Windows 10’s Privacy Policy: the New Normal?

from the no-i-do-not-want-to-send-a-crash-report dept.

An anonymous reader writes:

The launch of Windows 10 brought a lot of users kicking and screaming to the “connected desktop.” Its benefits come with tradeoffs: “the online service providers can track which devices are making which requests, which devices are near which Wi-Fi networks, and feasibly might be able to track how devices move around. The service providers will all claim that the data is anonymized, and that no persistent tracking is performed… but it almost certainly could be.” There are non-trivial privacy concerns, particularly for default settings. 
According to Peter Bright, for better or worse this is the new normal for mainstream operating systems. We’re going to have to either get used to it, or get used to fighting with settings to turn it all off. “The days of mainstream operating systems that don’t integrate cloud services, that don’t exploit machine learning and big data, that don’t let developers know which features are used and what problems occur, are behind us, and they’re not coming back. This may cost us some amount of privacy, but we’ll tend to get something in return: software that can do more things and that works better.”

Posted by Soulskill 2 days ago

 

A Hybrid Approach: Rewriting the Rules for DDoS Defense

IMG_2574

The dilemma for organizations when implementing an effective DDoS defense is whether to deploy on-premises DDoS protection or subscribe to a cloud-based provider. These decisions are not taken lightly, as the threat landscape is wide ranging and increasingly sophisticated.

Organizations outlining their DDoS defense strategy typically begin by looking to out-of-band defenses and anti-DDoS scrubbing-lane approaches for re-routing traffic once an attack has been identified. This approach is a good first step for DDoS prevention; however, it’s only the tip of the iceberg. The recommendation from industry analysts is to execute a two-pronged approach, to include in-line, real time detection and attack mitigation as the primary means for DDoS defense, and cloud anti-DDoS for full pipe saturation attacks.

Here’s why: partial saturation attacks are becoming more commonplace. These DDoS attacks are large (relatively speaking), but only last for a short period of time, and they do not fully saturate the internet link. While these attacks can be devastating to unprotected downstream border defenses, hosted customers or internet-facing services, the motive is most often financial gain or stealing sensitive data. Additionally, these partial saturation events are not long enough in duration for attacks to be detected and re-routed quickly enough for cloud-based DDoS mitigation solutions to provide much, if any benefit.

When assessing DDoS defense strategies, the solutions aren’t like-for-like comparisons. However, there is a suggested approach to protect against the entire spectrum: hybrid on-premise and cloud DDoS mitigation. Let’s look at each of the components.

Cloud Anti-DDoS Solution

DDoS protection, provisioned as a service, is most often an on-demand option for large-scale attacks. Massive volumetric attacks occur when more traffic than the total bandwidth of a network link is sent, which no amount of hardware resources will effectively combat.

Human intervention is critical to an on-demand defense approach – once detected an analyst must then decide to enable the transition to the cloud. In a recent study nearly 50% cited customer complaints as their initial means of DDoS notification. The time from detection to mitigation could range to upwards of one hour with this approach. However, the majority of volumetric attacks last 30 minutes or less. By the time your on-demand defenses are engaged the damage is done.

With out-of-band cloud anti-DDoS, visibility and analysis begin only after the traffic has been re-routed to the scrubbing service, allowing for little if any insight into the attack, eliminating all analysis capabilities.

Some businesses that frequently experience these attacks subscribe to an always-on anti-DDoS cloud solution service. The costs associated with this are substantial. If frequent, massive volumetric DDoS attacks are the Achilles’ heel of your organization, it’s hard to put a price on uninterrupted service availability.

“If frequent, massive volumetric DDoS attacks are the Achilles’ heel of your organization”

On-Premises Real-Time Defense

Purpose-built DDoS defense solutions are deployed between the internet and the enterprise network. A first-line-of-defense approach prevents outages by inspecting traffic at line-rate and blocking attacks in real time while allowing approved traffic to flow. On-premises, real-time defence enables complete and sophisticated visibility into DDoS security events when deployed at the network edge. Additionally, archived security event data will enable forensic analysis of past threats and compliance reporting of security activity, acting as a strong advantage against attackers when DDoS is utilized as a distraction.

Given its nature, precise enforcement of mitigation policies against attack traffic must be accomplished without incurring false positives, with line-rate performance and maximum security efficacy. On-premises technology is designed to handle volumetric network-based attacks, reflective and amplified spoof attacks as well as application layer attacks.

