DigiNotar Breach Notes

Some folk have asked me for more details about the DigiNotar breach after my brief appearance on Al Jazeera this morning. So here are the notes I prepared for the segment. Links at the bottom. Background web security certificates are digital IDs issued by companies entrusted with making sure they are given to the right …

Continue reading ‘DigiNotar Breach Notes’ »

Why Hasn’t China Cracked Down on Its Rainmen?

Another mainstream media look at the alleged “Titan Rain” cyberwar strategy of the Chinese, where organised, highly disciplined and experienced gangs ferret around in Western computers. This one is from today’s Guardian Unlimited — Smash and grab, the hi-tech way: Sources involved in tracking down the gang say the Chinese group is just one of …

Continue reading ‘Why Hasn’t China Cracked Down on Its Rainmen?’ »

The Price of Worms

How damaging are worms? Very, says Sandvine Inc, a Canada based Internet security company. It says that the main damage is on ISPs who lose bandwidth to them, and face daily Denial of Service attacks. “In fact,” Sandvine says in one new report (PDF, registration required), ”Internet worms and the malicious, malformed data traffic they generate …

Continue reading ‘The Price of Worms’ »

Viruses And The Russian Connection

As feared, MyDoom seems to come from Russia. Or does it? The Moscow Times quotes Kaspersky Labs as saying they used location-sensing software to trace the first e-mails infected with MyDoom back to addresses with Russian Internet providers. “It’s scary, but most serious viruses are written in Russia,” said Denis Zenkov, spokesman for Kaspersky, the …

Continue reading ‘Viruses And The Russian Connection’ »