Experts explore scrapping Internet, starting over

Wonder what Al Gore gonna have to say about this?

'It's sort of a miracle that it continues to work well today'
April 13, 2007

Quote:

Although it has already taken nearly four decades to get this far in building the Internet, some university researchers with the federal government's blessing want to scrap all that and start over. The idea may seem unthinkable, even absurd, but many believe a "clean slate" approach is the only way to truly address security, mobility and other challenges that have cropped up since UCLA professor Leonard Kleinrock helped supervise the first exchange of meaningless test data between two machines on Sept. 2, 1969.

The Internet "works well in many situations but was designed for completely different assumptions," said Dipankar Raychaudhuri, a Rutgers University professor overseeing three clean-slate projects. "It's sort of a miracle that it continues to work well today." No longer constrained by slow connections and computer processors and high costs for storage, researchers say the time has come to rethink the Internet's underlying architecture, a move that could mean replacing networking equipment and rewriting software on computers to better channel future traffic over the existing pipes.

Even Vinton Cerf, one of the Internet's founding fathers as co-developer of the key communications techniques, said the exercise was "generally healthy" because the current technology "does not satisfy all needs." One challenge in any reconstruction, though, will be balancing the interests of various constituencies. The first time around, researchers were able to toil away in their labs quietly. Industry is playing a bigger role this time, and law enforcement is bound to make its needs for wiretapping known.

More http://www.msnbc.msn.com/id/18095186/

Sneaky vx'ers...

Google searches web's dark side
Friday, 11 May 2007, One in 10 web pages scrutinised by Google contains malicious code that could infect a user's PC.

Quote:

Researchers from the firm surveyed billions of sites, subjecting 4.5 million pages to "in-depth analysis". About 450,000 were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge.

A further 700,000 pages were thought to contain code that could compromise a user's computer, the team report. To address the problem, the researchers say the company has "started an effort to identify all web pages on the internet that could be malicious".

Phantom sites

Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information. They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website.

"To entice users to install malware, adversaries employ social engineering," wrote Google researcher Niels Provos and his colleagues in a paper titled The Ghost In The Browser. "Finding all the web-based infection vectors is a significant challenge and requires almost complete knowledge of the web" - Google researchers

More BBC NEWS | Technology | Google searches web's dark side

Maybe this will cut down on the spam problem. This guy is ranked among the top 10 spammers.

Top Spammer Arrested
May 31, 2007- A 27-year-old man described as one of the world's most prolific spammers was arrested Wednesday, and federal authorities said computer users across the Web could notice a decrease in the amount of junk e-mail.

Quote:

Robert Alan Soloway is accused of using networks of compromised "zombie" computers to send out millions upon millions of spam e-mails. "He's one of the top 10 spammers in the world," said Tim Cranton, a Microsoft Corp. (MSFT) lawyer who is senior director of the company's Worldwide Internet Safety Programs. "He's a huge problem for our customers. This is a very good day."

A federal grand jury last week returned a 35-count indictment against Soloway charging him with mail fraud, wire fraud, e-mail fraud, aggravated identity theft and money laundering. Soloway pleaded not guilty Wednesday afternoon to all charges after a judge determined that - even with four bank accounts seized by the government - he was sufficiently well off to pay for his own lawyer.

He has been living in a ritzy apartment and drives an expensive Mercedes convertible, said prosecutor Kathryn Warma. Prosecutors are seeking to have him forfeit $773,000 they say he made from his business, Newport Internet Marketing Corp. A public defender who represented him for Wednesday's hearing declined to comment.

Prosecutors say Soloway used computers infected with malicious code to send out millions of junk e-mails since 2003. The computers are called "zombies" because owners typically have no idea their machines have been infected. He continued his activities even after Microsoft won a $7 million civil judgment against him in 2005 and the operator of a small Internet service provider in Oklahoma won a $10 million judgment, prosecutors said.

U.S. Attorney Jeff Sullivan said Wednesday that the case is the first in the country in which federal prosecutors have used identity theft statutes to prosecute a spammer for taking over someone else's Internet domain name. Soloway could face decades in prison, though prosecutors said they have not calculated what guideline sentencing range he might face.

More My Way News - Man Described As a Top Spammer Arrested

[waltky]

Freedom of the internet at stake...

Call to regulate the net rejected
Wednesday, 29 August 2007, The internet should not be used as a scapegoat for society's ills, said Vint Cerf, Google's net evangelist and a founding father of the network.

