Best Blog Writers For Hire In August 2017 - Upwork If you often aim to complete complex, multilevel tasks with a clear goal and end date, you’re partaking in project management. Add in multiple team members, stakeholders, office politics, a PMP certification, and a ton of coffee, and you’re facing one of the most common—and complicated—jobs in the world..” Since then, it’s grown into a fully functional app, complete with multiple modes (kanban, scrum), backlogs, user stories, and everything else you’d need to get started with agile development. Find freelance bloggers on Upwork. Post your blog writing project for free. Hire & manage freelance blog writers online.
Find UK Blogging Freelancers - Hire quality freelancers for Blogging. Field workers often create Excel spreadsheets to track data and run their processes. Here's how Carlsberg Danmark centralized business process management, created an orderly system with consistent data, and saved hundreds of hours in backoffice time. Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. UK Freelance Blogging and other Writing & Editing freelancers. Available now. Post your Writing & Editing projects for free -
Bloggers to Hire Recommended Blogging Services Hire Bloggers My name’s Ben Holbrook and I’m a Barcelona-based travel and food writer/blogger from the rugged coast of South Wales in the UK. But for me, this is more than just As a child, both of my parents worked in the travel industry and it was normal for me to travel five or six times a year; sometimes even more. We’d row ashore to haggle with the locals and hunt out the local cuisine. I set up this blog after moving to Barcelona in 2009 and falling head over heels in love with the food, people and culture of Spain. Philip Turner UK blogger for hire. I am a retired teacher who. Andrews Copy writing. I'm a blogger and a copywriter who is looking for some gs on the side.
Free blogging platform List Start a New Pro naše stávající i nové zákazníky jsme připravili nabídku rozvozu domácích houskových a bramborových knedlíků. Za dobu, co je vyrábíme, se staly knedlíky jedním z nejžádanějších výrobků na trhu. Top 10 Best Free Blogging Platforms to Start a New blog at Free of Cost. There are many people who do not have the resources to create a blog.
How to Find, Hire, and Work with Freelance Writers - Zapier Located literally ‘outback’, this cozy bungalow is a world all to itself. Over 350 , it includes a king sized bed, air conditioning, mini fridge, propane fireplace, hot tub and private bath as well as a large flatscreen TV, DVD and a Keur beverage maker. Jun 5, 2017. Learn how to hire freelance writers, as well as how to find and keep hh-quality. Businesses turn to freelance writers for blog posts, case studies, white papers, and. There are six main routes to finding good freelancers. UK-based freelancer Sophie Lizard, who specializes in science, technology and.
InformationWeek News Connects The Adresse : 21 rue Médéric – 75017 Paris Téléphone : 01 56 79 77 15 Email : [email protected]és : Service Voiturier Accès : Métro Courcelles ou Malesherbes, Bus 30, 84 Horaires d’ouverture : Le dimanche de 19h45 à 22h30. Du Lundi au Jeudi de 12h à 14h30 et de 19h45 à 22h30. News, analysis and research for business technology professionals, plus peer-to-peer knowledge sharing. Engage with our community.
Tasmania Campervan Holidays Britz I haven’t tried their services (nor am I in any way incentivized to list them here) but I know these good people and how smart they are. There’s no affiliate or referral links here: I am listing these awesome bloggers because I want to help you find AWESOME people to accomplish your writing and marketing goals! Wine & Food. Tasmania offers wonderful opportunities to savour hand-crafted wine, beer and fresh produce, and to meet the stars of the show - the makers, chefs and.
BibMe Free Bibliography & Citation A company blog is an integral part of any social media and content marketing strategy. However, finding the right person to write your company blog can be challenging. A best case scenario would be to have an existing employee who knows your company and can write amazing blog content. Unfortunately, that person isn’t always easy to find. Blogging is a skill that is very different from other forms of writing. Hiring an experienced blogger, either as a freelancer or an employee, can help turn your company blog into an effective brand building tool. Here are 20 websites to help you find a company blogger who can take your blog to a higher level. There are many websites and blogs that are targeted to bloggers and writers. Some of these sites offer ways for employers to publish open job postings. The following sites are a great place to start your search for a company blogger. Problogger is owned by Darren Rowse, and it’s one of the most popular blogs about blogging. The Problogger job board is a first stop for most bloggers who are looking for paid blogging jobs, so it’s a great place to publish your company blogger job posting. Media Bistro offers an online community for writers as well as a job board. This is one of the more expensive places to publish a company blogger job, but the quality of applicants is likely to be higher than many writing sites or freelancer sites (discussed in the next section). Free and paid job postings are currently available. Blogging offers an online forum that includes a folder dedicated to writing jobs for bloggers. You can register to join the forum for free and publish your company blogger position to the forum. Jobs are also included in a weekly listing of blogger jobs curated from most of the sites included in this article. That list is promoted on the Blogging blog and in a weekly newsletter to subscribers. Journalism is a website for journalists, which includes a job board. It currently costs to publish a job posting for five weeks. Freelancing is a popular career choice, and many freelance writers and bloggers search for jobs on websites dedicated to freelancers. Service fees can differ significantly from one site to another. Always check the pricing and payment process for a freelancer site before you submit a job posting, so you’re aware of all fees required throughout the process. Elance is a very popular site for freelancers looking for work. When you publish a job posting, freelancers respond with bids. You select the freelancer you want to work with and agree upon the pay. Once the freelancer is paid, Elance takes a percentage. As an added step, you are expected to pay a portion of the agreed upon quote when the first milestone of the project is completed. Odesk is another site that works similarly to Elance, but freelancers are expected to track their work using a special tool which verifies their reported time. i Freelance is another freelancer site that allows you to post a blogger job, solicit bids, and select a freelancer to work with from those bids. Guru is free like i Freelance and offers another place where you can publish a blogger job posting and get responses from bloggers who are looking for work. Freelance Switch is a free job board owned by a group of freelancers whose goal is to connect freelancers, including bloggers, with employers. Small and large career sites offer places where you can publish a posting for your company blogger position. Both in-house and freelance/contract positions can be posted to these sites with significant price differences. Do your homework and confirm pricing structures first. Simply Hired is a popular job search site that is affordable for small and large companies. Jobs listed on Simply Hired are also syndicated through approximately 25,000 affiliate partner sites giving them more exposure. Indeed is one of the most popular online job sites, and you can publish a blogger job posting on the site in just 5 minutes. If you have a bigger budget, then publishing your blogger job posting on Monster will give it significant exposure and bring in a lot of applications. Along with Monster, Career Builder is one of the most popular career sites. If you have a bigger budget, then its huge audience makes it a great place to get your job posting seen by hundreds, if not thousands, of people. Every local Craigslist site has a Jobs section where employers can post open jobs. It’s free, and it’s a great way to target local candidates. Linked In is the most popular social networking site for professionals, so it’s a popular place for professionals to look for new job opportunities. You can pay to post a job on Linked In (fees vary by location) at anytime. It will appear in the searchable Jobs Directory, as an update in your personal news feed, and on your Linked In Company Page if you have one. There are more content companies popping up every day. Some of these companies offer great services from talented writers but others are nothing more than content mills that provide low-quality content. Review samples from content companies before you agree to work with one. is a popular content company that offers blog posts starting at and tweets starting at . You can purchase blog posts in increments of 10, 20, or 30 articles at a time. Contently markets its services as providing magazine-quality writing by experienced journalists and bloggers. Susan Gunelius: Susan Gunelius is a 20-year marketing veteran and President & CEO of Key Splash Creative, Inc., a marketing communications company. She has authored nine books about social media, content marketing, branding, copywriting, and blogging, and she is a marketing columnist for and Susan speaks about marketing, branding, and social media at events around the world and is often interviewed about marketing topics by television, online, print, and radio media organizations. BibMe Free Bibliography & Citation Maker - MLA, APA, Chicago, Harvard
Microsoft ZDNet Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDo S). We don't know who is doing this, but it feels like a large nation state. Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it's overwhelmed. These attacks are not new: hackers do this to sites they don't like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDo S defense. Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDo S attacks against them. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. Moreover, they have seen a certain profile of attacks. The next week, it would start at that higher point and continue. These attacks are significantly larger than the ones they're used to seeing. The attacks are also configured in such a way as to see what the company's total defenses are. There are many different ways to launch a DDo S attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they've got to defend themselves. I am unable to give details, because these companies spoke with me under condition of anonymity. That won't take down "the internet" though, just DNS resolution. But this all is consistent with what Verisign is reporting. wait till you piss off every single large ISP out there! If they're planning to take down the Internet, unplugging them or them being unplugged is the least of anyone's problems because if it is a nation-state, doing something like this would really only make sense to do if it's coordinated with a real world attack. However, since so many services depend on that, people who don't know how to use the internet without DNS, like 99% of its user, would be shut off. Verisign is the registrar for many popular top-level Internet domains, like and • September 13, 2016 PM Why don't you tell us what you mean with "some of the major companies that provide the basic infrastructure that makes the Internet work"? Still, you would still be able to reach any server by IP. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. My feeling says it's either * Cloud Flare or similar. I guess I should take the link to Veri Sign as a hint that it's Every quarter, Verisign publishes a DDo S trends report. Too bad that these articles have to be so vague all the time because of the "anonimity" excuse. Even if human actors are in China or Russia or Fooland, the attacking machines & networks can be located anywhere in the world, even — especially — inside the country of the target. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex." There's more. wait till you piss off every single large ISP out there! On the other hand, if it's done much more underhandedly and less obvious, you never know... The call is coming from inside the house, as it were. One company told me about a variety of probing attacks in addition to the DDo S attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. You don't pull the plug on the power company that supplies your own home/business. if China or Russia decided to "take down the internet"... • September 13, 2016 PM Let's assume the attack to take down the internet comes from East Asia. Now, if the location of the attack cannot be determined, simply turn off the power to the trans-ocean cables all at once, or the one most highly suspected for example, East Asia. In anycase, let's remember the ultimate defense/retort is to simply pull the plug. And remember we have always been at war with East Asia so let's not freak out by a few alarming action reports. Also, what better way to get additional Federal funding than to get the rumors started that our internet is under attack. