How to secure the Internet

I recently wondered, are there any existing government practices towards securing the entire Internet?

So I went though the U.S National Strategy to Security Cyberspace, to find out what is the U.S up to given it still maintains "control" of the Internet. What is the Internet's biggest weakness? No, it's not a sophisticated term, its a common word called design.

A fact that is often neglected as the core of all problems, is that the Net's design by itself was primarily developed for reseach purposes. That is, universities and scientists exchanging data, users whose activities would definitely not result in the following :)

- infect the competing Ivy League universities with malware, and "borrow" as much intellectual property as possible

- Conduct DNS poisoning and redirect their competition's site to their own one

- Eavesdrop on their fellow researcher's communications

The Internet wasn't mean to be as secure as we wished it could be today. So, when it became public and turned into today's part of daily life, I feel this weakness started to remerge on a harge scale.

Perhaps the second biggest vulnerability is the ability to forge source addresses, and given you can spoof the origins of your packet no accountability for a great deal of today's threats is present. IPv6 isn't the panacea of security, and would never be though. There are as a matter of fact a lot of vulnerabilities related to mostly, implementation, and awareness on the possibilities. But the introduction of IPv6 over the Internet, still remains an ambition for goverments and organizations across the world. As a matter of the the U.S DoD indicated their troubles while migrating to IPv6, but they desperately need it. Though, I greatly feel the sooner the better.

The current Internet IP space is so easily mapped and datamined, that on most occasions,such transparence is mostly beneficial to malicious attackers. I believe that security threats can indeed have a national security impact, of course, given their sevirity and actual abuse. Today's information and knowledge driven societies are largely dependent on information and technology infrastructure for most of their needs. This has on the other hand boosted a tremendous technological growth. It eventually resulted in an increased world productivity, but the dependance can also affect real life situations on certain ocassions.

Can cyberspace indeed influence real-life situations and cause havoc? Would someone wants to bring down the Internet, and how sound is this? What are the main driving factors behind the known weaknesses of the infrastructure, and how can their negative effects be prevented?

I greatly feel that the growth of E-governments, native Internet population, improved communication infrastructure, thus more bandwidth and opportunities,are crucial for the growth of a nation. The only weakness besides actual usability or utilization, is Security.

Going back to the report, it clearly highlights and takes into consideration both, soft and hard dollars. That is, enemies conducting espionage over companies, universities, or mapping key government, industry networks, and easily reachable known targets to be used later on. Hit-lists for potential targets can be easily gathered in today's open source intelligence world.

On a worldwide basis, the implications to the entire Internet posed by insecure DNS servers, and by the insecurities of the DNS protocol can undermine the Internet in itself. What happens when all sites are actually there, but remain unreachable worldwide? The 2002 attacks on the root Internet servers indeed acted as a wake up to the international community on how fragile the current system really can be.

Some of the obstacles for a secure Internet from my point of view consist of :

- Plain text communications are the easiest, most common way malicious attackers can abuse a nation's communications, excluding the fact that the majority of communications remain unencrypted

- Lack of evolving compliance, threats change so fast, that everyone can barely keep up with them, and what used to be "secured" yesterday, is vulnerable today

- Less procedures and strategies, more actions, perfecting planning is futile, by the time you end you planning process you would have to change everything. My point is, empower those who are able to execute real actions towards improving security.

- The gap between government, private and academic sectors is resulting in a lack of integrated early warning systems, that would eventually benefit everyone

- Realization of a nationwide client-side sensor, I have also considered Symante's utilization of their 120M client based as the biggest, most sensitive honeypot ever.

To sum up my ideas, migration to the, at least though to be more secure Internet2 , would take years and cost billions of dollars on a worldwide basis, yet it's worth it!

Have an opinion? Share it!