Quote:

Speaking on the BBC Radio 4's Today programme he rejected calls for strict control of what is put online. He said the net was just a reflection of the society in which we live. Anyone regulating beyond what was clearly illegal put themselves on a "slippery slope" that could limit freedom of expression, he said. "If it's not illegal, it raises a rather interesting question about where you do draw the line," he said.

Mirror image

See also:

China sending virtual police on cyber-patrols
08/29/2007 - Virtual police officers will soon begin visible patrols on Chinese Internet sites to warn surfers they are being monitored, Beijing authorities said in comments published Wednesday.

Quote:

The images of the "Beijing Internet Police," one male and one female dressed in uniform and saluting, will from Saturday start popping up every 30 minutes on computer screens run by 13 major portals based in the Chinese capital. The cyber cops will be on the look out for websites and Internet activities that incite secession, promote superstition, gambling, fraud and pornography, the China Daily said, citing Beijing's public security bureau.

"It is our duty to wipe out information that does public harm and disrupts social order," the bureau's deputy chief of Internet surveillance, Zhao Hongzhi, was quoted as saying. As well as offering a reminder that "big brother" is watching, web users can also click on the cyber police images to connect with the Internet surveillance center and report suspicious activities.

"The virtual police officers will faithfully fulfill their duties, listen to the suggestions of netizens and protect them from harm," Zhao said. Chinese cyber-cops first appeared on portals based out of the southern city of Shenzhen last year, according to the China Daily.

MORE

[Martin]

Interesting you bring up China virtual police. I say this one today :

FT.com / World - Chinese military hacked into Pentagon

Quote:

Chinese military hacked into Pentagon

By Demetri Sevastopulo in Washington and Richard McGregor in Beijing

Published: September 3 2007 19:00 | Last updated: September 3 2007 20:53

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American *officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence...trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.

Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.

“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”

George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.

The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.

“The PLA has demonstrated the ability to conduct attacks that disable our system...and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.

Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.

The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.

The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.

John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.

The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.

[waltky]

Granny says they tryin' to take over our minds through computers...

... but Uncle Ferd ain't worried...

... he got his tin-foil hat to protect him!"

Watch out for Chinese websites...

China hosts nearly half of all malware sites
September 4, 2007, China is host to almost half of the world's malware-infected Web sites.

Quote:

According to a report released Monday by antivirus company Sophos, China--including Hong Kong--hosted 44.8 percent of the world's infected sites in August. The U.S. ranked a distant second, hosting 20.8 percent of sites that contain malicious code.

The number of infected Web pages has also grown. Sophos said it detected an average of 5,000 new infected pages each day in the month of August. The company warned that simply staying clear of sites hosted in the top three countries of China, the U.S. and Russia is not an effective method of avoiding malware.

"Hackers are hijacking Web sites around the world to make them point to malware on sites based in China, the U.S. and Russia," Carole Theriault, Sophos senior security consultant, said in a statement.

Sophos also warned about a sharp rise in spam pointing people to these infected sites. Malicious senders, in an attempt to bypass attachment virus scanners, are using messages that direct people to Web sites with malicious code. Computers get infected when people click on the links in the e-mail message.

"Most malware writers...are using spam and the Web to infect users," Theriault said. "Criminals are hard at work trying to slip past filters at the corporate gateway." June saw a spike in spam hosted on Chinese domains, when the figure rose from almost zero to 450 spam domains.

Source

[waltky]

A new and improved WWW?

Is It Time to Scrap the Internet and Start Over?
Oct. 27, 2007 - With Millions of People Watching Shows and Movies Online, Service Providers May Become so Overwhelmed that the Internet May Seem Outmoded

Quote:

More and more, Americans are treating their PC as a second TV. Few are ready to place a couch in front of their monitors, but millions are plopping down in front of Internet services such as YouTube, Joost and television network Web sites to watch online shows and movies. Streaming video will surge from 7.3 percent of all U.S. consumer Internet traffic in 2006 to almost 33 percent by 2012, according to the market research firm IDC of Framingham, Mass. But remember, that's just a percentage. Along with video's increasing share, total Internet traffic is expected to double every two years, industry analysts say.

Some warn that this rush will overwhelm service providers if they don't prepare for it. And the forecast for an ever-rising flood of data has some asking, is the Internet outdated? "That's one way to put it," says Larry Roberts, who, in 1969, managed the Pentagon's APRAnet, the precursor to the Internet. "Another is that it's insufficient for the new kinds and new scale of today's transfers." While some disagree with Roberts's characterization, the connection speeds reaching American homes are certainly behind those enjoyed by Japan, South Korea, and Sweden and could potentially limit Americans' online entertainment choices.