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services. It doesn't seem like something an activist, criminal, or researcher would do. EDITED TO ADD (9/15): Podcast with me on the topic. Tags: cyberwar, denial of service, essays, Internet, Verisign Posted on September 13, 2016 at PM • 171 Comments • September 13, 2016 PM "What can we do about this? With that in mind, a closed, not highly Internet enabled country makes the most sense- like China. If it goes down, how many deaths and serious injuries can we project, aside from carpal tunnel? As for prevention, I would suggest the old but reliable doctrine of M. • September 13, 2016 PM Are we sure that this isn't the NSA or Do D who have been playing around? Cyber funding has skyrocketed since Stux Net found its way into the wild! Profiling core infrastructure is common practice in espionage and intelligence gathering. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. The data I see suggests China, an assessment shared by the people I spoke with. Nothing, really." - Well there is one thing you can do. What better way to defend our internet than know what it's weaknesses are? FUD - fear, uncertainty, and doubt -- mean more money • September 13, 2016 PM Don't discount the USA as the source of the attacks. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. On the other hand, it's possible to disguise the country of origin for these sorts of attacks. Don't put any critical command & control infrastructure (say, for managing power transmission) in a position where it requires the internet to function. I definitely remember a certain president saying he wanted an "Internet Kill Switch" just in case something like the "Arab Spring" happened here... It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the US decides to make an international incident over this, we won't see any attribution. If their intent was to test the extremes of different systems, they apparently took quite a methodical approach and disregarded the possibility of an intelligent response, or didn't change the test plan according to intermediate results. if China or Russia decided to "take down the internet"... Was headline news a few years ago, pretty easy to find. Hmm in the past all it's required is a rodent with sharp teeth, or misconfigured boarder protocols. Likewise when talking of "tangible" physical attacks as was seen with power transformers, if you know what to aim at a few cheap rounds of ammunition used on a choke point will do. Heck even low grade Romanian gypsies stealing cable to sell as scrap have brought down telecommunications infrastructure very well and much more permanently. As for "intangible" information attacks then DDo S attacks are just the current flavour of the month being seen. Thus I would suggest that they are not "attacks" as such, but "black box testing" to enumerate for other much more effective attacks. The reason I say this is DDo S attacks are grossly inefficient. Whilst they might be cheap for "bot herders" the result is that the botnet gets compromised and it's control channel etc identified and neutered. Further DDo S attacks are distance sensitive, the further the attacking host is from the target host the easier it is to reduce or limit the effects of a DDo S attack. If you want a real world analogy think of a DDo S attack as being like "covering fire" it uses an incredible amount of resources to achieve very little, in that the opponent just keeps their head down whilst it is happening. A sniper however is very resource efficient taking just one or two rounds to permanently eliminate an opponent. A major use of covering fire, is to keep the enemies head down in their slit trenches etc whilst members of your forces come up on their flank and at an appropriate signal run across close to the slit trenches chucking in fragmentation grenades etc. And I suspect that these DDo S attacks are the equivalent of "covering fire" to get in APT payload etc. • September 13, 2016 PM Verisign is the registry for and domains, not the registrar; the registry is indeed the most critical infrastructure in the value chain because it's one publishing DNS delegations, but the registrar is the one interfacing with registrants and then possibly updating the information stored in the registry. • September 13, 2016 PM There are good and bad parts to this. A distributed attack implies a footprint of one or more exploited flaw. This is one place where the hoarding of defect knowledge by a TLA has value. Some sample of these compromised machines can be inspected and the vermin identified and solutions developed. Some defects facilitate abuse and others allow forensic inspection. I would be happy to see bug fixes for old and musty operating systems escape from special fee update sites from time to time. I am modestly pleased with the Windows 10 update policy but less so with their snooping and data gathering tricks. The optimist in my wants to believe that some at M$ are using the army of Win10 machines to assist in squashing these distributed collections of compromised machines. A vendor or TLA could patch them and thus disconnect them from central command as part of the patch process. There are two classes of hardware -- cheep inexpensive machines handed down and running old crud without a license as it were. A second would be the infrastructure machines like big routers and server clusters. The inexpensive small machines are the pawns and outnumber the command and control systems by orders of magnitude. They may prove easier to patch and fix than the valuable command and control machines. One recent criminal act: The false "Paramount Issues DMCA Takedown On Ubuntu Linux Torrent" is step backward in the distribution of an improved OS compared to Win XP and older Win-cruft for old limited CPU power machines. A critical problem with bot farms is the distributed computation power. Some bitcoin work is being done on compromised hardware. That army could be turned (if it is not already) to attack validation keys that enable vendors to validate and install bug fix updates. If and only if (IFF) agencies near and far chartered with security pay attention to reality and IFF law makers get good advice and pass quality law that encourages responsible research and product responsibility will we avoid a disaster. Consider a four year old modern phone made by a company with home offices on one side of a DMZ seperating it from a nation with troubling intentions. Such devices are too expensive to discard and too powerful to be allowed un-patched on the internet or cell phone networks. Law: Failure to patch older hardware should be grounds to halt the import of new hardware. It is in the national (all nations) interest to hobble business plans that profit from planned obsolescence of product by neglecting the maintenance of software. Phones, Smart TVs, DVD players with Smarts, routers, modems.... • September 13, 2016 PM @Kevin My thought exactly. We know that the government engages in "stress tests" of the financial system and the banking industry. So it would be expected that they would do the same thing with the internet. I'm deeply puzzled by Bruce's insistence that this must be a foreign actor. Someone say recently, "security researchers came to the conclusion that attribution was hard, then they promptly forgot it." This essay seems more evidence of that. the blog entry: There are, somewhat simplified, three perspectives, namely the technical perspective, the political perspective, and the commercial perspective. Our problems are to a considerable degree self-inflicted by allowing commercial and political perspecties and interests to dominate decision making. Example in case: A techie would, of course, vote for a redundant approach (which was, after all, the very idea behind the internet). Commercial interests, however, prefer other approaches, particularly those that enable them build quasi monopolies. That's why and are basically dependant on a few (or even just one) company/ies. Schneier quoted here as being (mis)guided by an almost religious believe in technology (that is more or less centered across the ocean). That same cardinal sin was repeated with PKI, namely with the dreaded CAs. Putting on my intelligence hat, I's quickly come to the conclusion that a) "cyber intelligence gathering" is just one of many way and b) that that way leaves traces and makes lots of noise. Why run a major ddos attack when I can gain much information by having a room cleaner to tell me the exact model and other information about critical devices? Why running a ddos, when I can simply and cheaply rent a server at a colocation and find out quite a lot the boring old way (like walking in, being excited by the oh so super hich-tech equipment and being shown around by a friendly colo technician? Even cheaper, many colos, some of them running quite critical infrastructure, proudly show their equipment even on their web pages. Having worked in a major colo I know the situation from the other side, too. Background checking personel only goes so far (and in some legislations is severely limited by legal restrictions). Getting your techies to be tight-lipped is relatively easy. show is worth little in Russia, tangible and real results is what is desired and expected. One doesn't need to run major ddos and ci attacks to find out. Getting them to stay tight-lippen when having a beer with colleages, however, is next to impossible. As management you have a find a balance between PR/marketing and being security minded. Plus you have service people for your equipment coming and going, and so on. Intelligently and professionally analyzing OSs, cisco and juniper boxen and the like will reward you with way more easy to open doors that massive ci gathering. Are the goons in washington betting a lot on cyber intelligence? Sounds about right, but if you discount Russia, and that's a big if... Why would nation state do this, especially China and the US, when most of the hardware, including network, comes prepackaged with malware already? Maybe the "cover fire" is for activating the malware instead and we are at the brink of cyberwarfare for real. • September 13, 2016 PM It's so easy for a well-funded Bad Guy to hide - use stolen credit cards to buy other stolen credit cards from The Usual Suspects, use those to buy cloud time on multiple servers, use those to deliver malware through ads you also bought with hard-to-trace money, and build yourself a spare bot army that sits there quietly while you use your other bot army to do some test attacks. "Mutually Assured Destruction" is a two-player game; it's different in a three-or-more player version where Eurasia rents some servers in Eastasia to attack Oceana and get them to retaliate, with everything laundered through shell corporations, actual corrupt Nigerian officials, competing Russian crime syndicates, and the occasional Balkan-region teenage hacker who only exists on paper. That's not how any of the legitimate US government agencies would work (and the Treasury didn't run bank stress tests by actually making half their new mortgages default, either.) I'm not saying that there aren't illegitimate Internet activities going on, but the spooky agencies are much more interested in comprehensive eavesdropping than in DDo S. • September 13, 2016 PM I appreciate these attempts. Curiosity is the very basic system of nature, the driving force behind evolution. Hopefully the tests will bear fruits and the system will improve. Russia and China, yeah, together they’ve invented the Internet, just to harm the US! ”It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.” (@Bruce, my emphasis) Hilarious! Btw., cutting “them” from the Net is similar to cutting your hands off. OK, probably with the Net it will take some hours more to realize. @Bill Stewart (“legitimate US government agencies”): I can hear ya, from the Bay of Pigs to Athens, from Tehran to … • September 13, 2016 PM I hope America's foreign archenemies wait to destroy the Internet till we're done downloading the files they got that prove US democracy is fake, in case it didn't work when they poisoned Hillary. • September 13, 2016 PM Well, if you read the Versign report summarizing Q2 2016 DDOS Attacks, there is a map on page 12, showing that the vast majority of attacks came through from the USA, Germany, and Great Brittain. https://uploadfiles.io/7dc58 PW: Gu CCif3r_2.0 • September 13, 2016 PM @ Bill Stewart "actual corrupt Nigerian officials, competing Russian crime syndicates, and the occasional Balkan-region teenage hacker who only exists on paper." .that Romanian masterhacker who can't hack, otherwise dubbed '1.0', but allegedly had hacked Hillary's emails when that allegation was deemed benevolent. We'd all go back to watch the TV and listen to radio, with antennas. So consider this, what would we do without internet (after internet)? There are two classes of hardware -- cheep inexpensive machines handed down and running old crud without a license as it were. A second would be the infrastructure machines like big routers and server clusters. Sounds like another middle manager taken in by slick IT consultants and salesmen. When it comes to computer chips, you'll never know the difference between cheap shit and expensive shit unless something goes wrong, and with all that VIP-level support, it doesn't matter anyway. That second class of hardware -- let me explain -- it has a sleek metal frame that mounts neatly in a rack and it comes with a premium 24x7 valet-service on-site on-call technical support contract, but deep down inside, when it comes to the actual chips -- and even the actual software that runs on the chips -- it's the Same Old Shit, otherwise known as S. The chips are CZ and you've got some