A Possible Silver Bullet – The Hybrid Approach

In 2014 the SANS Institute reported: “DDoS mitigation solutions integrating on-premises equipment and ISP and/or mitigation architectures are nearly four times more prevalent than on-premises or services-only solutions. The growing sophistication of DDoS attacks and the sensitive nature of potential disruption to business services require both local and upstream protections that work in sync.”

The concept of on-demand cloud defense for a pipe saturation attack coupled with always on, on-premises defense provides protection against the whole spectrum. Businesses that engage with their on-demand DDoS mitigation provider can quickly initiate that service based on visibility in the event of a massive volumetric attack. The main benefit of a hybrid approach is that the on-premises device heavily reduces the number of times an organization switches over to the cloud – lowering cost and providing comprehensive and consistent defense.

During the switchover, an on-premises solution would continue to provide the necessary protection for any threats not mitigated by the cloud. Continuous monitoring can show when your organization can return to normal operation and collaborative communication and sharing of information between you and your provider enables comprehensive visibility, enhancing the overall security performance of your network.

The implementation of an always-on solution combined with on-demand cloud defense provides businesses with a means of safeguarding against the vast scope of DDoS attacks posed to their networks. With DDoS attacks now being delivered in various sizes and with differing intentions, ensuring that the appropriate prevention best practices are utilized correctly could well be what saves your organization from falling victim to a major breach of information.

ORIGINAL ARTICLE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
About the Author

Dave Larson is CTO at Corero Network Security. He is responsible for directing the Corero technology strategy, bringing over 20 years’ experience in the network security, data communication and data center infrastructure industries. Most recently, he served as CTO for HP Networking and vice president of the HP Networking Advanced Technology Group. Prior to HP, Larson was vice president of Integrated Product Strategy for TippingPoint and has held senior roles with Tizor Systems, Sandburst Corporation and Xedia Corporation.

Want To Send/Receive Large Files Quickly? Try These 8 Free Websites!

Want To Send/Receive Large Files Quickly? Try These 8 Free Websites!

Monday, May 12, 2014: Are you bogged down by the fact that your regular e-mail client doesn’t let you send/recieve large files, files beyound a certain limit? Well, you’re not the only one. Don’t you always wish you had something, an online tool or a website for that matter that could help you send/receive large data with ease. Afterall breaking your data into little chunks when sending can be a daunting task. Here are 8 free websites that you should try!

1.Mozy Online Backup

More than 6 million individuals and 100,000 businesses back up more than 90 petabytes of information to Mozy data centers globally.

2.ADrive

Founded in 2007 by veterans of the storage and networking industry, ADrive was created to meet the demands of our data-intensive world.

3.Windows Live SkyDrive

Easily store and share photos, videos, documents, and more — anywhere, on any device, free. Plus, get 7 GB when you sign up.

4.file ai

Securely share files that are too big to e-mail for free.

5.Share Send

Share Send is the easiest way to share files online. With no registration required, you simply drag and drop your files and these same files are available online.

6.GigaSize

GigaSize.com allows you to upload large files in just one click.

7.2Big2Send

2Big2Send eliminates the large file headache many people have on a day-to-day basis. Without using 2Big2Send your files clog up your inbox, Exchange Server and makes your recipients wait while you send the email and then download it over slow connections.

8.DropSend

With DropSend you can send 4GB files quickly, securely and without any hassle.

Saurabh Singh, EFYTIMES News Network

Get Set For Internet Download Speed Of 1.4 Terabits Per Second

20140330-212801.jpg

Earlier, tests on faster methods of transmitting data have been conducted using the complex laser technology, but this is the first test conducted in real world conditions, outside the testing labs.

Friday, January 24, 2014 [Original Article]: In what can be termed as the biggest breakthrough in the world of internet, scientists in UK have achieved fastest ever broadband speed of 1.4 terabits per second. This speed is enough to transfer 44 high-definition movies at once.

This test was conducted in London by British Telecom and French networking equipment company Alcatel-Lucent jointly, where they achieved the high speeds of 1.4 terabits per second, or 1,83,501Mbps, on the existing fibre network in London. This breakthrough is of high importance for the internet service providers, as it facilitates sending of greater amount of information through existing broadband infrastructure. All this can happen without costly infrastructure upgrades.

