IE lets attackers hijack network traffic March 27, 2007
Posted by trutechie in Uncategorized.add a comment
By: Joris Evers, silicon.com
A problem in the way Windows PCs obtain network settings could let attackers hijack traffic, security researchers said Saturday.
The problem occurs because of a design bug in the system used by Windows PCs to obtain proxy settings, researchers with security firm IOActive said at the ShmooCon hacker conference in Washington, DC. As a result, an attacker with access to a network, for example, at a corporation could insert a malicious proxy and see all the traffic, the researchers said.
(excerpt courtesy of silicon.com)
To read on, click here.
From the Washington Post Opinions Page: My National Security Letter Gag Order March 23, 2007
Posted by trutechie in Uncategorized.1 comment so far
The Justice Department’s inspector general revealed on March 9 that the FBI has been systematically abusing one of the most controversial provisions of the USA Patriot Act: the expanded power to issue “national security letters.” It no doubt surprised most Americans to learn that between 2003 and 2005 the FBI issued more than 140,000 specific demands under this provision — demands issued without a showing of probable cause or prior judicial approval — to obtain potentially sensitive information about U.S. citizens and residents. It did not, however, come as any surprise to me.
(Letter preview courtesy of the Washington Post.)
Looking to block P2P? March 22, 2007
Posted by trutechie in Uncategorized.1 comment so far
By Thomas Mennecke
Let’s face it. P2P networking takes up a considerable amount of bandwidth. Whether you are a network administrator for a college LAN (Local Area Network) or an ISP, some estimates place P2P consumption (especially BitTorrent) at 60 percent. However, figuring out the most practical solution for various administrators varies. Should you outright ban P2P traffic? Incorporate bandwidth throttles? NetEqualizer lets you choose from these options and much more. ISPs are in a more precarious situation than say a college LAN administrator. If P2P traffic begins to saturate a college network, the LAN administrator does not have to worry all that much if the decision is made to filter or block file-sharing traffic. Perhaps some people may complain, but the loss of revenue is not a concern.ISPs on the other hand must take this into heavy consideration. P2P traffic consumes an enormous amount of bandwidth compared to the amount of individuals that use it. For example, CacheLogic, a P2P measuring and network solutions firm, states P2P traffic can consume a majority of the ISPs bandwidth, easily blowing away HTTP. Comparatively, only a relative few individuals actually utilize such high consumption protocols.
So here is the tricky part. ISPs know that P2P has helped fuel the broadband revolution. While not everyone uses BitTorrent; eDonkey2000, FastTrack, Gnutella, etc. are very popular. Block P2P users, an the ISP might face a significant backlash. Throttle their bandwidth, and the ISP might have similar results.
One of the more compromising solutions has been offered from CacheLogic, which aims to make everyone happy. CacheLogic’s function is to cache or store common P2P files based on the frequency of search queries. Instead of P2P traffic bogging down and ISPs network, it simple searches the cache server. P2P fans are left to enjoy their file-sharing bliss and web surfers can happily surf the World Wide Web.
However, say you are not interested in making the P2P crowd happy, and catering to web surfers is the priority. Say you want to throttle or block P2P traffic completely…then APConnection’s Net Equalizer comes into play.
According to a press release issued by APConnection today, their product Net Equalizer will now be distributed on a worldwide scale. Net Equalizer aims to give priority to web based traffic, while throttling back those who utilized P2P software. When file-sharing traffic begins to slow down those surfing the web, its fairness algorithing kicks. For more information on Net Equalizer, read the FAQ here.
The recently signed distributors have selected NetEqualizer primarily for its ability to deliver automated bandwidth control. Other features that have driven adoption include the enhancement of security offerings with the ability to block and control p2p traffic and unique quality of service (QoS) capabilities that enable distributors to include NetEqualizer as part of a service provider VoIP package.
NetEqualizer is a stark contrast to CacheLogic, which aims to compromise rather than block or throttle P2P traffic. Regardless, NetEqaulizer’s solution is straight forward and offers and immediate solution to a network that is bogged down with P2P traffic. However, as file-sharing and P2P traffic becomes more mainstream, consumers may take into consideration whether an ISP uses NetEqualizer or CacheLogic as a network management solution.
(article courtesy of www.slyck.com)
US Patent Office says P2P threatens national security March 22, 2007
Posted by trutechie in Uncategorized.add a comment
| The US Patent & Trademark Office (USPTO) has launched a stinging attack on peer-to-peer (P2P) file sharing services, publishing a report (pdf) from its Office of International Relations earlier this month.
“A decade ago, the idea that copyright infringement could become a threat to national security would have seemed implausible,” said USPTO director Jon Dudas, introducing the document. “Now, it’s a sad reality.” (article courtesy of theregister.com) |