salesman with cuff links dazzling you with all this technical talk about the 4 C's and several bullet points about why his brand is better than the competition. • September 13, 2016 PM Clive Robinson's comment: "... And I suspect that these DDo S attacks are the equivalent of "covering fire" to get in APT payload etc." In that vein, careful calibration of DDo S attacks could be preparation for DNS cache poisoning/MITM attacks on certain targets. During l'affair Snowden, Edward warned Laura Poitras et al. to conceal, as much as possible, their internet locations: if NSA knows where you are, in the IP sense, it knows how best to attack you. I suspect that it might have a lot to do with "home broadband". Afterall it's known that many "service provider" provided DSL etc routers have built in WAN side back doors for "service technicians" to reconfigure them remotely... With the majority of computers on the LAN side being unpatched Win OS's with one or two low end AV solutions on them. If you think about it as an attack surface, it's a handfull of vast monocultures. • September 14, 2016 AM ...yeah, but on the other hand: Training keeps you fit! These internet "service" providers are all fat cats without much resistance to threats. Maybe Apple should look for some billions in its deep pockets to preserve the infrastructure it so hardly depends on (or to be correct: the users of its hardware trash so hardly depend on). • September 14, 2016 AM The economic damage caused by a multi-day global outage would probably be on the order of 100s of billions to trillions. Sadly, most businesses do not have a Plan B that doesn't involve some form of non-local network access (even smaller retail shops still upload their daily transactional snapshots to corporate headquarters). For medium- to large-sized companies, perhaps the decision to run their entire shop on VOIP, Saa S and Amazon AWS will need to be revisited. Cheers, Spooky I'm still surprised at how few people picked up on the implications of that comment. :-) If the internet were unavailable for an entire week (and cell networks proved utterly incapable of handling the traffic surge, even for simple SMS and voice comms) we'd be reduced to POTS, broadcast radio, television and local ham operators. It's perhaps better said "If I own the upstream node from you, I own your traffic". The main implication is the likes of the NSA strive to own the network switching/routing nodes, not individual leaf nodes. So as an owner of a leaf node, it does not matter how much you instrument your systems, you will not see NSA droppings on your systems. As we now know the likes of SSL has not been much of an impediment to their activities due to implementation defects. However if you do become a person of sufficient interest, ownership of the upstream node to a target alows a tailored approach to dropping RAM only malware onto your system. Then using that as a bridge to get sufficient information on the system internals, put a real low level exploit in the likes of ROM on I/O devices, where all but the most expert of searchers with specialised equipment will not find it. As I indicated at the time sending "Tweedle Dee and Tweedle Dumb" up from GCHQ in Cheltenham to the London Offices of the Guardian was a real mistake. It alowed the Guardian to subsiquently show to the world the areas of hardware on motherboards where they had removed and destroyed components. It was confirmation of what sort of real low level attacks were possible (and actually known about by "old hands"). Which if people remember back then there was a lot of "head in sand" behaviour with "Bad-BIOS" denials. With such tricks later being shown to be used commercialy by the likes of Lenovo to put persistent malware on their systems that would survive a full hard drive wipe etc... And people wonder why I still build systems using old CPU's with real old fashioned UV-ROMs and have no Flash ROM or other "electricaly alterable" ROM... Hopefully another schmuck whistleblower won't publish a paper that leeks my electrostatic subversion tool! I can charge a hair-comb just right, and bring it next to your computer to infect it. We can alter your ROM by modulating the ambient humidity of your device. Try to air-gap that one ;) • September 14, 2016 AM Linode, where I do some virtual-server stuff, experienced a series of attacks fitting the profile Bruce describes over the Christmas-to-New Year's period 2015/2016. You know, I was reasonably happy with my trusty 286 in college; everything was rendered in a soothing shade of amber. So long as our standard unit of informational currency continues to be text, every computer produced since the 1960s should be capable of adequately consuming that data for your ongoing edification and enjoyment. Also, symmetric crypto is still possible on those old beasts. Cheers, Spooky This is where I realy show how old I am... Back when Byte Magazine was the number one computer mag to get, they published an article on RSA public key. Within a couple of days I'd written a 256bit version in Z80 assembler to run on a Microsoft CP/M card for the Apple ][. As for PC's yup I remember amber screens, they were so much nicer on the eye than erie green of the "glass tty's" still prevelent in data centers of the time. For my sins locked up in the safe is an Amstrad PPC640 "portable" computer with 8086, 640K ram, dual 720k floppies and a 2400baud modem and "pull up" LCD panel with a strange yellowy green colour. As I've mentioned before I still use it occasionaly for generating OTP pages on a dot matrix printer with two part stationary... • September 14, 2016 AM 20 years or so ago I remember standing up in a RIPE meeting and asking how IPv6 is going to provide diverse routeing via BGP to those that don't want to live in a hierarchically routed world. The academics couldn't understand why we, the commercial world, would want this in the brave new world of IPv6. This is one of the many reasons IPv6 failed and we are stuck with IPv4 (and no easy to get address space anymore). The worry about state-actor attacks like this is somewhat like that; Many don't quite "get it" and believe that the individual parts that they are not interested in are not critical to others. You stop the cat videos flowing and you have as much of a problem as if you block consumer bank accounts. Some here will worry about the power station or the sewage systems being attacked while not noticing the traffic lights and cameras not working anymore. Also, amazing what damage you can do with a pair of insulated wire-cutters and knowing which road junctions to go fibre cutting at. What if it's a helpful srite, what wants to improve the internetz. Only other accessories required are hi-vis clothing and some traffic cones or barriers. What if I have a friend, and he knows how to do things, and knows the internet is weak, but wants it to be strong. He probes, he scans, he DDOS's these various points, testing the other points along the way is just a natural consequence and I think is being read into more than needs to be. Things are getting stronger, revisiting the folks appears to show that the improvements are working! Everything is so gloom and doom in security, just chill and lets see what happens. If it were a nation-state, which I again think too much credit is given to, a few guys with mild coordination/discipline could do what "nation states" do, DOS is an unsophisticated tool, if I were a "nation state" I'd use something worse in addition to DOS. • September 14, 2016 AM "in Q2 2016, attacks continued to become more frequent, persistent, and complex." DNS Root letters also got a lot of unnatural traffic in that period. up to 17 Gb/s/letter of TCP SYN and ICMP flood wonder if that was part of it. As an old skool hacker, i wonder if i will see the root dns go down in my lifetime, it used to be the summun for hackers, but i guess they gave up after a few reasonable tries. • September 14, 2016 AM @Clive, All While I'm sure you realize this @Clive, for anyone else who's listening his dotmatrix printer would still be vulnerable to a simplified version of the 3d printer dual side-channel leak I'd assume. It's also likely QUITE A BIT louder accousticly and electromagneticly too. • September 14, 2016 AM First an observation: NANOG folks have noticed this before, typically the threads boil down to ways to do mandatory u RPF or postulations about reputation based filtering for the ISPs that refuse to do u RPF. Second on the this is really not new point is its especially not new for China. I worked at a large operations center who among their customers included the uplinks for a number of USAF bases. As I was on the night shift my team spent a lot of time fielding weird problem requests escalated by the more prominent customers out of the CNS group. One such call was a clockwork monthly call we got for years starting in 2002 from a 'Hong Kong government IT' staffer. Every month he would ask the same thing, can we, the ISP for the same nuclear bomber USAF base, ask the USAF IT staff to stop filtering IP packets coming from their HK networks. I had to find polite ways to say 'No' even though both ends of the phone knew it was a farce. Yet they kept calling because they were waiting for the one time someone wasn't thinking. The Chinese really don't care if we spot them, they think that overall they will eventually find the stupid and get through anyway. • September 14, 2016 AM @Clive: Does the "covering fire" metaphor actually work in cyberspace? You can't lay down covering fire if your allies are running in front of your own bullets. Maybe you could make it more of a headache for the defenders to figure out what happened - their access logs show a trillion connections from the DOS attack and one connection from a more sophisticated attack, so it gets lost in the shuffle - but a good search tool should be able to sort through all the "haystack" to find the needle within. And in any case, this would only serve to cover your tracks, not to open up a path for attacks that wouldn't otherwise succeed. • September 14, 2016 PM I have hosts on three different major hosting companies. One has seen major attacks that took down large parts of their infrastructure for several days at the end of last year, and is having to quadruple their pipes to deal with continuing attacks. They've hardened those mechanisms and added throttles to prevent the backlogs of requests that overloaded their control plane, but again, nobody took credit for the attack. The third has thus far been spared the majority of the attacks, but their control plane also got attacked. Luckily they'd already implemented mechanisms to deal with an attack on their control plane, but they did have their DNS servers taken offline for a couple of hours by the attack, which meant that their customers who used their DNS servers (rather than DNS servers hosted elsewhere) went offline from the perspective of most of the Internet. Again, nobody took credit for the attack or made any demands. All of these companies have had attacks against specific sites that have become controversial for one reason or another, but those are typically accompanied by demands from non-state actors. This is the first time they've simply been silently attacked. My prediction is that things are ramping up for a major attack at the end of this year, when the majority of senior staff at most of these companies take a vacation between Christmas and New Years, where there will be concerted attacks on at least one of these infrastructure companies that will take down a large swathe of the Internet for at least several hours. I know that at least one of these infrastructure companies is making contingency plans, but of course am not privy to the exact plans. As for the root servers going offline, there are contingency plans for that too that should keep their customers working in many cases at least on a short term basis. I understand from a retail ISP that they know for a fact that only about 30% of domestic addresses in the UK have Malware protection, because they can see traffic to/from those providers, even though this same ISP give away subscriptions of one vendors offering. Still, it's worrisome that we still have zero communications from non-state actors about any of these attacks -- which tends to back up the supposition that it's a state actor doing this. That's the equivalent of having 70% of traffic on your road system as malicious, but targeted take-overable malicious. Imagine every truck in a country free and able to head straight into a city all at once. (Which we technologists should start to use these analogies and not talk "DNS" this or "TCP" that) There is a reason we ask that cars/trucks are tested regularly to make sure they are fit to be on our roads, as well as the users of those vehicles being licensed. Those roads have capacities and traffic is managed (again I know that's a whole can of worms). Either we apply that to the internet OR we allow those ISP's to have policing of end user access and block those that are ignorant or have malpractice. The US Government Establishment and/or it's Attache` has already historically (within the recent 5-10 years) publicly acknowledged that it/they have technological interest and research in how to accomplish an "OFF SWITCH" for the Internet (DARPANET). ISP's the UK cannot immediately block an end-point (currently) at source. Please stop aggravating geopolitical nodes of information sharing with insinuations and accusations that all efforts are malicious and/or