China Internet Diversion Clarified

Arbor Networks has set the record straight on the re-routing of Internet traffic to China reported earlier this week by multiple news sources.  In a blog post, the actual source of the “15%” at McAfee is identified, and the math disputed. 

What I don’t see in the discussion is any dispute regarding the businesses, organizations and agencies that were impacted, which to me is more critical than the actual duration or volume of traffic that may or may not have been diverted. 

The fact that this basic, fundamental routing capability can so easily be corrupted intentiaonally or accidentally in this day and age only sharpens the point that the IP-based Internet communication needs a complete re-engineering.  There STILL is NO security model within the current IP protocol suite, and its dependent architecture is majorly flawed.  Security cannot and should not be something that is bolted on later.  TCP/IP needs an enema!

Anyway, my post stands corrected, as do many many others…


BUSTED – US Federal Reserve Hacker

A Malaysian man has been charged with hacking into major US companies, including the US Federal Reserve Bank of Cleveland and FedComp, a company that processes financial transactions for credit unions.  Lin Mun Poo, 32, was arrested just hours after landing in New York and selling US$1,000 worth of stolen credit card numbers at a Brooklyn diner.  US Secret Service investigators found more than 400,000 stolen credit and debit card account numbers obtained by hacking into computer systems of financial institutions on his laptop.

After being arrested, he told investigators that he had flown to the US to meet an unidentified person who could regularly provide him with stolen card numbers.  He intended to use the numbers to withdraw cash from ATMs.  His widespread activities also saw him compromising the computer networks of several major international banks and companies, hacking into a “major Department of Defense contractor” which provided systems management for military transport and other highly sensitive military operations, and earning money by finding and exploiting vulnerabilities or trading and selling the information.  The US Department of Justice said in a Thursday court filing that Poo is a flight risk and should not be granted bail.

These are the guys that keep me awake at night.  They have no regard for the people who they are impacting.  Not just the folks that have their bank accounts and investment funds cleaned out, but the people that lose their jobs because of the breach and the subsequent downsizing that takes place in order to deal with the reputational losses.  These are families, with real commitments, and I hope this guy is forced to make retribution and burns in jail for a long, long time.


Adobe Announces Reader X -=[SooN]=-

Adobe has released Reader X, the latest version of its popular PDF reading software.  The Windows version includes a “sandbox” called Protected Mode, intended to protect users from PDF attacks.  Protected Mode isolates system processes, supposedly preventing malware from escaping the application. 

If Reader needs to perform an action that is not permitted in the sandbox environment, like writing to the temp folder, those requests are funneled through a “broker process”, controlled by a set of policies stipulating what is and isn’t allowed.  This technology should take a significant amount of pressure off of Adobe, whose products have become a favorite target and delivery mechanism for malware distribution.

The Mac OS X and Android versions lack the sandbox technology.  Adobe has not laid out a timetable for offering Reader X to existing users, however the company will not initially roll out the new version via Reader’s built-in updater.  It will be offered to users of older versions first, before version 9 users.

Learn more about it here.  I hope that they do something about Flash soon.  It remains a standing and often overlooked target.