Technorati tags :
cyberspace,security,information security,IPv6,Internet2

Security quotes : a FSB (successor to the KGB) analyst on Google Earth

"Lt. Gen. Leonid Sazhin, an analyst for the Federal Security Service, the Russian security agency that succeeded the K.G.B., was quoted by Itar-Tass as saying: "Terrorists don't need to reconnoiter their target. Now an American company is working for them." A great quote, and I find it totally true. The point is, not to look for high-resolution imagery, but to harness the power of OSINT, improve their confidence by observing the targets "from the sky", and actually plan and coordinate its activities on huge territories. AJAX anyone? :)

However, the public has always been good at bringing the real issue to the rest of the world. There have been numerous attempts to spot sensitive locations, and I wouldn't be myself if I don't share the joys of the Eyeball Series with you. Of course, in case you haven't come across the initiative earlier. However, the way it gives terrorists or enemies these opportunities, it also serves the general public by acting as an evidence for the existence of espionage sentiments, here and there. Echelon's Yakima Research Station was spotted on GoogleMaps, originally by Cryptome, see the dishes there? Any thoughts in here? Can Microsft's Local Live with its highly differentiated bird eye view on important locations turn into a bigger risk the the popularity of Google's services?

Technorati tags :
Google Earth,Google Maps,satellite imagery,OSINT,security,terrorism

Keep your friends close, your intelligence buddies closer!

Too much power always leads you to the dark side!

Cryptome has yesterday featured a excerpt from "State of the War : The Secret History of the CIA and the Bush Administration" shredding more light on what the NSA used to be before 9/11 and how things changed at a later stage. In case you really want to find out more about the entire history of the NSA, go though "The Quest for Cryptologic Centralization and the Establishment of NSA, 1940-1952", and some of the most remarkable NSA released publication entitled "Eavesdropping on Hell : Historical Guide to Western Communications Intelligence and the Holocaust, 1939-1945".

My opinion - With no guards, the gates are always open. But who will watch the watchers when they start watching us?!

Even though, as Marine Corps General Alfred M. Gray have put it years ago "Communications without intelligence is noise, intelligence without communications is irrelevant", and so is privacy in the 21st century, period.

Technorati tags :
NSA, intelligence, eavesdropping, CIA

What's the potential of the IM security market? Symantec thinks big

Yesterday, Symantec, one of the world's leading security, and of course, storage providers aquired IMlogic, a leading provide of Instant Messaging security solutions. How sound is this move anyway? Doesn't Symantec already have the necessary experience in this field?

IMlogic has never been a build-to-flip company. Dating back to 2002, it has managed to secure important customers, Fortune 1000 companies as a matter of fact, and acts as a prefered choice for many of them. And given that enterprise IM is exploding, and so it home use, the real-time nature of this type of communication has always been acting as a hit-list in my mind. Client based vulnerabilities, social engineering attacks, auto-responding malware, and many other issues are among the current trends. How huge is the potential of IM security, or is it me just trying to think big in here, compared to Symantec's simple product line extension ambition?

Besides acting as another propagation vector for future malware releases, IM usege worldwide is already outpacing the most common form of Internet communication -- the email. A Radicati Group's research report entitled "Instant Messaging and Presence Market Trends, 2003-2007" indicates the same. The group predicts that :

- 1,439 million IM accounts in existence by 2007
- a very significant increase in corporate imlpementation of IM, from 60 million accounts today to 349 million in 2007.
- that's a degree of monopoly, as always!

Lucky you, Symantec!

With fear of being a pessimist, I have though witnessed how unique organizations and teams got eventually swallowed by the corporate world. And it's their know-how that I truly miss these days. You can though, still go through Symantec's constantly updating list of acquired companies, and it's evident they are fully committed to continue being a market and knowledge leader. I also recommend you read a great aricle at eWeek entitled IM Threats : The Dark Side of Innovation to find out more about the current trends. What's your attitude about them?!

Technorati tags :
Symantec, IM, security, information security

Happy New Year folks!!