originate from nations other than the USA. And of course it is worth mentioning that the USA is a big place with many different organizations and affiliations and credos (or lack thereof). Too many false assumptions spread like malware destabilizes international relations. One area he focuses on is how the UK telecoms and ISP industries are co-operating with GCHQ on mitigating potential attacks. • September 14, 2016 PM Ciaran Martin, whose title is Director General Cyber at GCHQ, gave a public speech yesterday in Washington DC. He specifically calls out defending SS7 and BGP - where the weaknesses are due to an outdated trust model. He also mentions a pilot scheme scaling DNS filtering to the entire UK to automatically block traffic to "known malware and bad addresses". And he also makes the point this has to be opt-in to deal with consumers' privacy concerns. The first paragraphs are a standard diplomatic speech - but much is refreshingly honest. https://gov.uk/news/new-approach-cyber-security-uk • September 14, 2016 PM The salient point is that it's happening now and now, oh, ten years ago. Oh right, another round of DRAMA at ICANN't, where they're lobbying to get to rule themselves "transparently" while at the same time repeately proving to world dog that they are not trustworthy. Which is one reason why the critters in senate and congress oppose it so much. But whatever happens, since ICANN't is still a California corporation, subject to PATRIOT act, NSLs, and whatnot else, it's all for show. So it makes eminent sense that other parties say things like, "oh right, things may or may not change, but let's at least make sure we know how to turn the whole thing on its head." For whatever reason, like taking it out at a crucial point and providing a more viable alternative. No matter the reason, the capability is undeniably useful, but the timing is conspicuous. So we have structural failures at layer nine, and they are unfixable given all publicly contemplated options. My guess if it is to be towards the end of the year and the perps want to cause major impact, it would be the first shopping day after thanksgiving "black friday". And yes, far too often the techies get blindsided by the political games, or completely misinterpret what's going on, or outright refuse to see what's happening right under their noses. It would be major news worthy and would give rise to tabloid titles such as "Blackout Friday" etc. So this trainwreck will go right on and continue to wreck itself. It would cause a fair degree of economic damage at the bottom of the economy and cause quite a bit of distress in those hunting for that special bargin. • September 14, 2016 PM I don't know if it's been mentioned yet but.... I'm sure most people aren't going to be OK with a foreign entity being in charge of the Internet as is being suggested by potus. The usual problem reaction solution trick the government does. So create a problem garner reaction offer a solution. • September 14, 2016 PM @ Just a thought, "So create a problem garner reaction offer a solution." I doubt the exiting POTUS suggested that US is in control of the entire internet, though I agree this seem more like a publicity stunt and an recurring event over many years. It's funny you should mention "outdated trust model" and GCHQ together. I'm sure quite a few UK Members of Parliament (MPs) now understand the concept of "outdated trust model". Having being told by civil servants for decades that "the Wilson Doctrine" was specificaly designed to keep their privileged communications confidential against the UK IC, thus they need not concern themselves with privilege/confidentiality/secrecy. It must have come as quite a bit of a shock to be told that it was compleatly and utterly ignored by GCHQ virtually from day one... The MPs must further have been gauled about GCHQ's supposed clearing of the use of certain Microsoft products, that stored the MP's documents, emails etc via foreign countries such that they to became "legitimate traffic" for both GCHQ and other nations ICs to hoover up on mass. And at the end of the day there is now no trust in the mind of a sensible informed individual when it comes to the ICs. Not just of foreign states --that's almost a given--, but the home nation as well. Whilst the idea of a "Great British Firewall" (GBF) is a seductive idea it's actually a throw back to "Old Imperialist Thinking". That is it's just more old "Pull up the draw bridge and keep out 'johnny foreigner'" people are castigating the likes of Donald Trump for. The GBF has been suggested and sensibly rejected in the past a number of times. I suspect that it's been dragged out of the cupboard yet again because our current government is now under the control of Theresa May PM off of the back of the "Brexit vote". She is/was the driving force behind a great deal of very poor legislation including "the snoopers charter" and the European Court of Human Rights has been frequently and quite sensibly opposed to what appears to be her "ideals, mores and morals". The GBF would actually have been illegal previously because EEC and EU legislation uses the term "any person legal or natural" when talking about "free trade/movment". Which in effect means not just "Johnny foreigner" but all companies their agents and similar along with their "goods and services" tangible and intangible. Thus those outside the EU would set up European Shell Companies in compliant "blind eye turning" countries of which there are several as the Apple Tax Evasion scandle has quite clearly shown. Thus even if the GBF had been legaly possible it would have created the information equivalent of the physical problems "The Schengen Area" agrement created that has lead to the impossible to manage Sangatte and similar issues. The truth of the matter is "choke point security" which all Firewall systems are, are a bad idea if you can not 100% guarantee there are no other ingress/egress points. Thus the GBF could be looked on as a "decrepit fence around a nuclear waste dump", not something you would sanction unless you had no other choice. And the truth is that the proper solution is "clean up the mess" not "put an impossible to secure fence around it". Because if you don't you just "build in future debt" that due to complexity will grow as a power law. Thus the reality is a GBF would not realy solve any of the issues just mitigate them slightly short term. Further the cost would escalate to the point that it would be yet another unneeded tax on economic growth, as well as being a crippling impediment to productivity thus businesses would either become stagnent or move, with the latter being the favoured path by most businesses (think about why Apple setup it's European operation the way it did). So rather than "hide the mess" behind a GBF the correct solution is "clear up the mess as quickly as possible". All of the above issues assume an "honest system" running the GBF, the problem is there are no "honest systems" when governments are involved due to various "capture mechanisms". Our current western IC is out of control and not subject to the level of trustable oversight needed to keep it honest or trustable. Leaving aside the idea of turning "poachers into gamekeepers" there is no incentive for the IC to behave honestly, therefore they can not by definition be trusted. But it realy does not matter if the IC actually runs the GBF or not. The steps needed to make the GBF work favour the IC more than the GBF, thus they benifit tremendously either way.  "The reasonable man on a Clapham Omnibus" definition that was once much loved as a test by the legal proffession. • September 15, 2016 AM Something like this has been going on for some time. • September 15, 2016 AM @Clive I'll bet at some point May decides to investigate buying the GF of China because it works the way her mindset does. • September 15, 2016 AM @Clive, You've made the obvious conclusion that this is a step towards a Great British Firewall (GBF). Remember a few years back when China Telcom by accident (twice) diverted about 15 percent of world Internet traffic through it's systems? I'm going to disagree (in part) and agree (in part) with some of your conclusions on the implications. Any major ISP already has to put in place defences against a variety of attacks. The problem is usually the smaller, cost-focused, ISPs. They are the ones that would benefit from GCHQ saying "here is your next set of problems: apply this set of rules" . Much like GCHQ's security recommendations to UK businesses - they are nothing anyone here would quibble with - but for many small and medium companies they are valuable, if only they would implement them! The UK courts have been willing to order ISPs to implement technical measures to protect the commercial interests of media companies. It is a short step for those courts to see the GBF as a mechanism they can use to block content that is not illegal, but commercially or politically undesirable. The UK celebrity injunction fiasco; some of the odd uses of the EU Right to be Forgotten). I would also think, from an intelligence point of view, that's it's preferable to have the world's nutjobs on the open internet where you can keep an eye on them, as opposed to having them develop the technical skills to go into the dark web. And I'm aware this conflicts with my own views on privacy. There was clearly something in the air on Tuesday, as that was the same day the the EU proposed its Directive on Copyright in a Single Digital Market. 13) that major OTTs will be responsible for policing on-line copyight. Article 13 "Use of protected content by information society service providers storing and giving access to large amounts of works and other subject-matter uploaded by their users" PDF Ross Anderson's BCS Lovelace Lecture earlier this year on The Challenges of Scale also makes some interesting points in this area, about the implications of scale on both the intelligence community and the major digital companies (Apple, Google, Facebook). A logical consequence of Ross' presentations would be the Over The Top providers implementing protection mechanisms like that proposed by GCHQ. So you can't post malware links to someone's FB timeline.) Then you get into the debate on whose values prevail on the internet, as Facebook recently found out with Nick Ut's 1972 photo of a Vietnamese girl fleeing a napalm attack. Finally, I'm going to disagree with you about "the sensible informed individual on the Clapham onmibus". I've been very disappointed with lack of public debate over the Snowdon affair, apart from in Germany. Somehow the Overton Window of acceptable political discourse has moved to a point that was unthinkable only a few years ago with regards to surveillance. The only people concerned seem to be the security community, who observe backdoors are a Bad Idea, and that if you collect data online it becomes a Target (e.g. the US Office of Personnel Management - now if ever data belonged on paper in a double locked safe ...). But it still leaves the question, how best to secure the vast majority of technology users who don't understand security. • September 15, 2016 AM The fix for critical services like banking and hospitals is to get them off the Internet. Those with particularly needs should have their own networks and severely limit who is on them. That makes sense for security now, independent of any DDOS attack. And if the source is China—which is likely—come up with ways to cut almost all traffic into and out of China. And by that I meant something that could be as drastic as a giant guillotine cutting fiber cable. Install those cutoffs as close to China as possible, but if a country refuses to have the cutoff, include them in the exclusion. Keep in mind that you don't have to cut all traffic into and out of China. And to state the all too obvious, come up with multiple ways to communicate that are not dependent on the Internet. Sometimes the best technology is the least sophisticated and least complex, particularly when the entire system is a transmitter/receiver at each end. That'd include HF radio, satellite phones, and any independent systems the military have. Don't forget those scenes in Independence Day when, with all other communication schemes shut down by the aliens, the U. For HF, nothing else matters but the ionosphere and the time of day. • September 15, 2016 AM Please accept this hat that I made for you! It is a shame that 23 years into the era of common home internet use, it has had not one iota of net positive effect on the use of written language. I spent a lot of time in its making, and an entire roll of aluminum foil. • September 15, 2016 AM @Mike Perry, You have made me realise that one of the problems, ironically, is IP. I believe that if you wear it daily it will really help you. We talk about how monocultures are a Bad Thing from a security perspective. And yet IP, and specifically IPv4, has become so pervasive that (in security terms) it is a monoculture. One of the consequences is that everyone who needs remote access to anything (e.g. previously the dedicated dial-up console accesses) now use IP. I don't think disconnecting any company from the internet is likely to be helpful. Have a look at the Tele Geography maps of global interconnection to see how interconnected countries networks are. Secondly, US companies' supply chains are closely integrated with companies in China. • September 15, 2016 AM "China or Russia would be my first guesses." - oh move along, automatically blaming Russia