Day: June 13, 2011
Cyber attacks may not be a new phenomenon but the recent successes scored against high-profile targets includingCitiGroup, Google, RSA and government contractors such as Lockheed Martinunderscore the targets’ current failure to block security threats enabled by theInternet. Malicious hackers use the very same technology that enables online banking, entertainment and myriad other communication services to attack these very applications, steal user data, and then cover their own tracks.
One common practice that attackers employ to evade detection is to break into poorly secured computers and use those hijacked systems as proxies through which they can launch and route attacks worldwide. Although such attacks are an international problem, there is no international response, which frustrates local law enforcement seeking cooperation from countries where these proxy servers typically reside.
Every day seems to bring news of some new cyber attack. “We’re seeing more reports on invasive attacks on a much more regular basis,” says Chris Bronk, an information technology policy research fellow at Rice University’s James A. Baker III Institute for Public Policy and a former U.S. State Department diplomat.
The hardest problem in finding the source of these attacks is attribution. Each data packet sent over the Internet contains information about its source and its destination. “The source field can be changed [spoofed] by an attacker to make it seem like it’s coming from someplace it’s not,” says Sami Saydjari, president of the cyber-security consultancy Cyber Defense Agency and a former program manager of information assurance at the Defense Advanced Projects Agency (DARPA).
“If your network is under attack and you’re trying to find out who’s doing it, purely technical means are insufficient for that,” says David Nicol, director of the Information Trust Institute at the University of Illinois, Urbana–Champaign. “The way that we assemble complicated networks of computers until recently hasn’t been done at all with security in mind except in a cursory way, and that’s the fundamental problem.”
By way of example, Nicol points out that he uses a virtual private network that connects to a proxy server before connecting him to the Internet. This enables him to encrypt data he sends over the network and protect the identity of his own Internet protocol (IP) address. “I do this to thwart information harvesting that commercial Web sites usually have,” he adds. “I’ve got nothing to hide but that doesn’t mean I want information about me harvested and sold.”
Unfortunately, such tactics are also employed for malicious purposes. Cyber attackers use viruses, worms and other malware to take control of Internet servers or even personal computers, creating a network of “zombie” computers (also called botnets) under their control that they can use to launch their attacks. As a result, an attack may appear to come from a particular server or computer, but this does not mean the attack originated at that device, Nicol says, adding that often a string of proxies located in different countries are used in an attack, “greatly complicating the legal process of trying to piece it all together.”
Making the Twitter rounds on a super-sized scale today (under the hashtag of #seriouslymcdonalds) is this obviously fake sign that’s allegedly in a McDonald’s restaurant. It claims that “African-American customers are now required to pay an additional fee of $1.50 per transaction.” The picture originated on twitpic and has gone viral from there.
A tipoff that this is a fake? We called that 800 number you see at the bottom of the sign, and it connected to the KFC Customer Satisfaction Hotline. But really, think about it: Would any McDonald’s franchisee or employee tape such a sign on the door of a McDonald’s restaurant? It would be career suicide.
Further proof: On McDonald’s official Twitter account, the company says it’s a hoax:
Ultimate proof: We called the company and got an official statement from Rick Wion, McDonald’s director of social media:
“The sign is obviously a hoax. As a company and a brand we have a long and proud history of diversity inclusion across our system on both sides of the counter.
“From our management crew, franchisees — across the board, we’re very proud of our record of diversity. This is unfortunately an example of how rumors can outspeed the truth. Over the last 48 hours we’ve been tweeting and striving to clarify that this is a hoax.”
If YouTube was your one stop destination for videos, now it will become your one stop destination for movies as well. YouTube and Intel have partnered to bring you the latest blockbusters online. You can log on to ww.youtube.com/BoxOffice to get started.
Opening the box office in India is Yash Raj Film’s Band Baaja Baaraat. Users will have the option to view the movie in 720p and 1080p apart from the other standard resolutions.
Continuous play will however depend on the Internet speed. Movie trivia and contests also make an appearance on this YouTube page to add to the Bollywood novelty. Deleted scenes, making of the movie and other features that are available on the movie DVD will also be available. YouTube already has a movies channel that lets you watch movies for free but this initiative by Google in India Intel will bring the big blockbuster titles to the web screen.
With the growth in broadband penetration and increasing Internet speeds in India, the day seems pretty close when a large number of households will be able to stream movies to their TVs directly from the web. With Netflix making its intentions clear to enter the Indian market, we will soon see great competition in the online movie streaming business.