Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.
First, a little background. If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDoS). Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it's overwhelmed. These attacks are not new: hackers do this to sites they don't like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it's a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.
Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.
The attacks are also configured in such a way as to see what the company's total defenses are. There are many different ways to launch a DDoS attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they've got to defend themselves. They can't hold anything back. They're forced to demonstrate their defense capabilities for the attacker.
I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex."
There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.
Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
What can we do about this? Nothing, really. We don't know where the attacks come from. The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it's possible to disguise the country of origin for these sorts of attacks. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the US decides to make an international incident over this, we won't see any attribution.
But this is happening. And people should know.
This essay previously appeared on Lawfare.com.
EDITED TO ADD: Slashdot thread.
EDITED TO ADD (9/15): Podcast with me on the topic.
Seems like a cheap buy?
Harvard created this really cool time-lapse video of bacteria mutating resistance to antibiotics. It is cool. It is scary. All that and a bag of chips.
Just another reminder of what fights are ahead for humanity.
UK responded to NSA director's 'collect it all' instruction by, well, collecting it all
IOCCO received reports of 1,199 known errors in 2015
And self-published “indie” authors — in part because they get a much bigger cut of the revenue than authors working with conventional publishers do — are now making much more money from e-book sales, in aggregate, than authors at Big Five publishers.
The AAP also reported, though, that e-book revenue was down 11.3 percent in 2015 and unit sales down 9.7 percent. That’s where things get misleading. Yes, the established publishing companies that belong to the AAP are selling fewer e-books. But that does not mean fewer e-books are being sold. Of the top 10 books on Amazon’s Kindle bestseller list when I checked last week, only two (“The Light Between Oceans” and “The Girl on the Train,” both mass-market reissues of novels that have just been made into movies) were the products of major publishers. All the rest were genre novels (six romances, two thrillers) published either by the author or by an in-house Amazon imprint. Their prices ranged from 99 cents to $4.99.
That is from Justin Fox at Bloomberg.
The post eBooks are not declining as much as you might think appeared first on Marginal REVOLUTION.
Equal to Intel i5 if great. New architecture then holds promise to finally equal i7
The team behind SingularDTV, a blockchain-based digital content distribution and management platform, is planning the launch of a decentralized system in which artists and digital content creators can build, monetize, protect and manage their creations using the blockchain technology.
Based on the Ethereum network and the ConsenSys venture production studio, SingularDTV relies on a tokenized ecosystem using a local cryptocurrency called SNGLS to help artists and creators benefit from transparent media production and distribution.
Essentially, the SingularDTV platform aims to construct a decentralized entertainment industry in which content creators have complete control over their creations and monetization methods. Its four core divisions — content creation & acquisition, documentary division, rights management platform and TVOD Brand/Portal — allow creators to display, distribute and produce films, television properties and music while protecting their copyrights in one single platform.
The SingularDTV team and its CEO Zach Lebeau believe that the platform will lead to the development of new monetization methods and will eliminate monopolistic distribution that inevitably lessens the profit of artists and filmmakers.
“It [the platform] will give artists control over setting usage policies for their created content and pay them instantaneously when their content is watched, rather than having to participate in the monopolistic and obfuscated distribution machine of the legacy entertainment industry that ends up eating away at their potential profits,” Lebeau told Bitcoin Magazine in an interview.
Joseph Lubin, CTO of SingularDTV, further emphasized that artists and filmmakers will be able to maximize their earnings by eliminating the presence of third-party institutions or mediators like Netflix and YouTube to manage and distribute their content. The platform is gearing towards a consumer-to-creator network in which consumers may access the creator’s works without accessing an external application.
Through the utilization of smart contracts, consumers will be able to make payments according to the indications of each smart contract of the creators.
“A consumer will be able to navigate and catalogue and find something to watch and click on an appropriate usage policy to pay the artist instantly and directly for the content that we’re receiving and using,” said Lubin.
Importance of Ethereum and Local Tokens
Before Ethereum was introduced to the digital currency industry, Lebeau and his team attempted to utilize the Bitcoin network and ecosystem to build the SingularDTV platform. However, Bitcoin’s lack of infrastructure made it difficult for developers to create applications using scalable frameworks.
The Ethereum network, which is primarily based on smart contracts, has since allowed the SingularDTV team to create a decentralized and scalable platform with which they can integrate various applications to handle various operations.
“The Ethereum blockchain represents the best possible potential to achieve the construction of a scalable decentralized entertainment industry. We believe the most innovative and progressive minds in blockchain tech are developing on Ethereum, which gives it long-term viability,” said Lebeau.
More importantly, the Ethereum platform has enabled the SingularDTV team to create a localized token called SNGLS that is programmed with “the terms and conditions of SingularDTV and its intellectual property,” rather than simply using ETH, which is just the gas that fuels the Ethereum blockchain.
“We’re entering into the 'Age of Tokenized Ecosystems',” said Lebeau. “This is the beginning of a next great tech boom where trillions of dollars worth of real world assets will be decentralized and placed onto the blockchain in the coming years. SNGLS tokens are the decentralized representation of SingularDTV intellectual property — our film, TV and software projects. The tokens are the company and represent the CODE structure of SingularDTV.”
Lebeau added that the details of the CODE structure were developed in partnership with ConsenSys and Swiss law firm MME, among the architects of the Ethereum Foundation, with assistance from legal innovator Luka Muller, who is at the forefront of the legal/tax structure for tokenized ecosystems.
The post SingularDTV: A Decentralized “Netflix” on Ethereum appeared first on Bitcoin Magazine.
Following reports of some Samsung Galaxy Note7 units exploding during charging, there have been rumors that the South Korean company is mulling recalling units that have already been sold. Now, the tech giant has issued an official statement on the matter. "In response to questions on Galaxy Note7, we are conducting a thorough inspection with our partners," Samsung said. "We will share the findings as soon as possible. Samsung is fully committed to providing the highest quality products to our consumers." While the statement does not reflect what steps Samsung is planning to address...
EU is running out of money, so it has to be sponsored by tech companies :)
I had decided on a nice evening to myself. I bought a semi-expensive steak from one of the supermarket shelves that’s harder to reach. I spent more than £5 on wine. Between turning the potatoes and warming a skillet, I would casually check the results of the fermenting internet conspiracy I had been monitoring all day. I went home. At 1am, I watched a Discord chat community of thousands tear itself apart in search of prime numbers, base64 sequences and datamoshed imagery. It was fantastic.
Sombra is Overwatch's supposed 23rd character, and has been the subject of an Alternate Reality Game (or ARG) since the game's release. By this point, she's something like the Godot of Overwatch - a figure one talks about, speculates on, even loves in absentia, but never sees. Months of cryptic, miniature hints about the character – who, depending on which crackpot screed you’re reading, is an invisible stealth melee user, a teenage hacker, a rogue AI, or all of the above – have slowly splintered the dam holding back an absolute torrent of internet froth. Yesterday, it broke, and I was happily washed away amidst it.