or China is so past century propaganda. "It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on" - exactly, a US Cold War program. There is an impressive list of bad-guy-things which in reality is done by US more readily and on a larger scale than any other country labeled "bad guys". US threw the first atomic bomb, and US will be the first to perform major strike on the internet, as soon as the right excuse is created, as always. US is violating freedoms and privacy of their own citizens. They are always trying to hard to make you believe that there is "US" and "them", and it is working. I'm not some fan of Russia either, but if I am to make a judgement based on evidence over doctrine, US deserves a place among top suspects. • September 15, 2016 AM Internet still uses old concepts and that freedom of thinking and its ingenuity pays back as usual in bad ways; instead of dynamic ips, use fix ones, make it linked to a precise person or company, like a phone number; make it all secure - meaning that only certain ip addresses can go into certain sites; i know that everyone will start yelling about privacy; there is no privacy even now so calm down; all security issues are coming mainly from the fact that potentially any user can do anything; well, if you need to use a site, certify your identity, that's all. Than, it's up top the software to see which one did what. • September 15, 2016 AM @ Dan You're making it too easy to for bad actors to impersonate someone else. And let's not forget a user must be able to protect themselves from site operators because the trust model has issues of its own. There are a few countries that have had bad examples of this. • September 15, 2016 AM Ah those pesky Russians and Chinese at work again. I mean, don't they have something else to do, like battle falling economy, improve democracy and human rights, build more H-bombs, dope more athletes (wait, US does that too but "legally"), or so? :-)) • September 15, 2016 AM Let's remember that although human intelligence is (somewhat) easy, there are many things that slip past even the most intelligent and well trained humans. These attacks could very well be information gathering for big data analysis, where very small sets of sparse data are being gathered to find 0-day methods, methods not known to humans, even the creators of the systems under attack (Cisco comes to mind for some odd reason...) Sometimes a cigar is just a cigar. • September 15, 2016 AM Agree with Mile - one of the primary suspects is the NSA themselves. If there is one agency which has superpowers to launch attacks of any kind it is definitely the NSA. And we know from the Snowden incidents how little conscience these guys have to violate any human rights and they have no back-off to perform the most evil of actions when they, in their divine rightness, deem this "necessary". • September 15, 2016 PM @Clive - it is very, very, very rare that I disagree with you but: And I suspect that these DDo S attacks are the equivalent of "covering fire" to get in APT payload etc. I read a lot of things saying something similar to this but I still dont believe it. DDo S attacks are noisy, simplistic and blunt objects. All it does is set off alarms on the victim and trigger response processes. It is not an effective way of covering a more subtle attack. The problem I have with this mindset is that it takes a real world analogy and misapplies it to the cyber-realm. One of two situations is likely to exist: 1) The victims have good technical security (IPS, SIEM, Fireeye, Resilient etc, etc etc). If so, the DDo S wont stop any of these functioning, and if anything, will just draw attention to their alerts at a time of heightened panic. 2) The victims dont have good technical security - in which case the DDo S isn't needed, just APT them to death. Neither support the value in running a DDo S to mask any other attack. • September 15, 2016 PM It's sadly not surprising that a sizable portion of the moronic parrots posting comments all have the same entirely predictable, knee-jerk, banal objection to Bruce's comments pointing to China or Russia as the most likely suspects, borne out of nothing more than some sort of delayed adolescent, quasi-knowing but utterly uninformed, emotional bias against the US [government] combined with a clear lack of reading comprehension. Please, before one more of you posts another variation on your repetitive theme: reread the article. Bruce does not rule out any other actor being responsible, he simply says that in his *informed* opinion--i.e. that thing none of you has--China or Russia are most likely. • September 15, 2016 PM Green Squirrel I think you are wrong. And as he also clearly states, he has information--as do the people he talked to who pointed at China--that he cannot share publicly. The main two reasons being your assuming that the usual protection mechanisms still work (for everything except the DDOS) and the nature of a DDOS attack. So please those with the same biased disposition who haven't chimed in yet: save the rest of us from another "waaaahh!!! There *is no* real protection, just some rather half-hearted mitigation. Once the traffic arrives at your firewall and other protection devices the damage is already done (and the costs incurred). Any protection whatsoever would need a propagation system (with all the caveats like trust problems). Moreover, looking closer you will notice that all that equipment has a max pps limit, beyond which its working (or not) becomes undefined. Depending one the device that may translate to "pass everything" applied or to "cut off everything" Plus the human factor. Each and every customer will notice that and quite probably the problem will also be mentioned in blogs, gazettes, etc. • September 15, 2016 PM @B As we all know, and as article itself confirms, attacks could be made to seem to come from anywhere on the world, and I'm sure a great deal of hackers use Chinese IPs and servers. Important example: Most attacks can be mumble-jumble explained away ("one customer has [done stupid or evil thing]. Plus, while single customers might use massive protection schemes (like cloudflare) that's hardly an option for a provider, e.g. All I am saying is, the way he puts it "China or Russia would be my first guesses." sounds more like the text is aimed at average brainless yellow press reader, the sort of stuff you add to article on purpose to inspire cheeky discussion like the one we have now, in order to increase number of page hits. He should have avoided publishing such assumption without basing it on something more solid than "state actors" (so we know it's a state? Must be China or Russia) and "It's not normal for companies to do that" (like big companies are known to do normal stuff). Lets face it, "China or Russia would be my first guesses" sounds like a line out of black&white American movies. All this makes me feel a bit disappointed in Code Project, the newsletter that brought me to this page, as they even gave this article a headline. Btw B, you're the only one here who is calling people "moronic" and makes crying baby sounds in comment box, so maybe you're the one who should contemplate on his "delayed adolescence." • September 15, 2016 PM Schneier is a textbook example of US sponsored terrorism. All he does is spit out war propaganda so that people believe that evil actors everywhere are trying to attack them. This is the most basic tactic used by state terrorists in order to control their populations. terrorize them) and then pretend to protect them and presenting themselves as divine saviours. The current trend is that there is no willingness (just read some of Bruces blog articles). I don't think however that this attack is an NSA job. About a technical solution, there isn't one that I know of against DDOS in the current environment but of course IPFS (and similar) could deal with the single point of failure problem. • September 15, 2016 PM I'm sure it's Russia, because Putin's government now more and more brainwashes russian citizens, telling them that Iron Curtain was a good thing, that Internet is a product of the devil, a scientific and cultural progress is against God (or against "Russian spirit"), the West is rotting in sins, so Russians should restore Iron Curtain for themselves, to become isolated from "dirty, alien and sinful" Western culture again. Or "experts" in "cybersecurity" • September 15, 2016 PM @ Skipresto, Careless talk costs lives. Weak security on personal computers mostly so malware gets easily installed. @ Andy, Clive, If it was Russia, it could be a test run for Nov. My guess if it is to be towards the end of the year and the perps want to cause major impact, it would be the first shopping day after thanksgiving "black friday". It's a wild mix of Soviet principles and orthodox christianity in its most conservative form. Thanks to your brillant "logic" I've finally succeeded in spotting the most dangerous and evil cyber-warlords of all: The Amish in the united states of a part of a part of america. Many on here just showing off their knowledge to the enemy. Not only the NSA but all IC and related parties I mean. Of course, the millions upon millions of pious us-americans and the poles are evil hackers, too. They (whoever they are) invested a lot of money, tested a weapon and don't know what to do with it? They know exactly what to do with it, when and why. • September 15, 2016 PM "These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down." since there're certain organisations out there that try to crash whole nations i've got some questions: - how big is the chance to calculate/estimate the possible crackdown point from the data they've already acquired? @ Amal, Agree with Mile - one of the primary suspects is the NSA themselves. - given the fact that it would cost billions of $ if they're efforts were successful...could it trigger a new economic crisis? Some kind of "would like to be the great invisible hand"... • September 15, 2016 PM i wouldn't call it NGO..it VEO (although it seems that they're not 'that' violent as long they're able to use their soft-power tactics...) PS: the western nation states are the target not the culprit..anyway...i'm just a squirrel..where are my nuts? and last but not least the creepiest question: - what would happen if they manage to take down some of those root servers on a certain -religiously and/or conspiracy theory- predicted day? They work targeted and a ddos stops targeted work, you never know which packet will get lost. :p • September 15, 2016 PM @ Grauhut You're certainly right the big brothers would rather we be connected to the net all day so they can watch our every single move, but a little FUD wouldn't hurt their cause atleast in terms of funding and making us give up more freedom. think of the possible psychological impact that it would have on those groups... :) • September 15, 2016 PM @Green Squirrel One of the resources that DDo S exhausts is 'eyes on glass'. O_O so long says some other squirrel PS: sry for my bad english...i'm tired as hell ._. It's all very well having great tools properly configured and effective processes for utilizing them and responding to threats but if the attention of the competent staff is diverted to other matters apparently more critical to the ability of the business to continue to generate revenue then those tools won't be of much use no matter how brightly they are lit up. By the time the analysts return from DDo S mitigation detail the APT has already played out its 'false positive' cover. • September 16, 2016 AM Why not just block China and other states that are suspected of this activity from the internet? These rogue countries are able to block their citizens from accessing it. • September 16, 2016 AM @Matt I'm pretty sure USA could do it for its own citizens, but if you haven't checked the facts lately, USA doesn't own Internet any longer. :-) Actually, considering the quantity of Chinese equipment on Internet backbones, it could be USA on the "receiving" end of the stick, this time. • September 16, 2016 AM "China or Russia..." It amazes me that our governments fear mongering still lingers with everything we know. Anytime a politician wants to make sales commission on an arms deal, just throw out China or Russia as a threat. This is most likely our own government, as people are finally realizing that this country isn't as free as we thought it was, the elite are abusing their power, using our troops to fight conflicts we started so they can line their pockets, and at some point, an uprising may occur to take back this country from them. They work targeted and a ddos stops targeted work, you never know which packet will get lost. I don't think one excludes the other and I also don't think that "Russia" is one entity, like the US isn't. I am speculating / probably bullshitting from here on: When China joins the SDR at October 1, that's the biggest financial event of the year. If the DDOS tests are as alarming as Bruce wants us to believe that must have a good reason. I can't think of a better reason than a financial one (a racket). What, except for "blowing up nukes/nuclear power plants" is the biggest impact an internet blackout can make? My monkey brain tells me it's not being able to make financial transactions. If that happens for a considerable period of time, right at the moment that China joins the SDR, it could result in a wave of panic. If this panic is enough wide spread it could result in bank runs all over the world which leads to a collapse