security

RIPE NCC RIS case study on YouTube hijacking

RIPE NCCOn Sunday, 24 February 2008, in what was apparently a politically directed attempt to block YouTube, Pakistan Telecom started an unauthorized announcement of the prefix 208.65.153.0/24 – a YouTube IP – to divert local traffic away from the site. One of Pakistan Telecom’s upstream providers, PCCW Global forwarded this announcement to the rest of the Internet, which resulted in the hijacking of YouTube traffic on a global scale. The RIPE NCC Routing Information Service has published a detailed study on how this came to pass. Continue reading

ISOC Initiatives 2008-2010

ISOC logoAt the December 2007 Board of Trustees meeting held in Vancouver, ISOC presented plans for 2008 to 2010. Key to those plans were a series of new, longer term, more strategic activities which will replace the traditional ‘pillar’ model describing activities in Standards, Public Policy, and Education. The new initiatives will focus on ‘Enabling Access‘, ‘InterNetWorks‘, ‘Trust & Identity‘ and ‘Standards & Technology‘. Continue reading

Mozilla Labs starts new project for deeper integration with online services

Chris Beard of Mozilla Labs announced a new project for “deeper integration of the browser with online services.” The goals include:

  • provide a basic set of optional Mozilla-hosted online services
  • ensure that it is easy for people to set up their own services with freely available open standards-based tools
  • provide users with the ability to fully control and customize their online experience, including whether and how their data should be shared with their family, their friends, and third-parties
  • respect individual privacy (e.g. client-side encryption by default with the ability to delegate access rights)
  • leverage existing open standards and propose new ones as needed
  • build a extensible architecture like Firefox

This is an exciting and very necessary development for Mozilla. As personal data storage is moved from the desktop to the Net, client-side encryption is essential for privacy and security. It is inevitable that the companies offering web apps will suffer a shakeout and some will fold. And security breaches are a fact of online life.

I’m looking forward to integrating this into the ISubuntu project.

Fortune: Online chat ‘assistant’ may not be real

Fortune reports on chatbots used in online stores to talk potential customers out of abandoning their virtual shopping carts. “…A startup called UpSellit is … using live chat to act as a sales assistant …. but here’s UpSellit’s twist: That person on the other end of the live chat box isn’t a person at all. You’re chatting with software that’s designed to fool you into thinking it’s a person.” Clearly another step blurring the real and virtual that raises a few ethical and possibly legal questions. How would knowing that you’re talking to a bot change your attitude or behavior? What if you thought you were talking to a bot but it turned out be a real human being?