Wednesday, April 3, 2013

CELLPHONE 'S 40th Birthday

Hey, mobile phone. Happy fortieth birthday (or are we celebrating 39 again?).

We remember the day you were born, April 3, 1973, like it was yesterday. Your father, Martin Cooper, was at Motorola and we were all, "It's time!" and he called up a friend to say, you, "a 'real' cellular telephone" was here — we think you might have had an evil twin.

You have a helluva figure now, but you weren't always that way. You started out with a boxy frame that barely fit in anyone's hands, though those Saved by the Bell kids sure looked cool using you. Remember when you had that antenna in the '80s? We are so glad you slimmed that down, we were worried it was going to be permanent.

Over the years, we've watched you get smarter, too. When you first came out, we thought all you'd be able to do was make phone calls. But quickly you learned how to handle our emails, let us send text messages to our friends, and in 2007, when you graduated to a "smartphone," you became a staple in our lives we simply couldn't live without.

So, here's to you, cell phone. You've come so far (and had some really great face-lifts) and become a huge part of our lives.

And when those younger folk like Google Glass come in, don't feel too threatened. Sure, they might be the younger, sleeker models, but no one will forget how great you are. You know. When you're dead.

Source: venture beat

Sunday, March 31, 2013

Spamhaus Internet attacks Why network security needs strengthening

The Spamhaus attack may become a milestone after which major service providers may be encouraged (or mandated, by governments, and Internet oversight bodies) to implement BCP38 recommendations, and also overall strengthen their networks.


It's been a few days since the worst denial-of-service attack in the internet's three-decade history. A 300-gigabit-per-second torrent of traffic flooded the networks of Spamhaus, (which is a spam-prevention service based in Europe)and the Internet's major switches in London, Amsterdam and Frankfurt. It was like a million cars trying to get on to Mumbai's Sealink at the same time. Some called it the attack that "almost broke the Internet".

Can the Internet really be brought down by a single group of individuals? Is it that fragile? The short answer to the question is: Yes and No.

Let's start with the No. The Internet evolved from a network designed to be robust enough to survive multiple nuclear strikes. The Internet adapts to attacks and outages, reroutes traffic, and survives just about anything you throw at it. Fact.

Yet much has changed from that early vision of that robust, adaptive network. In the early Internet, most traffic was text, and it wasn't sensitive to "latency" - small delays. It didn't matter if that text was delayed a few moments or even minutes.

Now, a huge chunk of traffic on the Internet is video and audio. A lot of the audio, and some of the video, is in real time. If you're on a phone call with someone in another country, the call is probably being routed over the Internet, and you need a guarantee of "zero latency" - no delays.

And then there's a range of critical services on the Internet. Take financial transactions, including stock trades.

Automated systems respond in microseconds to bids or market changes. Many traders like to be physically closer to stock exchanges, because they value that one microsecond edge that gives them. Delay a company's financial transactions by a few seconds, or minutes, and you're talking about a hit of millions of dollars on your target company.

So, while it is very, very difficult to "break the Internet", for many of the services running on it today, even slowing it down is life threatening. (Difficult, but not impossible. There are a few physical weak links, mainly around the undersea cables. The interception and arrest of divers trying to cut a critical cable near Egypt suggests a well-funded operation.)

So how did the perpetrators slow down the Internet so severely?

They used a DDoS or "distributed denial of service" attack. They flooded their target organisation's servers with so much traffic that they slowed down to a crawl.

That's like flooding an organisation with so many junk-mail letters that it can't sort out the real mail. In the process, the "collateral damage" includes the post offices along the way, which slow down badly - affecting every organisation those post offices service.

How do you prevent such an attack?

Through a two-pronged approach. One is to trace out the sources and shut them down. To make this difficult, attackers use third-party servers as staging platforms, and further "spoof" Internet addresses to make them difficult to trace and shut down in real time. Cybercrime forces do have means to trace such traffic, but it's complicated by the lack of real-time collaboration between the cyber-forces of different countries.

The second is the better way out: redesign parts of the Internet to be more robust so that it can ignore or adapt to such an attack.

After a major DDoS attack in 2000 which crippled servers run by Amazon, Yahoo and others, the Internet Society, which includes engineers who invented the Internet, published a "best current practice" (BCP) paper called BCP38, which described ways to beat many types of DDoS attacks.

Unfortunately, these best practices were not implemented by service providers, because they needed individual investment for the greater common good - the security of the Internet. Sort of like people won't spend money on green homes to save the environment, unless there's a law demanding they do it.

The Spamhaus attack may become a milestone after which major service providers may be encouraged (or mandated, by governments, and Internet oversight bodies) to implement BCP38 recommendations, and also overall strengthen their networks by adding additional paths, reducing single points of failure. Spamhaus 2013 may, therefore, have been a good thing for the future of the Internet.

Prasanto K. Roy (@prasanto on Twitter) is editorial advisor at CyberMedia. The views expressed are personal

Does Windows Phone need virus protection? Windows Phone handsets do not currently need virus protection, but users shouldn't be complacent....

A reader asks Rick Maybury why he can't find virus protection for his Windows Phone

I recently purchased my first smartphone, a Nokia Lumia running Windows Phone. I've been looking for an app or software for virus protection but haven't found anything suitable? There seems to be a lack of smartphone security apps, why is this? With increasing use of mobiles for all sorts of uses I'd have thought this feature would be a priority?
John B, by email

Your vigilance is commendable but as yet there hasn't been any real threats to Windows smartphones. They are still relatively new with a tiny market share, which makes them much less of a target for viruses and malware. Like the iPhone, Windows Phone is protected by a 'walled garden' App Store with a tight screening process designed to weed out apps carrying a malicious payload. That is not to say that something won't slip through the net and security loopholes will be uncovered in the future but for the moment the biggest threat to Windows Phone users is fake alerts and scams that scare you into thinking that your phone is infected and trick you into parting with your credit card details for useless, and usually non-existent anti virus software.

FeedCount

Ads 468x60px

Social Icons