of the entire financial system. The questions are who benefits from this and how do they benefit from the crash. First of sauing "same biased disposition" not only destroys your argument but kind of makes you look like a troll - something you might want to think about when next you post. Secondly, as I've indicated many times before, the atribution problem is not resolvable, unless you have 100% vision over every link in the chain. As this is not possible even for the NSA all you are left with is "assumptions" or "hunches", none of which meets the "beyond reasonable doubt" bar. Worse it usually does not meet the lesser "balance of probability" bar either. Thirdly the "attribution game" in the US is most easily clasified as at best a game of "follow the leader". First we had all the noise about "China APT" whilst wiser heads were pointing out other nations including Russia where at it. Now it's Russia's turn in the barrel, it will in due course be somebody elses turn at some point. However the most notable element is that the nation chosen for the attention at any given time has abundently clear political overtones to do with how certain US Agencies perceive "foreign relations". A simple examination of history shows that both China and Russia were doing what they were doing long befor their turn in the barrel and will carry on regardless just the same during and after the US Gov has turned the spotlight on another "Axis of neo-evil". It's fairly safe to predict that Iran or Similar on the US S41t list will be the next in the barrel. The only question that is realy pertinent is which US entity will provide the lead for others to follow. Mean while the earth will keep turning, the sun will rise and set tommorow and almost as asuradly every one will carry on with their games regardless of who the US select next for barrel squatting. The only thing that will change is that more and more countries IC's will develop their own cyber capabilities. Including the "Independent Repubic of Tooting" that some kid in his back bedroom has decided now exists as a nation (or should do so). • September 16, 2016 PM I can't see how taking down Verizon would take down the internet. Maybe if you took down all of the root name servers then you might take down some of the DNS system but most isps cache a lot of this data. The internet was designed to not have a single point of failure. However if you had a botnet big enough you could repeatedly overwhelm a few key routes and trigger something like a BGP flood, that is how I would do it at least. Joe • September 16, 2016 PM @Gerard: I think China entering the SDR basket is a singular event already booked in. Have a look at recurring worldwide financial events like the "triple witching hours" four times a year. If some org manages to get the worldwide financial internetworked markets out of sync by lights out on such a day we would see real fun... • September 16, 2016 PM Is part of the reason that a DDo S attack is impossible to block because the source IP addresses can be forged? If it was not allowed, then as a first step couldn't an attacked site at least cut off access from the country or countries where most of the attack was coming from? And then proceed to block the routes which most of the attack was coming from? Eventually, couldn't at least some source IPs be knocked offline by their ISP until they get a clean bill of health? • September 16, 2016 PM @Clive, Two things, both this and I could do irreparable harm to the coming parables: One, I saw a garfield comic when I was young that said "diet is die with a little t at the end." Two, it could be all the • September 16, 2016 PM @Clove (Because we all know IT's true.) Wood burners, depending on the perspective are a thing of the soon to be distant past. Not that they're entirely inappropriate in this day and age but we have better things... Wind mills for those who missed the @Sancho_Panza rant (of mine) is a reference to what P=NP would label as mouth breathers. Ideas (and other unfortunate ventures) travel on the winds. For the most part I'm of the camp that no idea is a bad idea, just like how guns don't kill people. • September 16, 2016 PM DDo S can't completely be stopped because it can be the same as legitimate traffic, just a very big volume of it. Hitting refresh over and over again in your browser on a web page is like a very tiny DDo S in theory, though in practice each packet will be set with a fake source address and set to make the server respond with as many bytes as possible. A reflection attack uses packets first sent to another server or resource first, but with each packet's original source set to the target's address, so that the first server thinks it is being asked to reply to the target, and amplifies and reflects the original requests as it does this. A NTP reflection attack works the same way, only it uses packets originally only a few bytes in size, reflected at time servers with a query that produces the largest possible amount of bytes for each reply. DDo S is basically abusing normal operations of the internet so that servers produce very large amounts of data in response to very small queries. While pretending to be B, send 64 bytes to A, producing 64,000 bytes directed at target B. Google for Work's online business mail, contacts and calendar service went down yesterday for many people, no word yet why, but also there were problems in some areas reaching their public DNS. A few different DNS services have been some what unresponsive for certain locations over recent days. • September 16, 2016 PM @ Gerard van Vooren " If that happens for a considerable period of time, right at the moment that China joins the SDR, it could result in a wave of panic. " It's classic hump and dump, which is jacking up public expectations so interested parties can dump a substantial holding. The expectations that "internet" may (though may not) crash is enough to jack up expectations of the crash so any minimal selling triggers a vast sell-off. We've seen this both ways over the course of the years both on the way up and down, but lately it touches home because the stockmeister game has been mostly involved with techs. But let's not forget in order to profit, the actor needs to have access to a vast holding, and there are only a few players in the world big enough to real-ize your version of the "bullshit". • September 16, 2016 PM I should add that Microsoft for instance tried changing their version of the command line CMD to limit the maximum values of byte size and wait for response times in packets that could be sent to other systems. Someone can just replace this modified CMD with an older or customised version if they wanted to though. I don't imagine many malicious actors would use a microsoft operating system for a DDo S anyway, unless there was some advantage for the particular goal they were trying to achieve. Cloudflare provides DDo S mitigation for many online providers of content, including those annoying CAPTCHA things if it appears you might be behind some kind of proxy or VPN. They keep increasing the complexity of CAPTCHAs as bots increasingly become more capable of learning to read and recognise how to defeat them. CAPTCHA aims to slow multiple requests from the same address in order to beat or frustrate abuse like DDo S. Other mitigation strategies include gateways or firewalls configured to ignore or drop packets once they exceed certain thresholds. DDo S is generally a very unsophisticated attack, though on occasion you do see people capable of much more sophisticated DDo S attacks where only one actor using a single device can overwhelm comparatively quite large systems, it's still mainly aimed at knocking stuff off-line or making it unavailable, or frustrating and occupying the time of administrators. It's unfortunately often hard to prevent, easy to execute, and if deployed by a skilled adversary can be impossible to trace. • September 16, 2016 PM @ yoshii, "The US Government Establishment and/or it's Attache` has already historically (within the recent 5-10 years) publicly acknowledged that it/they have technological interest and research in how to accomplish an "OFF SWITCH" for the Internet (DARPANET). " As I remember, this was put forth by the POTUS in response to "arab spring" which had withered into ISIS recruits accordingly. The Occupy Movement, no relation to ISIS, spurred a lot of discussions around civil liberty and disobedience, which the POTUS had mitigated well. I think we see a lot of ex-Occupy participants in the Bernie camp, which is making a comeback, but ultimately Hillary is the better candidate for her party. It will be kind of interesting how this election play out. • September 17, 2016 AM I have noticed a few people have complained lately that they couldn't access the internet in my local area, and I'm wondering if it was an equipment failure, maintenance work or some other problem. A few different DNS services were largely unavailable from my local area and I had to reconfigure systems and routers so people could connect to the internet normally. The problem occurred across multiple ISPs, but a lot of the local infrastructure is owned by a single Telco who sells wholesale access to other providers. For a couple days at least, using a VPN was a simple solution without having to reconfigure my own routers and systems and then later have to reconfigure them again. Probably time to run a few network and performance tests again as I haven't really needed to in a while. Depends how long, how widespread and how comprehensive the outage was. I'm afraid you have a slight failuyre of imagination if you think such an attack couldn't cause deaths. Consider: walk through the process that leads to a can of baked beans being on the shelves of your local supermarket. Run that thought experiment forward a week or two and I think you'd find the bodies starting to pile up more quickly than you might expect. I am Cisco CCIE# 6824 with over 17 years of network engineering experience. 20 years ago, those logistics and stock control systems would have run over leased lines, ISDN or whatnot. • September 17, 2016 AM Verisign delivers "two of the Internet's thirteen root nameservers" and "also offers a range of security services, including managed DNS, distributed denial-of-service (DDo S) attack mitigation, and cyber-threat reporting." ¹ DDo S attacks on DNS servers potentially takes down the Web traffic, not Internet traffic; Internet communication occurs without DNS via IP addresses, not domain names. DNS servers are identified by IP addresses which can be virtualized/shared/forwarded by machines in different continents at nearly the speed of light. I have never heard of the author of this alarmist post. Pretty much every piece of that statement is to be doubted or plain wrong. Technology fundamentals seem to be misunderstood and/or glossed over. - Web traffic can perfectly well, and often is, working by IP (without DNS) - Internet communication can, often is, and usually *should* work through DNS. I would be happy to create a DDo S mitigation system for Verisign or anyone else using commercially available systems or from scratch. ¹ Source Wikipedia • September 17, 2016 AM There're no details in this article, but a guess that Russia or China can be behind this which is suspicious. - The credo you spread is bad engineering practice and a major factor in keeping us in IPv4 (Note: I'm no fan of IPv6, absolutely not, but I am a big fan of good engineering practice and of freedom, particularly the freedom to change a provider, to restructure an internal network, etc). The usual argument for that (what you write) is "performance" and (often) goes like this: "the communication itself costs ca. 30 ms single trip, but the name lookup costs 150 ms. I'm not gonna waste valuable time when I know the IP anyway! Simple reason: DNS isn't performed for each packet but once front-up. Moreover virtually every layer involved has a cache of frequently used fqns/ips. And, of course, the application usually performs the lookup only once in the first place. • September 17, 2016 PM This I still don't understand: On almost all routers and switches, the operator knows the valid ranges of IP addresses on one side or the other. Packets from Poughkeepsie should never come out of a router from China no matter how traffic is routed. • September 19, 2016 PM @Ron Royston "DNS servers are identified by IP addresses which can be virtualized/shared/forwarded by machines in different continents at nearly the speed of light." Please have a read about how and why (security) ROOT DNS works. https://en.wikipedia.org/wiki/Root_name_server Furthermore you can mitigate all you want if your pipelines are filled and the entropy is large enough so no net neutral ISP can filter it. You need mitigation AND big pipelines to stand a chance. Last tip, boasting not knowing Bruce only shows your inexperience, but you already admitted that, just over 17 years. Most experts have 30 years and thus a solid understanding of the basics. ) oh, and ab praeceptis is correct with his DNS explanation. webtraffic is internet traffic (usually specific ports, but not strictly). It only means an extra step if you give the application a name instead of a number. ISPs should require manufacturers of access routers that install their customers, and set up mechanisms to implement mitigation activity originating Do S LAN and WAN destination. Los ISPs deberian obligar a los fabricantes de los routers de acceso que instalan a sus clientes, a