Tag Archive for: thoughts

Some Thoughts on the Recent DNS Operations, Analysis, and Research Centre Workshop, OARC-35

/in


The DNS Operations, Analysis, and Research Centre (DNS-OARC) convened OARC-35 at the start of May. Here are some thoughts on a few presentations at that meeting that caught my attention.

TTL Snooping with the DNS

These days it seems that the term “the digital economy” is synonymous with “the surveillance economy.” Many providers of services on the Internet spend a lot of time and effort assembling profiles of their customers. These days, it’s not just data in terms of large-scale demographics but the assembling of large sets of individual profiles. We are all probably aware that we emit a steady stream of bits as a digital outflow when we use the Internet, and there is a major ongoing effort to sniff this digital effluent and derive profiles of individual activities from this data. If an entity operates a recursive resolver in the DNS or operates a popular web service, then it’s pretty clear how such user profiles can be assembled if that’s what they want to do. What is not so apparent is that almost anyone can sniff our digital outflow. All it takes is a little ingenuity.

The presentation on “Trufflehunter” at DNS OARC 35 is a good case in point of being able to perform such indirect snooping. The question posed here is to what extent is stalkerware being used. By its very nature, stalkerware is covert, as the intent is that the intended victim should be completely unaware that they have this app running on their device. So, is there a puff of tell-tail smoke that can reveal stalkerware in action? The key observation is that often these apps use the DNS as a command-and-control channel. After all, the DNS is ubiquitous, and the total query volumes are truly prodigious. What are a few more queries in such a torrent of DNS? The app is simply hiding itself in a densely packed crowd. You might get a signal of active stalkerware if you operated a DNS resolver, but if you aren’t the resolver operator, then you just can’t see the signal. Right?

Not true.

The critical piece of data that is used in this form of digital eavesdropping is the TTL (Time to Live) field in DNS responses. When a recursive resolver loads a response that was supplied by an authoritative server,…

Source…

“Secure in your thoughts” – malware memories and brain passwords in the Stroke of Genius podcast

/in

I’m in the latest episode of the “Stroke of Genius” podcast, which looks at passwords and how researchers are exploring ways to use brain patterns as a way to unlock devices.

I’m on hand to describe the workings of some notorious password-stealing malware, and also share some stories of how computer games helped me get a job in the cybersecurity industry.

Graham Cluley

See President Obama’s thoughts on cyber warfare and privacy – AfterDawn

/in

AfterDawn

See President Obama's thoughts on cyber warfare and privacy
AfterDawn
See President Obama's thoughts on cyber warfare and privacy If you have the time for a longer-form video, Kara Swisher had a great interview with President Barack Obama, and the pair discussed the President's thoughts on privacy, cyber warfare and
White House. Red Chair. Obama Meets Swisher.Re/code

all 8 news articles »

cyber warfare – read more

My Thoughts On Printers – Forbes

/in

Forbes

My Thoughts On Printers
Forbes
Just this past week, while the rest of us were out enjoying the holiday season, Hewlett Packard released a fix for certain of its printers susceptible to remote hacking. Really? There's a guy out there who wants to hack into my small business' printer

Read more