The Internet is perfectly tuned for e-mail, says Roberts. But 40 years ago, he and the many others who helped nurture today's commercial Web never imagined, nor planned for, streaming high-definition television shows to travel through the wires. But that's where online usage has headed. Nearly 16 percent of American households with Internet access now watch TV shows online, according to a report released last week by TNS and the Conference Board, two research groups based in New York. And the online audience for entire episodes has doubled over the past year. Now, with the new TV season, networks are making even more of their prime-time shows available to Web viewers.

MORE

[waltky]

Web 3.0 in the works...

New endeavors aim to build a better Internet
Mon., Dec. 10, 2007 - The goal is to make computers do the work in a more intuitive Web 3.0

Quote:

How do computers know what users really want when they ask for a concise hotel review, a way to kill bacteria or a picture labeled “breakfast” in Arabic? To the annoyance of Internet surfers adrift on oceans of online information, computers often don’t have a clue, even with the compendium of collective wisdom often referred to as Web 2.0.

University of Washington computer scientist and search engine pioneer Oren Etzioni is hoping to make today’s “dumb” computers far more consumer-friendly. As part of a larger push in the field, his latest projects are providing a sneak preview of how online applications might look in a more intuitive Web 3.0 of the not-so-distant future.

“I think that right now, there is the expectation that people will do a lot of the work,” Etzioni said. “The Web is cool, but to get something done like set up a vacation in Italy or even decide when’s the right time to buy your airline ticket to get the right price, it actually demands quite a bit of manual labor.”

Shifting the work to the machine

[waltky]

Europe Close to Anti-Cybercrime Agreement

Council of Europe, ISPs Draft Anti-Cybercrime Guide
April 1, 2008 : A set of guidelines to help European ISPs and law enforcement cooperate on cybercrime investigations is almost done.

Quote:

A set of guidelines to help European ISPs and law enforcement agencies cooperate on cybercrime investigations are close to being complete. The guidelines are aimed at satisfying law enforcement's need to quickly obtain data needed for investigations while also not unduly burdening ISPs (Internet service providers) or threatening subscribers' right to privacy, said Alexander Seger, head of the economic crime division for the Council of Europe.

Industry and government representatives are meeting Tuesday in Strasbourg, France, and hope to have a final draft ready by the conference's end on Wednesday. The guidelines will be voluntary for ISPs and law enforcement, and intended to be a set of best practices to supplement a particular country's existing laws against cybercrime. ISPs and police in any country will be encouraged to use the guidelines. ISPs often have critical information needed for cybercrime investigations, but there are a range of concerns that come when the law comes knocking.

"The problem that many service providers and law enforcement encounter is that such cooperation is not very well structured," Seger said. "Even within one country, different approaches are used." The idea is to have a more reasonable set of expectations on both sides, in accordance with local law. One of the recommendations calls for regular training for both sides in order to "promote a culture of cooperation rather than confrontation," according to a draft.

More ABC News: Europe Close to Anti-Cybercrime Agreement

[waltky]

possum disappointed he can't take over the internet now...

Entire internet at risk from flaw
July 09, 2008 - Serious flaw found in Domain Name System; Companies worked "in secret" to fix problem

Quote:

COMPUTER industry heavyweights are rushing to fix a flaw in the foundation of the internet that would let hackers control traffic on the worldwide web. Major software and hardware makers worked in secret for months to create a software "patch'' released overnight to repair the problem, which is in the way computers are routed to web page addresses. "It's a very fundamental issue with how the entire addressing scheme of the internet works,'' Securosis analyst Rich Mogul said.

"You'd have the internet, but it wouldn't be the internet you expect. (Hackers) would control everything.'' The flaw would be a boon for "phishing'' cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

Attackers could use the vulnerability to route internet users wherever they wanted no matter what website address was typed into a web browser. Security researcher Dan Kaminsky of IOActive stumbled upon the Domain Name System (DNS) vulnerability about six months ago and warned industry giants including Microsoft, Sun and Cisco to collaborate on a solution.

DNS is used by every computer that links to the internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites. "People should be concerned but they should not be panicking,'' Mr Kaminsky said. "We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before.''

More Entire internet at risk from flaw | NEWS.com.au