implementar y configurar mecanismos de mitigación de actividad Do S con origen la LAN y destino la WAN. • September 20, 2016 AM How to end the DDo S attacks? Currently many of the residential routers already implemented but not enabled Excuseme for my English ¿Como acabar con los ataques de DDos? Actualmente muchos de los routers residenciales ya lo implementan aunque sin activar • September 20, 2016 AM I have a very good feeling the 'stress testing' is being done by China. Right now China is flexing it's muscle as a country and will soon be challenging America for global dominance (they already have). From banking, manufacturing, military and technology - China is challenging us on every front. Also, I have very good reason to believe that China has massive data center infrastructure here in the United States so even if we cut off mainland China from communicating the attacks can still happen from within America. In fact, a friend of mine believes Chinese hackers are buying homes here in America, turning them into mini-cluster data centers and running attacks from our own neighborhoods. These guys are really good, organized, well funded and smart. • September 22, 2016 AM "Verisign is the registrar for many popular top-level Internet domains, like and If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains." But caches (either full or partial) of the TLDs will continue to work, correct? So a DDo S attack against TLD infrastructure isn't very good for wreaking havoc for the couple of days necessary to mount whatever the next step is. But considering the nature of DDo S'ers (basically, vandals looking for easy attention), it could also be someone who created a massive botnet (Io T devices? • September 22, 2016 PM @ Peter Galbavy : For some reason IPv6 protocols don't replace checksums with Reed-Solomon encoding. It's only good if you can sustain the attack for weeks or months, which seems unlikely. It doubles packet overhead, and those 4 byte CRCs are a waste when modern hardware could be more efficient than a CRC. If I were going to launch ordinance, or a small focused operation ie 9/11 I'd want to be able to shut down a country (or the world) for a period of time. CRCs are still vulnerable to false positives as well. Lay people tend to think in egocentric terms rather than of beneficence. Limit C&C, blackout all news for a period, jam HAM radio. There was no effort to ensure IPv6 compliant routers use larger MTU sizes as well. These would all be very useful to a state actor or covert org. Ransom or protection schemes could be a financial motive for a criminal org as well. • September 23, 2016 AM Let a new kind of block-chain-based internet be built, for use by those who are willing to take responsibility for their own physical and cyber security, and who are also willing to eschew all anonymity and deniability with respect to their activities. army.mil/values/Call me a radical, label me a prole. It could've been done better yeah sure, just don't be bitter about it - if you didn't want to get shot at you wouldn't have signed up. It could be something like the fraternity of diamond merchants in Antwerp, in which each member's word is his/her bond. • September 24, 2016 AM China doing some tests to break the Internet? (For example, Trump-esque reneging on commitments would not be tolerated.) The U. military already has something like this, including an oath (that, for example, Ed Snowden violated), but we can't all be military/government. LOL Easy to use a bunch of dedicated servers rented in China to do these Attacks! Let us all fervently hope that it's never going to be necessary to extinguish the public/private distinction in cyberspace. One is clearly not enough -- not for the military, and not for critical private infrastructure, either. Let the existing internet stand, so that its (frankly essential) black market and slum can still exist. Are they intending to send your ass into deep space? Snowden violated his military oath, let me baulk at you. Does he have civil liabilities to the companies that he worked for? Do you really think that anyone who is doing kind of visible highly illegal attacks would not hide the source of his attacks? • September 24, 2016 PM Glad someone summarizes what I observed for a couple years! It can remain an information highway choked with billboards, full of hiding places, but alongside an internet of personal responsibility, the existing internet would become strategically subcritical. #1, the FIRST OATH is to the constitution it is the second part that alludes to the SCROTUS. Does that super-cede his obligation to his countrymen? If it comes from China, you can bet is it not the Chinese, but someone who impersonates himself as a Chinese. One newsworthy DDOS of 2014: DDo S Attack Hits 400 Gbit/s, Breaks Record took place just days in advance of Fadi Chehadé's visit to Beijing: ICANN CEO to Meet with Chinese Internet Industry Leaders in Beijing 13-Feb-2014 #2 the oath of officers is what eschews from purity of the enlisted oath. id=33010&lang=en Fadi Chehade, President and CEO of ICANN Visited CNNIC With His Senior Team in 2014, attended the 2014 World Internet Conference in Wuzhen, east China's Zhejiang province: ICANN President: More than 75 percent of the top-level domains have implemented DNSSEC last year, was adamant: China key to global Internet governance: CEO of ICANN is too much of a coincidence to believe the record-breaking DDo S attack days in advance of Fadi Chehadé's visit to Beijing ISN"T s show of military might that would normally manifest as a military parade for visiting dignitaries. Chehadé apparently received the welcome of a high-level dignitary, with that infamous display of DDo S might. The announcement, therefore, that Chehadé would, upon retirement from ICANN - co-chair the High-Level Advisory Committee (HAC) of the Wuzhen Initiative didn't surprise me, though it shocked many: The Firewall Awakens: ICANN's exiting CEO takes internet governance to the dark side • September 25, 2016 AM If it's a DDo S attack on the 13 dns root servers of IPV4 then it's not the first time it's happened. In terms of testing limitations of current resilience there have been a couple of notable times in the not so distant past where botnets have been assembled and active that have been capable of shutting down the Internet as we know it easily. Moving into IPV6, whatever the reason for the above article, the fact that we still only have an evolved(and evolving) architecture and no central governance for the Internet should be warning of its instability enough. • September 25, 2016 AM Well, one thing that can be done is to implement BCP38 pervasively across the greater Internet. Information on that is at https:// we welcome contributors. While this won't help distinguish China from Korea, reducing the ambient noise at the targets can't help but make the problem easier to deal with -- and to the extent that such actors are using botnets, it might help a lot. • September 26, 2016 PM Disappointed in this article. But carriers have to actually start implementing it, and they steadfastly refuse, to this day. The quickest way to take something offline is to hijack their BGP sessions, something which ALL nation states know how to do well. Cratfing large denial of service attacks disrupts commerce for everyone. I doubt nation states are going to shoot themselves in the foot, when it is so much simpler to just use hijacked networks, to advertise false routes. Even if human actors are in China or Russia or Fooland, the attacking machines & networks can be located anywhere in the world, even — especially — inside the country of the target. The call is coming from inside the house, as it were."" ____________________________________________________________________________ By "fooland" I believe you should mean US and its own people , obviously who this article is laced with rhetoric for and designed to stimulate. • October 21, 2016 PM If DNS is vulnerable then Browser makers or Router Makers should take it upon themselves to create a backup of Host to IP addresses. human actors will always allow you to see that they have emerged from exactly where you are convinced to think (WANT them politically) to to emerge from. At the very least if we just do it for the individual handfuls of sites we each visit, then it would be less disruptive. The problem you have is that you are not bound geographically or even IP (everyone knows it's easy to pick on china's NAT effe'd up infrastructure), only politically and US has already proven itself Impotent in those terms in every aspect. Schneier, have you been following the "largest DDo S attack in history" being conducted against OVH? With this simplistic first step approach we still wouldn't be able to visit a site we've never been to but it would make the impact of a DNS DDo S attack rather minimal. Is today's DDo S attack on DYN related to what this blog post is reporting, or is it entirely separate? If it is related, and if a nation-state is involved, why on earth would China want to do this? At first, I wondered who OVH was and why they would be targeted. Assange was supposed to release a statement a couple days ago and he did not. • October 14, 2016 PM "We don't know who is doing this, but it feels like a large nation state. Russia would make more sense, particularly with Zhirinovsky's comments in the news today. Err no they have not handed over the control of the internet. The only news regarding Assange has been that Sweden is ramping up pressure on Ecuador to turn Assange over to the British. China or Russia would be my first guesses." DON'T fall for the state propaganda....there is only ONE organization that has an interest in doing this..me help you here... But still, it's hard to conceive of a nation-state trying to draw this much attention to itself - and, potentially, retribution - right now. If it is related, and if a nation-state is not involved, then who is behind this, and why? What they have done is similar to what the ITU does for "spectrum usage" and "standardization". • October 21, 2016 PM If this was supposed to be "the big strike", then I'm not impressed. Individual nations have sovereignty over the Internet within their domain/jurisdiction, not the UN. This falls under "Cloud Flare or similar" (see my post above). Further the international links will for now remain on a peering basis, so the UN could not order Spain to cut off it's link to Cuba, any more than the US could a couple of years ago. Even if the UN could via Security Council sanction say a country was to be ostracized, it would not work any better than oil embargoes or other economic sanctions of the past such as with South Africa during apartheid. Maybe that's the reason he suggests the industry assoc. Oh, and btw: Do you know a country whose secret service does *not* spy on its citizens and does *not* welcome any and all opportunities to cardiac arrest a potential foes networks and systems? But in the case of the US it would currently not be possible due to the "all roads lead to Rome" issue. Maybe that's the most realistic answer to the question why the Chinese corps produce that crap as well as why us-american corps resell that crap and why, besides some comforting noise, the governments just don't manage to create properly working solutions ... Currently most of the Internet peering is done through the US, so to cut the US off would break a large number of the major trunk networks, thus break it for hundreds of other countries. "Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services." • October 21, 2016 PM Ipv6 assigned to each and every person on the network is the only way to fix this. Look for the push to v6; its not a terrible thing at the end of the day. It's this "all roads" issue that puts the US and other Five-Eye nations in a commanding position when it comes to Internet surveillance. SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2016-10-21-17-26-28 • October 21, 2016 PM I hope these attacks came from china, as you know we chinese people can not visit many websites like you foreiners do, and it is really pleasing to learn than one day you foreiners will taste of the same inconveinence. People lose privacy with this but the network gains control, which is needed. • October 22, 2016 AM Sounds like the job of a rogue nation such as North Korea. If you have a quick Google you will be able to find a map of all the commercial sub-sea cables that form the Intetnet backbone. Department of Homeland Security is monitoring the situation, White House spokesman Josh Earnest told reporters Friday. -Weiheng "tough guy" Huang, Heyuan, Guangdong Province, P. China • October 21, 2016 PM How the Grinch Stole Io T Level 3 Threat Research Labs October 18, 2016 Related articles: https://com/read/criminal-hackers-have-launched-a-turf-war-over-the-internet-of-shit https://threatpost.com/mirai-bots-more-than-double-since-source-code-release/121368/ • October 21, 2016 PM "dyn DDOS" I'm amazed by the sheer idiocy that seems to have infested much "security research". - hoping for manufacturer associations establishing standards and to then educate the "I don*t care f*ck. " customers to look for those "seals of good security". That already worked so well with them plastic router/modem boxen, which, if I may for a second disturb the cozy "security reasearch" dream bubble of some, are the first protection wall that should keep bad guys away from our fridges and toasters. How probable and realistic is the assumption that we lack the