Another fix is in the works for one of the more hidden aggravations of internetworking security, the so-called Server Name Indication (SNI) extension debacle. The fix - an Encrypted Server Name Indication has been crafted by Clouflare and evidenced by the service itself - eSNI - is an indication of a Company-Doing-The-Right-Thing and enrypting-all-the-things. Additional work is currently underway targeting a IETF Draft RFC. Simply Outstanding Work, Cloudflare.
"What is amazing about all of these contemporary developments is that the DARPA Director who originally approved the development of its internet initiative in the 1970s, Steve Lukasik, has been warning of the dangers of an open internet since it found its way into the public infrastructure in the 1990s. He pulled together an initial expert team in the mid-90s supported by NSA, and spent the next decade hosting extraordinary Red Team specialists and producing innumerable DOD reports on the multiple weaponizations of the open internet for kinetic attacks. " - via Anthony Rutkowski, at CircleID, in his thought provoking article: 'Internet as Non-Kinetic WMD
A deeply (no pun intended) problematic physical security & connectivity planning scenario - specifically the lifespan of in-situ buried internetwork cabling (on, or near land) coupled with a paucity of outcome planning (in the Anthropocene Epoch...) is detailed by highly respected researcher - Paul Barford, Ph.D., a UW-Madison Professor of Computer Science resident at the University of Wisconsin-Madison. Along with Carol Barford, Director of the University of Wisconsin-Madison UW-Madison Center for Sustainability and the Global Environment and Ramakrishnan Durairajan, Assistant Professor, CIS at the University of Oregon) have produced a study detailing failure risks (essentially a call to action, as the buried cable timeline has shriveled from a one hundred year life-span to somewhere less-than-fifty years) of buried internetworked cabling. Superb work. And, here's Rebecca Hersher's reporting for NPR on both the study, and the issues. Enjoy.
'"Most of the damage that's going to be done in the next 100 years will be done sooner than later," says Barford, an authority on the "physical internet" -- the buried fiber optic cables, data centers, traffic exchanges and termination points that are the nerve centers, arteries and hubs of the vast global information network. "That surprised us. The expectation was that we'd have 50 years to plan for it. We don't have 50 years."1 - Paul Barford, Ph.D. in an press-release published at EurekaAlert! (a service of AAAS).
via Ronald F. Guilmette (writing on the NANOG Mailinmg List), in which, his evident disgust (shared I'm sure by the majority of network engineers reading the NANOG List), at BGP route hijacks executed allegedly by BitCanal - a Portuguese firm, at this point, held in the lowest regards. Read more on the Oracle+Dyn blog post well crafted by Doug Madory, or Ronald F. Guilmette's email on the NANOG List (a short snippet also follows).
"Sometimes I see stuff that just makes me shake my head in disbelief. Here is a good example:https://bgp.he.net/AS3266#_prefixes I mean seriously, WTF? As should be blatantly self-evident to pretty much everyone who has ever looked at any of the Internet's innumeriable prior incidents of very deliberately engineered IP space hijackings, all of the routes currently being announced by AS3266 (Bitcanal, Portugal) except for the ones in 213/8 are bloody obvious hijacks. (And to their credit, even Spamhaus has a couple of the U.S. legacy /16 blocks explicitly listed as such.)" - Ronald F. Guilmette at NANOG Mailing List Archive
The NCCoE has announced a new NIST Cybersecurity Practice Guide (currently in draft mode - for your commenting pleasure...) and entitled - "SP 1800-7 Situational Awareness for Electric Utilities. Enjoy.
Yes, you read it correctly, at least 70% of the District of Columbia's Police surviellance cameras were infected with ransomware immediately prior to the 2017 Inauguration of the President and Vice President of the United States.
The singularly astonishing aspect of this debacle was the Department still managed to keep the streets of Washington, D.C. safe for the throngs of visitors at the 2017 Inauguration. Quite simply, testimony to the hard work of the Department's Officers and Staff.
"The Internet of Things (IoT) is an idea that has been around for a long time but is now starting to come to fruition. The idea is that anything and everything can have a sensor and can provide information to a remote collector somewhere else on The Internet. Our cars, our homes, farm animals, farmer’s fields, light bulbs, roads, just about anything can be fitted with a data collection device and the information used to make smarter decisions. The need to collect and analyze the huge amount of data collected is driving advances in Big Data computing. Such data collection also raises serious privacy and security concerns. More event information is on our website here, including speaker bios: http://www.sfbayisoc.org/iot-conference/ ." via the SF Bay ISOC Chapter