Blog‎ > ‎

Cyber crime, RSACRT, C-Lion, Security, Death to BS, ChinaCacheCDN, CloudFlare, Internet Map

posted Sep 7, 2015, 7:55 AM by Sami Lehtinen   [ updated Oct 2, 2015, 8:32 PM ]
  • Finland enhances cyber crime legalization and punishments. Now it's even easier to get convicted from cyber crimes in Finland. Including identity theft, causing danger to cyber systems, damaging cyber systems, destroying / corrupting data, cyber privacy violations, disturbing ict systems and data theft / hacking (cracking). Now it's possible to get five year convictions from these crimes. Botnets are also mentioned separately or if key infrastructure is being attacked.
  • RSA CRT leaks - Well well. Nothing new. It's so normal that different (vital) steps are skipped in processes. Very common and usual vector in software. Essential XKCD. Smile. Yet it's nice to notice that GnuPG and OpenSSL are doing the verification step
  • C-Lion (Sea Lion?) fiber optic submarine cable between Finland & Germany has been accepted by Finnish Government. I wonder if Russian Optical Trans-Arctic Cable System (ROTACS) will be built by PolarNet at some point and if it will go via Finland to Germany or will it be connected to UK directly.
  • I often wonder what's the percentage of securely configured systems. Even if there are very basic guidelines how to configure systems securely, it seems that people responsible for security mis-configure the systems most of time, even if there's constant external monitoring and nagging about the thing. So unless there's external monitoring, I would assume that at least 90% of systems are absolutely insecurely configured. This doesn't count the systems, where password is NOT default, but it's still something extremely stupid and guessable.
  • I personally think that the information security stuff is funny field. On the other hand there's all that tinfoil stuff, in theory they could do that. Worries about ciphers and hidden zero day bugs. Then there are all those talks by security gurus telling about how to make ultra secure systems. Then there's the somewhat relaxed basic instructions which would reduce attack surface a lot. But nobody even gives a s*t about those. Then there's the reality where everything is more or less insecure and mis-configured, not following even the relaxed basic rules. Allowing very simple automated botnets to brute force administration accounts / passwords of the systems quite easily. And the only reason why there isn't major security disaster is that nobody's really trying. It's just like in the article about electronic voting systems. Basically anyone could hack it, if they just would want to. Any news? Nope? I guess not. I'm just today once again baffled about the reality of ICT security. Truth is anyway, that making things secure requires extra work and causes costs, and nobody really wants to have seucre systems because it costs something. If totally insecure works as well, it's just stupid to waste money on system security. And we've all seen where this leads to in news.
  • Death to bullshit. A very nice post and valid points. I've done that 'cut down' several times. Just checking which things are such that those only consume mental energy and time and strictly cut those out. No more this and that, I'm done with it, and so on. Relax, enjoy and select high quality but low volume sources. I've also learned to click email delete button very quickly.
  • Xinhua News - Seems to be using China Cache CDN network now. - Yet China Cache's web page talk about PoPs they're launching in 2013. That's lame, really outdated information. Makes whole company look really stagnant.
  • Does CloudFlare use different 'user tiers'? I guess they do, CacheFly seems to be doing same. Smaller (Free / Promo) sites using the CDN network won't get same number of PoPs to use than larger (or paying) sites. This doesn't mean that performance would be bad. But it still makes big difference if site is being served from every PoP or just a few major ones around Europe and US where bandwidth is cheapest. Not surprising at all, I would probably do the same. You'll get what you pay for. As well as smaller sites might get so few hits that using all PoPs could at least in theory mean worse performance because it would mean almost always a cache miss.
  • Internet Map - By as2914 (NTT Communications). As you can see, there are only a few major stars on Internet, which will connect you well around the globe.