Domain: internetsociety.org
Stories and comments across the archive that link to internetsociety.org.
Comments · 16
-
Re:Isn't this good?
Yes and No. With a proper firewall, no one can scan your network for devices as it should only allow incoming traffic through that is a reply to outgoing traffic. But, sites you visit from IPV6 devices would show their full IPV6 unique ID on your network -- so say... Facebook or Netflix might know exactly how many devices you have at your home that you use to connect to their services.... BUT, they really know this anyway because they scan for device IDs, browser fingerprinting, etc.
NAT is a hack and not a security feature. It has its own security issues as well.
https://www.internetsociety.or...
IPV6 is only bad if you have no proper hardware firewall between your ISP and your network... or if your ISP is spying on your traffic (in which case, you have bigger issues and need a VPN)
-
Re:Time for Finesse
Notice how I keep saying "their network", as if they built it, own it and should be able to use it (or not use it) as they want?
I did notice that! And that's what has me confused. They did not build it, as I'm sure you know. They have been helping expand and maintain it. But the Internet has always been a public network and should remain so. It is, at most, a public-private partnership. These companies seem to forget the "public" part, as companies often do. So the public must remind them. However, considering the slant of the current court, that is not guaranteed.
-
Vinton Cerf, you're under arrest.
We're with The Government and you're under arrest. You and Robert Kahn are credited with "inventing" TCP/IP which is a key technology now used by internet villians. Unfortunately we can't arrest Chris Sholes, the developer of QWERTY, but we've already locked up Federico Faggin, Ted Hoff and the gang of Intel thugs who claim to have developed the first microprocessor. We're headed to Redmond after we're done with you.
-
Re:People don't care because ipv4 works for them
No business in its right mind would go IPv6 only if it had a choice
Facebook Moving To An IPv6-Only Internal Network
-
Re:Breaking out of VMware
Xen is "very secure"?
There were 15 Xen security vulnerabilities fixed this month.
Shi et al. just presented a paper on architectural security problems with Xen.
Don't get me wrong - I appreciate the Xen team's efforts at security. And other hypervisors have their own problems (though it's been a while since I've seen a report of a VM escape from PR/SM). And "secure" isn't meaningful as an absolute; it only means something in relation to a threat model. But it's still rather premature to label Xen "very secure" in general, assuming a reasonable threat model.
-
Re:The easier workaround
Its not. However, there are lots of people who are "stakeholders" who think that they should be insulated from such battles and who want the government involved and make illformed policy rules and regulations, rather than wait patiently for the marketplace to sort things out for maximized resource usage.
Another option is for all the stakeholders to complain to "content creators" and "netflix" via social media hoping to change the economic interest of those companies with whining.
Lastly, the best option would be for Stakeholders to get their own personal IPv6 block and build their own network, and actually not give a shit about either NetFlix or the Content Creators. But that is too hard (tm)
-
Re:What was the brake becomes the gas pedal
You'd be surprised. A couple of links, for you to look at:
- http://www.internetsociety.org...
- http://www.internetsociety.org...One shows the uptake and the other shows the stumbling block are the apps.
-
Re:What was the brake becomes the gas pedal
You'd be surprised. A couple of links, for you to look at:
- http://www.internetsociety.org...
- http://www.internetsociety.org...One shows the uptake and the other shows the stumbling block are the apps.
-
Re:To make it clear.
It's not so useless, Mr. Cafe. Case in point:
Bitcoin attack: https://eprint.iacr.org/2014/1...
GnuPG attack: http://www.nicta.com.au/pub-do...
ASLR attack: http://www.internetsociety.org...
All of these are cache-based side-channel attacks.
-
Re:Stupid
That said, GP nails it: the problem with SSL is not the tech, it's the that the CAs are money grubbing semi-competent boobs, and the trusted certificate lists are administered by either OS or browser producers leaving a huge open arena for politics and perverse incentives.
Which is why it was really sad when chrome backed off on supporting DANE
-
One guy we can trust to run DNS:
Jon Postel. He's got the experience and people trust him.
Unfortunately, he left us awhile back to take on the task of running The Great Internet In The Sky.
-
Re:Virtual hosts and extortion racketry
Nice. Here's more info on that for other people who didn't know about it:
https://tools.ietf.org/html/rfc4366 (section 3.1)
http://www.internetsociety.org/articles/dane-taking-tls-authentication-next-level-using-dnssec -
Take it up with the Internet Society BoT
The W3C used to be a member (i.e., company) driven organization, but in 2012 they took a large donation from the Internet Society and were basically brought under ISOCs umbrella (they were running out of money)
:“The Internet Society’s generous donation has fueled deep organizational change at W3C,” said Jeff Jaffe, W3C CEO. “We have strengthened our business model and broadened participation to accelerate the development of the Open Web Platform technology that is transforming industry.”
In 2011, one of the ways in which W3C reached out to new stakeholders was through new Community Groups and Business Groups. A W3C Community Group is an open forum, without fees, where Web developers and other stakeholders develop specifications, hold discussions, develop test suites, and connect with W3C's international community of Web experts. A W3C Business Group gives innovators that want to have an impact on the development of the Web in the near-term, a vendor-neutral forum for collaborating with like-minded stakeholders, including W3C Members and non-Members. In just four months, more than fifty groups have been created or proposed.
This does not sound like "deep organizational change at W3C," or particularly open in nature. I think that interested parties should comment / complain to the ISOC Board of Trustees.
-
Using Information Readily Available
The assumption in the article is that the thief has a device that contains the "magic code" to open car doors. In 2011 the Network and Distributed System Security Symposium presented a paper titled "Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars ( reference http://www.internetsociety.org/events/ndss-symposium-2011-0) discusses this very topic. A direct link to the paper is http://www.internetsociety.org/sites/default/files/franc.pdf The relay attack seems more feasible to explain this phenomenon, where parking locations or specific vehicles are targeted rather than randomly targeting vehicles. In the paper, section 5 does the best to describe an attack scenario that might best explain the thieves mechanism. A thief will exploit with what is readily available. Apparently, like a card scanner, they are able to capture the original key fob signal and present it in another form.
-
Using Information Readily Available
The assumption in the article is that the thief has a device that contains the "magic code" to open car doors. In 2011 the Network and Distributed System Security Symposium presented a paper titled "Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars ( reference http://www.internetsociety.org/events/ndss-symposium-2011-0) discusses this very topic. A direct link to the paper is http://www.internetsociety.org/sites/default/files/franc.pdf The relay attack seems more feasible to explain this phenomenon, where parking locations or specific vehicles are targeted rather than randomly targeting vehicles. In the paper, section 5 does the best to describe an attack scenario that might best explain the thieves mechanism. A thief will exploit with what is readily available. Apparently, like a card scanner, they are able to capture the original key fob signal and present it in another form.
-
Re:HAH!
Well the U.S. controls the DNS system, so that puts pretty much the entire world under US jurisdiction (unless you want to homebrew your own name lookups, that is). They shut down MegaUpload recently, and they were in New Zealand. The operators were arrested, too, but it remains to be seen if they will actually be extradited.
Eventually, you will probably need a license from the US government to have a web site at all. If you don't have one, your website will simply vanish, like nasa.gov did.