Earlier, tests on faster methods of transmitting data have been conducted using the complex laser technology, but this is the first test conducted in real world conditions, outside the testing labs. This test of fast internet was conducted in October and November last year, on a line from BT Tower in central London and the company’s research campus near Ipswich.

Kevin Drury, optical marketing leader, Alcatel-Lucent, said that this development would reduce the space between lanes on a busy motorway, providing for more lanes of traffic to flow in the same area. In simple terms, this innovation would result in streaming of video via a large, wide lane while accessing standard web pages would need only a small part of the fibre’s capacity.

Criminals Control, Cash Out Bank’s ATM Machines

Kelly Jackson Higgins February 13, 2014

New, sophisticated ATM heist used a malware-laden USB stick to hijack the machine — one arrest is made

In what could be a sign of what’s ahead in ATM fraud, a highly sophisticated and well-funded criminal gang targeted an overseas bank and commandeered at least four of its ATM machines with malware-rigged USB sticks in order to empty them of cash.
Tillmann Werner, a researcher for CrowdStrike, says the organized crime group cracked open the ATM machines and plugged in the USB stick containing a DLL exploit payload. The payload reconfigured the ATM system such that the attackers control it and allowed money mules to steal all of the cash stored in those machines. There has been a single arrest so far — a money mule — and the attacks may possibly have incurred millions of dollars in losses. These attacks are expected against other banks as well, he says.

“They crack the ATM open and plug in the USB drive. It’s risky, but nevertheless, it works,” Werner says.
Werner declined to name the victim bank or the brand of ATM machines it runs. The attacks still appear to be under way, he says. “The fact that such a sophisticated group is operating right now is the most important fact. Another thing that’s interesting is banks in Germany potentially have the same issue, although we haven’t seen an attack like that in Germany so far,” Werner says.

The attackers physically took apart the ATM machines and inserted a USB stick with a malicious DLL installer into the printer port, giving them control of the ATM’s Windows XP-based operating system. When a network connection is interrupted to the ATM, it automatically reboots, doing so from the malicious USB. The installer program collects information from the ATM system and also contains a log file for the attackers.
“It’s a DLL injection file attack into the running process [of the ATM], and then you have code running in that process, and they can do what they want,” Werner says.

One member of the gang in the heist was caught when he went to one of the ATMs to cash out. The cash-out works like this: An attacker types in a 12-digit code that then displays the malicious menu on the ATM screen. He answers a challenge question, and then calls one of his accomplices for a response code, which he inputs to dispense the cash from the ATM. The entire transaction of emptying the ATM takes a few short minutes.
Unlike the ATM Ploutus malware that was discovered last year that targeted bank customers during their ATM transactions, this attack goes after the bank’s cash in the ATMs. “It’s not related to Ploutus,” he says, which is “child’s play” compared with this new, more advanced method that steals from the bank itself.

“Attacks against ATMs mostly have been skimming attacks,” he says. “With this attack, you can empty a whole ATM and make a lot of money … It definitely takes a mafia-like organization to pull off such an attack.”
The victim bank discovered the heist when its ATMs prematurely went empty of cash. “It doesn’t leave any [other] traces,” Werner says. The only clue is that the balance in the machine declines — the theft transaction isn’t detected.

There are ways to prevent such an attack, but with ATMs not built with software security in mind, it’s tough to defend against it today. “You have to secure the PC, but that’s easier said than done,” Werner says. The best bet is to add a boot password to the system, which would prevent this attack, or to encrypt the ATM’s hard drive.
The attack could work on banks in the U.S. as well, he says. The attackers have different versions of the malware for different banks, he says. “It has nothing to do with the banking system. They’re going after the machine that spits out the money,” he says. “Maybe they’re not attacking U.S. ATMs because they use less cash in their ATMs.”

Secure Browser Alternatives On The Rise

20140208-191224.jpg

The sandboxed browser on the desktop, the disposable browser session from the cloud, and now a high-security browser that by default blocks third-party cookies and online ads are all options

By Kelly Jackson Higgins
Feb 04, 2014 5:15pm

A new generation of secure browsers is emerging as Web threats continue to target the conventional browser.

Modern Malware Review by Palo Alto Networks

Check out this story I read from darkReading: Secure Browser Alternatives On The Rise.