Dear friends and visitors,

Happy New Year and sincere apologies for the lack of updates on my blog recently. It's not that I have somehow stopped brainstorming on how to put my knowledge into neat posts, rather, I didn't have the time that I wanted to provide an in-depth overview of they key topics I had in mind :-)

I wish you all the best in 2006, thank for your feedback on my ideas, and keep ridin' on the road of intellectual exploration!

How to secure the Internet

I recently wondered, are there any existing government practices towards securing the entire Internet?

So I went though the U.S National Strategy to Security Cyberspace, to find out what is the U.S up to given it stillmaintains "control" of the Internet. What is the Internet's biggest weakness? No, it's not a sophisticated term, its a common word called design.



A fact that is often neglected as the core of all problems, is that the Net's design by itself was primarily developed for reseach purposes. That is, universities and scientists exchanging data, users whose activities would definitely not result in the following :)



- infect the competing Ivy League universities with malware, and "borrow" as much intellectual property as possible

- Conduct DNS poisoning and redirect their competition's site to their own one

- Eavesdrop on their fellow researcher's communications



The Internet wasn't mean to be as secure as we wished it could be today. So, when it became public and turned into today's part of daily life, I feel this weakness started to remerge on a harge scale.



Perhaps the second biggest vulnerability is the ability to forge source addresses, and given you can spoof the origins of your packet no accountability for a great deal of today's threats is present. IPv6 isn't the panacea of security, and would never be though. There are as a matter of fact a lot of vulnerabilities related to mostly, implementation, and awareness on the possibilities. But the introduction of IPv6 over the Internet, still remains an ambition for goverments and organizations across the world. As a matter of the the U.S DoD indicated their troubles while migrating to IPv6, but they desperately need it. Though, I greatly feel the sooner the better.



The current Internet IP space is so easily mapped and datamined, that on most occasions,such transparence is mostly beneficial to malicious attackers. I believe that security threats can indeed have a national security impact, of course, given their sevirity and actual abuse. Today's information and knowledge driven societies are largely dependent on information and technology infrastructure for most of their needs. This has on the other hand boosted a tremendous technological growth. It eventually resulted in an increased world productivity, but the dependance can also affect real life situations on certain ocassions.



Can cyberspace indeed influence real-life situations and cause havoc?
Would someone wants to bring down the Internet, and how sound is this? What are the main driving factors behind the known weaknesses of the infrastructure, and how can their negative effects be prevented?



I greatly feel that the growth of E-governments, native Internet population, improved communication infrastructure, thus more bandwidth and opportunities,are crucial for the growth of a nation. The only weakness besides actual usability or utilization, is Security.



Going back to the report, it clearly highlights and takes into consideration both, soft and hard dollars.


That is, enemies conducting espionage over companies, universities, or mapping key government, industry networks, and easily reachable known targets to be used later on. Hit-lists for potential targets can be easily gathered in today's open source intelligence world.



On a worldwide basis, the implications to the entire Internet posed by insecure DNS servers, and by the insecurities of the DNS protocol can undermine the Internet in itself. What happens when all sites are actually there, but remain unreachable worldwide? The 2002 attacks on the root Internet servers indeed acted as a wake up to the international community on how fragile the current system really can be.



Some of the obstacles for a secure Internet from my point of view consist of :

- Plain text communications are the easiest, most common way malicious attackers can abuse a nation's communications, excluding the fact that the majority of communications remain unencrypted

- Lack of evolving compliance, threats change so fast, that everyone can barely keep up with them, and what used to be "secured" yesterday, is vulnerable today

- Less procedures and strategies, more actions, perfecting planning is futile, by the time you end you planning process you would have to change everything. My point is, empower those who are able to execute real actions towards improving security.

- The gap between government, private and academic sectors is resulting in a lack of integrated early warning systems, that would eventually benefit everyone

- Realization of a nationwide client-side sensor, I have also considered Symante's utilization of their 120M client based as the biggest, most sensitive honeypot ever.



To sum up my ideas, migration to the, at least though to be more secure Internet2 , would take years and cost billions of dollars on a worldwide basis, yet it's worth it!



Have an opinion? Share it!



