-in arbitration system along with Bitcoin wallet innovations to makes it impossible to determine who actually owns it, or to even claim it has a direct owner.

The software for DarkMarket would exist in pieces across all the computers of anyone who installs it whether they actually go to the site and make transactions or not, leaving open the door to things like viruses and Trojan installs that would leave the software resident on computes of people who aren’t even aware it is using their system resources.

In November of 2013 law enforcement officials filed an unrelated RICO claim against someone who bought fake ID online. The case again David Ray Camez argues that buying the IDs online made Mr. Camez a co-conspirator with others using the site for other illegal activities and therefore makes him liable for all of those other crimes. The potential result is decades of additional prison time for everything from drug sales to attempted murder being tacked on to a crime that would otherwise carry a much shorter prison sentence.

If these parallel agendas converge, the mess of serious legal action ensnaring both intentional and unwitting (virus infected) computer owners who have DarkMarket installs on their computers could be breathtaking. While one side continues to argue the right of privacy and makes strong claims that the NSA is overstepping its boundaries, the other side makes equally strong claims that these kinds of technological loopholes may lead to real world criminal activity on an unprecedented level with ‘consumer ready’ websites that turn committing real life hardcore crimes into a few clicks on a mobile app – leaving millions of honest people in the cross-fire whether they know it or not.

Now more than ever, keeping your computers and servers clean of nefarious software is an essential part of your protecting your identity and your business. At NationalNet we take these sorts of stories seriously and continue to work diligently to stamp out any possibility of unwarranted access by people with unsavory intentions. As always, if we can assist you with your data security, fully managed hosting or collocation needs please contact us at your earliest convenience.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
22
Apr
2014

Hidden Bandwidth Cost of Heartbleed Bug Revealed

by Bill

HeartBleed BugThe Heartbleed bug that came to light recently has sent the people responsible for internet and website security scrambling in order to correct the defect, and while the total costs are not in yet, one area that has seen a significant cost impact is among issuers of site security certificates.

In the normal course of things, browsers visiting sites over HTTPS perform a check using one of two site certificate revocation methods: Online Certificate Status Protocol (OCSP) or Certificate Revocation List (CRL). For OCSP, the browser pings the certificate authority and asks whether a particular site’s certificate has been revoked.

For CRL, the browser pings the certificate authority (CA) and downloads a complete list of all the certificates that have been revoked by that CA. While the OSCP system uses much less bandwidth, it does result in many requests and back-end look-up requirements every time a request is received. CRL doesn’t generate as many requests, but as the number of revokes certificates becomes large, as happened with the Heartbleed flaw, the mammoth size of the list becomes a bandwidth hog.

A leading content delivery network and distributed domain name server service who has a working relationship with GlobalSign, a leading CA issuer, says that the number of revoked certificates in their CRL jumped from 1,492 to 133,243, and bandwidth usage went from 22 KB to 4.9 MB, and the activity of browsers downloading the GlobalSign CRL generated around 40 GBPS of net new traffic across the Internet, and a little back of the envelope calculation, assuming a global average price for bandwidth at around $10/Mbps, just supporting the traffic to deliver the revised CRL would have added $400,000 USD to GlobalSign’s monthly bandwidth bill, and that’s just one CA issuer.

Because security and the peace of mind of our customers is important to us, NationalNet was one of the first hosting companies to be aware of this bug and within one day we had scanned every server we manage and thanks to our security policies, we only found 12 servers affected out of the over 3000 servers we manage.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
03
Apr
2014

The End of Windows XP Whether Professionals Want It Or Not

by Bill

WindowsWith all support for Microsoft’s 13-year-old operating system, Windows XP, finally winding down and the final update announced, the news is filled with the news that 95% of the world’s ATMs are running this soon to be antiquated ,and no longer patched for security updates, operating system. With banks scrambling to upgrade their ATMs’ operating systems ahead of the deadline, it’s also being reported that 28% of web users are still running this old operating system.

With the final security patch scheduled for April 8th, machines running XP will likely be hit with wave after wave of cyber attacks the morning of the 9th, and no matter how bad the consequences might be, there will be no fixes proffered by Microsoft. The tech giant has previously warned XP users that the end of support will be the equivalent of a starter’s pistol for hackers, particularly as they can scour subsequent security patches issued for Windows 7 and 8 for exploits that will gain them access to systems still running XP. As an illustration, Microsoft revealed that XP shared 30 security holes with Windows 7 and Windows 8 that were patched between July 2012 and July 2013, which would have given hackers the ability to reverse-engineer XP vulnerabilities.

The specter of this looming deadline is frightening enough that the British government has announced that it will be paying £5.548 million (US $9.2 million) to Microsoft to provide an additional 12 months of “critical” and “important” security updates for Windows XP, as well as Office 2003 and Exchange 2003 for all of the UK government agencies who are still soldiering on the antiquated operating system, though as a condition of participating in the program, these government agencies, 85% of which are estimated to still be running XP, must institute plans to migrate to a current operating system.

While it’s tempting to simply heap the blame on Microsoft for the subsequent Windows releases’ not providing a compelling reason for their customers to upgrade to their later releases, particularly as Vista, Windows 7 and Windows 8 have been relatively poorly-received, this dropping of support has been a long time coming, even with the various stays of execution that have been issued over the past 5 years. That so many so-called “professional users,” major corporations and governments are being caught unprepared, to an even greater extent than the general public, is surprising.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
NationalNet, Inc., Internet - Web Hosting, Marietta, GA
Apache Linux MySQL Cisco CPanel Intel Wowza