resources and experienced developers to secure the very core but that we will properly take care of securing toasters and fridges of Mr. Maybe its caged population are starting to get restless and are accessing more than they should! I think Kim Jong Un would love this to become reality! Yup, it depends on how you decide what is a country or not, but the last time I looked it was arond the mid point between 250&300 countries with a number of break aways pushing it up. You will note the commanding position that America, Australia and England have. They form "choke points" through which nearly all nation to nation traffic must pass, which is one major reason the Five-Eyes can monitor Tor traffic, where as other nations can not. Now, let's climb up to a higher league, where "security researchers" don't quote tabloids but actually have an idea of what they are talking about. That we still do not have realiable secure operating systems and software stacks for the very f*cking core of the internet and server farms and ... Something like maybe that safe and secure systems need much more than industry associations and "security seals"? And most of the "non local" traffic goes via one of the "eyes" and often via the US as well. • October 21, 2016 PM US INTERNET REPEATEDLY DISRUPTED BY CYBERATTACKS ON KEY FIRM By Raphael Satter and Frank Bajak AP Writers | Oct 21, 2016 PM EDT | (London AP) -- BROAD EFFECTS Jason Read, founder of the internet performance monitoring firm Cloud Harmony, owned by Gartner Inc., ... HACKERS CLAIM RESPONSIBILITY Members of a shadowy hacker collective that calls itself New World Hackers claimed responsibility for the attack via Twitter. Something like a hell of an effort and lots of brain and expertise, maybe? This is due to the way the Internetwork of internetworks formed, much like the web of a spider with the US sitting in the middle. said Dyn provides services to some 6 per cent of America’s Fortune 500 companies. They said they organized networks of connected "zombie" computers that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers. This physical model is changing, all be it slowly, and is expected to take a lifetime or two to become sufficiently devolved, depending on investment and technology. The question thus arises as to what the Corporates and Politicos will do in that period to stop the obvious dilution of their current defacto power over the backbone and infrastructure and content systems like the DNS and social networking etc. Currently the only way to get away from the "eyes" is by drawing the curtains on your traffic to protect the content via difficult to implement correctly strong encryption techniques. However through the routing and the attendent traffic analysis, the "eyes" will see where your traffic goes and draw assumptions from that which could prove terminally detrimental to you, your family and their endeavors. Denying the Political and Corporate "eyes" their current power in the future will be difficult and will be fought on all levels and they have many advantages including control of "guard labour" and the allegiance of "authoritarian followers" who are raised from birth to have a fervent belief in their particular form of "exceptionalism" purchesed at the expense of nearly everyone else. It is a tangled web spun from well over three hundred years of trying to evade such power. As there are now few places you can move to where such power is not prevelent, perhaps it is time to either acquiesce or stand and fight, but neither is what the majority want, let alone care to think of. • October 22, 2016 AM I'm interested to learn more about the potential for DNS poisoning. Also, theories that Dyn attack may have been a white hat demonstration. • October 22, 2016 PM Actually there is something you can do about it at the hardware level. The patent pertains to cellular but if you read it carefully you will see the reference to ethernet and other protocols. Look at the Ethernet and other collision avoidance back off algorithms. It's quite obvious that in Robert Metcalfe's patents and algs that he implemented the features to permit doing this just never implemented or published the algorithm. is that it will cause backoff commands to quickly be pushed back to the source local LANs effectively denying them decent access to the internet. My patent is currently in Google portfolio (from when they ate Motorola). The problem is that few have ever implemented dynamic traffic based changes to the backoff time value so it tends to be a constant. There is no evidence that Bob Metcalfe viewed it as a constant when he designed it. See: US Patent 6,754,501 • October 22, 2016 PM Or could it be our own people doing it to blame ohh..Russians (who our leaders so desperately want war with)? After all our local AF reserve kc135 unit was practicing refuelling the very naval group thats off Syria now, back in June off the East coast. Oh and said squadron deployed to Qatar two weeks ago. Rikki • October 23, 2016 AM Russia and China, sure. Put "Your tax dollars at work" and "Ultra-sophisticated clandestine internet dirty tricks" together and what do you come up with? Why, it's Michael Aquino's favorite employer, the NSA! This would be the agency hatched in 1947 to control "intel" related to the Roswell crash (and related MILDEC, "Military Deception") that has never done a single honorable or honest thing in its entire existence but instead has gobbled up untold trillions of public funds while managing a completely unconstitutional and unsupervised global network of bribery, extortion, lying and spying. Oh, and underground bases and it goes on and gets darker. Plenty of good material has been published on these topics for decades, just that it's not all boob-tube mainstream. Our US society does not have a "2 party system" nor a democracy. That went away in steps: 1913, the post-WWWII "national security" hairballs, the JFK assassination, the still unprosecuted 9/11 crime, etc. We have a rogue and criminally led One Party system controlled by Usual Suspects. These tie into the top financial and corporate interests - and "intelligence agencies" - in our world. This illuminati mafia hairball hates Truth and, thus, internet openness with a passion. Currently, this element is desperate to think that anyone other than Hitlery will be elected next US President, because "any other guy" might concede to certain powerful USG "White Hat" element demands for long-overdue "mass arrests" of key criminals in high positions in our private and public sector and some return to a semblance of lawful constitutional behavior in our nation; including ending the false flag war parade and the mind-boggling ongoing unprosecuted looting of the Treasury (esp. Here's a related article which links to this one - An excerpt from it; "Mainstream media may be under government control, but damaging leaks, disseminated via the Internet, continue to hamper Hillary Clinton’s election campaign. As insider rumors continue to spread that devastating leaks, serious enough to ruin the ruling party’s chances of re-election are still to be released, the idea of an “emergency” justifying an Obama administration employing their top-secret Internet killswitch and declaring martial law are not far fetched. The groundwork – including excuses and convenient scapegoats – has been prepared. This kind of sentence is extraneous and should be deleted: "First, a little background." You don't need that kind of transition to prep readers. • October 23, 2016 AM As far as removing the cause rather than the symptom - apology to Frank-N-Furter - it seems to me than more effort needs to be made to shut down the Io T devices that have been - or can be - botted. The IP addresses of those involved in the attack can certainly be used to locate the source router (through ISP cooperation), and then selectively investigate the homes of businesses to ID those vulnerable devices, creating a blacklist. It should then be possible for individuals to run a publicly-made-available script inside their network to list those devices they may own, with a bounty of sorts to encourage removal. Cohen said he didn’t know if the botnet for hire was related to Mirai. I, for one, would embrace the opportunity getting rid of any botted devices among the 41 or so I have in my home, to create a more-secure national infrastructure. • October 29, 2016 AM @Daniel @Kevin Re: I'm deeply puzzled by Bruce's insistence that this must be a foreign actor. “While this particular attack may not have been motivated by extortion, a new model of ransom-based attacks, infrastructure ransom as a service, could be on the horizon,” said Thomas Pore, director of IT at Plixer, a malware response company. Someone [said] recently, "security researchers came to the conclusion that attribution was hard, then they promptly forgot it." Agreed. “An infrastructure outage, such as DNS [denial of service], against a service provider impacting both the provider and customers may prompt a quick payoff to avoid larger financial impact.”In what is a first for the security company, RSA discovered in early October hackers advertising access to a huge Io T botnet on an underground criminal forum ... “This is the first time we’ve seen an Io T botnet up for rent or sale, especially one boasting that amount of firepower. All through the G8 era state actors were practicing hiding their tracks. It’s definitely a worrying trend seeing the DDo S capabilities grow,” said Daniel Cohen, head of RSA’s Fraud Action business unit. Right now the DNC is eager to create a boggyman - the assertion that it's the Russians has become accepted truth. The seller claimed they could generate 1 terabit of traffic. But we forget that the Pentagon's Cycber Warfare release (of all their tools) was likely an inside job. Plus, the scale is changing - botnets are designed to spread themselves; add to that the recent increase in speed of the 3W due to large screen HD. • October 29, 2016 AM @Daniel @Kevin Re: I'm deeply puzzled by Bruce's insistence that this must be a foreign actor. Someone [said] recently, "security researchers came to the conclusion that attribution was hard, then they promptly forgot it." Agreed. All through the G8 era state actors were practicing hiding their tracks. Right now the DNC is eager to create a boggyman - the assertion that it's the Russians has become accepted truth. But we forget that the NSA's Cycber Warfare release of their tools (https:// was likely an inside job. Plus, the scale is changing - botnets are designed to spread themselves; add to that the recent increase in speed of the 3W due to large screen HD. As I've said on a number of occasions (SPE hack etc) there is no public evidence to make any kind of atribution. It's also incredibly easy to show how just how easy it would be to hide the exfiltration of data by routing it to some data sink that has an IP address of a Russian / Chinese / Israeli / French / German / UK server. But the routing path goes through a router that you own and you secretly copy it or redirect it to another server. Thus even if you had access to the data exfiltrating, if you did not have the ability to see right to the destination server all you could say is the data left for that IP address, not that it arrived. Further even if you "owned" the gatway router immediately upstream of the server you could not say anything other than the data went there. Thus somebody could have hacked into the server and just sent the data to /dev/null, or forwarded it onto another server after re-encrypting the data etc. But even if you 100% owned every node along the data path, you still could not see if somebody was tapping the data off via a passive data diode etc. Thus it's realy silly to pretend that working at the layers below 7 in the computing stack you can make a hard attribution as to where the data has gone. However if your "methods and sources" are in layers 8 and above where the human factor resides then you can make an attribution that person X working for entity Y handled the data. It may also be possible to say that individual Z used the data for a particular function. Whilst I can believe that the NSA can and may do own many of the backbone and ISP border routers, I doubt that they own even a fraction of the servers or other leaf node devices to make even an approximate estimation of where the data actually went. Now Bruce has said on one occasion in the past he has seen convincing evidence. Depending on what Bruce actually considers convincing, it would probably have to be from a Hum Int not Sig Int source, unless it could be shown from other independent Sig Int that the data had actually been acted upon by entity Z (that is they had actually carried out some action based on the data, not just that the data is sitting on a hard disk somewhere). Attribution is indeed a hard problem, and when seen from below layer 7 it is impossible to say anything for certain because of the passive data diode or owned intermediaye router issues. • June 28, 2017 PM Having worked around hackers and phreakers, I have to say Bruce was on target with this blog post and as far as what's next for the internet, hackers will not stop and if you stop them for now it IS "for now". They "find ways" and tech is too vulnerable and it can't be fixed for good 100%. Microsoft. The fiercely competitive software giant is positioning its wares for cloud computing with software and services. The company's two cash cows - operating.
Best blog writers for hire gb:
Rating: 97 / 100
Overall: 100 Rates