Technorati tags :

cyberspace,security,information security,IPv6,Internet2

Security quotes : a FSB (successor to the KGB) analyst on Google Earth

"Lt. Gen. Leonid Sazhin, an analyst for the Federal Security Service, the Russian security agency that succeeded the K.G.B., was quoted by Itar-Tass as saying: "Terrorists don't need to reconnoiter their target. Now an American company is working for them." A great quote, and I find it totally true. The point is, not to look for high-resolution imagery, but to harness the power of OSINT, improve their confidence by observing the targets "from the sky", and actually plan and coordinate its activities on huge territories. AJAX anyone? :)



However, the public has always been good at bringing the real issue to the rest of the world. There have been numerous attempts to spot sensitive locations, and I wouldn't be myself if I don't share the joys of the Eyeball Series with you. Of course, in case you haven't come across the initiative earlier.
However, the way it gives terrorists or enemies these opportunities, it also serves the general public by acting as an evidence for the existence of espionage sentiments, here and there. Echelon's Yakima Research Station was spotted on GoogleMaps, originally by Cryptome, see the dishes there? Any thoughts in here? Can Microsft's Local Live with its highly differentiated bird eye view on important locations turn into a bigger risk the the popularity of Google's services?



Technorati tags :

Google Earth,Google Maps,satellite imagery,OSINT,security,terrorism

Keep your friends close, your intelligence buddies closer!

Too much power always leads you to the dark side!



Cryptome has yesterday featured a excerpt from "State of the War : The Secret History of the CIA and the Bush Administration" shredding more light on what the NSA used to be before 9/11 and how things changed at a later stage. In case you really want to find out more about the entire history of the NSA, go though "The Quest for Cryptologic Centralization and the Establishment of NSA, 1940-1952", and some of the most remarkable NSA released publication entitled "Eavesdropping on Hell : Historical Guide to Western Communications Intelligence and the Holocaust, 1939-1945".



My opinion - With no guards, the gates are always open. But who will watch the watchers when they start watching us?!



Even though, as Marine Corps General Alfred M. Gray have put it years ago "Communications without intelligence is noise, intelligence without communications is irrelevant", and so is privacy in the 21st century, period.



Technorati tags :
NSA, intelligence, eavesdropping, CIA

What's the potential of the IM security market? Symantec thinks big

Yesterday, Symantec, one of the world's leading security, and of course, storage providers aquired IMlogic, a leading provide of Instant Messaging security solutions. How sound is this move anyway? Doesn't Symantec already have the necessary experience in this field?



IMlogic has never been a build-to-flip company. Dating back to 2002, it has managed to secure important customers, Fortune 1000 companies as a matter of fact, and acts as a prefered choice for many of them. And given that enterprise IM is exploding, and so it home use, the real-time nature of this type of communication has always been acting as a hit-list in my mind. Client based vulnerabilities, social engineering attacks, auto-responding malware, and many other issues are among the current trends.


How huge is the potential of IM security, or is it me just trying to think big in here, compared to Symantec's simple product line extension ambition? Besides acting as another propagation vector for future malware releases, IM usege worldwide is already outpacing the most common form of Internet communication -- the email. A Radicati Group's research report entitled "Instant Messaging and Presence Market Trends, 2003-2007" indicates the same.


The group predicts that :

 - 1,439 million IM accounts in existence by 2007
- a very significant increase in corporate imlpementation of IM, from 60 million accounts today to 349 million in 2007.
- that's a degree of monopoly, as always!



Lucky you, Symantec!



With fear of being a pessimist, I have though witnessed how unique organizatons and teams got eventually swallowed by the corporate world. And it's their know-how that I truly miss these days.
You can though, still go through Symantec's constantly updating list of acquired companies, and it's evident they are fully committed to continue being a market and knowledge leader. I also recommend you read a great aricle at eWeek entitled IM Threats : The Dark Side of Innovation to find out more about the current trends. What's your attitude about them?!



Technorati tags :
Symantec, IM, security, information security