6 aging protocols that could cripple the Internet

The biggest threat to the Internet is the fact that it was never really designed. Instead, it evolved in fits and starts, thanks to various protocols that were cobbled together to fulfill the needs of the moment. Few of those protocols were designed with security in mind. Or if they were, they sported no more than was needed to keep out a nosy neighbor, not a malicious attacker.

The result is a welter of aging protocols susceptible to exploit on an Internet scale. Some of the attacks levied against these protocols have been mitigated with fixes, but it’s clear that the protocols themselves need more robust replacements. Here are six Internet protocols that could stand to be replaced sooner rather than later or are (mercifully) on the way out.

via 6 aging protocols that could cripple the Internet | InfoWorld.

Google wants you to help design the Internet of Things

Have an idea for how the much-anticipated Internet of Things should operate? If the idea is good enough, Google may pay you to see it to fruition.

As part of a new effort to generate more Internet of Things technologies, Google is planning to issue a number of grants to facilitate pioneering research in this nascent field of computing.

“While the Internet of Things (IoT) conjures a vision of ‘anytime, any place’ connectivity for all things, the realization is complex given the need to work across interconnected and heterogeneous systems, and the special considerations needed for security, privacy, and safety,” co-wrote Google chief Internet evangelist Vint Cerf, in a blog post announcing the research program.

via Google wants you to help design the Internet of Things | Computerworld.

Researchers quantify the S in HTTPS

Researchers from Pittsburgh’s Carnegie Mellon University, Polytechnic University di Torino in Italy, and the research and development arm of Spain’s Telefónica Group have published a paper investigating the impacts of HTTPS use for industry and web users.

The paper, The Cost of the “S” in HTTPS PDF, was presented at ACM CoNEXT in Sydney, and suggests that while the use of HTTPS is increasing due to mounting security concerns, it could result in more latency online, greater battery drain for some connected devices, and the loss of in-network value-added services.

The paper asserts that HTTPS “does not come for free”, with the researchers saying that HTTPS “may introduce overhead in terms of infrastructure costs, communication latency, data usage, and energy consumption”.

The encryption offered by an HTTPS address may protect information from “man-in-the-middle” attacks, but that same functionality can hamper the application of “middlebox” network appliances, such as firewalls.

via Researchers quantify the ‘S’ in HTTPS | ZDNet.

California Research and Education Network Gets 100-Gigabit Backbone

The Corporation for Education Network Initiatives in California (CENIC) has upgraded the core backbone of the California Research and Education Network (CalREN) to 100 gigabits per second (Gbps).

CalREN is a 3,800-mile advanced fiber optic network serving the California K-12 system, California Community Colleges, California State University, University of California, Caltech, Stanford, University of Southern California and other institutions. The network has three tiers: CalREN-DC for daily network use such as e-mail and Web browsing, CalREN-HPR for high performance research and CalREN-DX for network-based experimentation and development.

The CalREN-DC and CalREN-HPR tiers have been subject to growing demand from “researchers in data-intensive disciplines, ongoing connectivity upgrades for CENIC members, and connectivity for new members such as public libraries and arts and cultural institutions,” according to a news release from CENIC. The new 100-gigabit Layer 2 backbone will ensure that the institutions using CalREN-DC and CalREN-HPR will have sufficient bandwidth to support research and education in the state.

via California Research and Education Network Gets 100-Gigabit Backbone — Campus Technology.

100-Gigabit Connectivity to Pacific Wave International Peering Exchange for ESnet

Today, Pacific Wave announced the completion of a 100-Gigabit connection for the Energy Sciences Network (ESnet), the high-speed computer network serving US Department of Energy (DOE) laboratories and scientific facilities. With the completion of this new connection in Sunnyvale, CA, ESnet has upgraded its peering capabilities to research networks in 40 countries throughout the Pacific Rim and beyond.

copy-header2CSU Channel Islands is a member of CENIC, which in turn peers with the Pacific Wave network.

via 100-Gigabit Connectivity to Pacific Wave International Peering Exchange for ESnet | Business Wire.

As the Web Turns 25, Its Creator Talks About Its Future

In 1989, Tim Berners-Lee, a software engineer, sat in his small office at CERN, the European Organization for Nuclear Research near Geneva and started work on a new system called the World Wide Web.On Wednesday, that project, now simply called the web, will celebrate its 25th anniversary, and Mr. Berners-Lee is looking ahead at the next 25.

via As the Web Turns 25, Its Creator Talks About Its Future – NYTimes.com.

Twitter goes down for most users

Twitter crashed for “most users” Tuesday, in the longest and possibly largest outage for the company since its initial public offering.Twitter announced on its Status blog that the outage was caused by a planned change to its “core services,” which resulted in “unexpected complications that made Twitter unavailable for many users starting at 11:01 a.m.” Engineers spiked the planned change and service was fully recovered by 11:47 a.m. Pacific time.

via Twitter goes down for ‘most users’ in longest outage since IPO – San Jose Mercury News.

ACM interview with Eugene H. Spafford

As a pioneering Internet security researcher and a well-known skeptic about achieving truly secure systems, are you optimistic about efforts to build a more secure network? No, I’m not. I see two problems associated with this approach. First, any significant network that is developed will need to accommodate existing (legacy) systems in some manner, and be operated by some of the same people we have now — there is simply too much invested in legacy systems. This will lead to participating organizations continuing to make poor choices about their priorities for security (and privacy). Many security problems come about because of user error, misconfiguration, poor patching, indirect attacks, and a failure to properly prioritize and fund appropriate safeguards — it isn’t only the design of the networks. A new set of network protocols and connections will not address the full range of issues.

via March 11, 2014: People of ACM: Eugene H. Spafford — Association for Computing Machinery.

Google’s Project Loon: The gamble that’s so crazy it might work

Google’s Project Loon, in which high-altitude balloons circle the globe using wind currents and solar power to provide WiFi connectivity to remote locations in developing markets, officially launched this past week, with balloons headed out around the world from a remote location in New Zealand. If you’re so inclined, there’s even a way to follow along online in real-time as winds blow these balloons at 25 mph along the 40th parallel in the Southern Hemisphere.

via Google’s Project Loon: The gamble that’s so crazy it might work.