David Kirkpatrick

February 12, 2010

Can China’s computer manufacturing industry be trusted?

A very good question, and the current answer is a bit unsettling.

From the link:

Is it safe to buy Chinese-made computer equipment?With Google and the National Security Agency now teaming up to investigate supposed Chinese hacking and most of our PC hardware coming from China, it’s a fair question. And a hard one to answer with certainty.

It is made more urgent by a report in the Sunday Times newspaper that Chinese spies in the U.K. have been handing out bugged memory sticks and cameras to targeted businesses in an attempt to steal the companies’ intellectual property.

Headlined, “China bugs and burgles Britain,” the story quotes a classified report from MI5–their equivalent of our CIA–and says, “The gifts–cameras and memory sticks –have been found to contain electronic Trojan bugs which provide the Chinese with remote access to users’ computers.”

My friend, security blogger Steven J. Vaughan-Nichols, yesterday posted an item suggesting it wouldn’t be too difficult for Chinese PC manufacturers to build backdoors into their products and use them to spy on pretty much anyone.

“If China’s government really is hell-bent on keeping an eye on American and European businesses, why not just incorporate 21st century backdoors into their products? Then, you could just have them automatically call home to do a data dump of documents. If there’s anything interesting in the files, it can be set to monitor its user on a regular basis,” Vaughan-Nichols wrote.

“There’s nothing difficult about doing this. Not only are backdoors easy to create, running an automatic check for words of interest, even in terabytes of documents, just requires some servers. After all,Google does it every day with far more data than such a plot could ever uncover.”

January 20, 2010

China claims hacker victimhood …

Filed under: Business, Politics, Technology — Tags: , , , , — David Kirkpatrick @ 3:42 pm

not malfeasance.

Not likely.

From the first link:

China on Tuesday denied any role in alleged cyberattacks on Indian government offices, calling China itself the biggest victim of hackers.When asked about Google’s (GOOG) allegation that cyberattacks launched from China hit the U.S. search giant, foreign ministry spokesman Ma Zhaoxu said Chinese companies were also often hit by cyberattacks.

“China is the biggest victim of hacking attacks,” Ma said, citing the example of top Chinese search engine Baidu.com being hacked last week.

September 30, 2009

Beating denial of service attacks

Interesting cyber security research.

The release:

Denial of service denial

New filtering system could protect networks from zombies

A way to filter out denial of service attacks on computer networks, including cloud computing systems, could significantly improve security on government, commercial, and educational systems. Such a filter is reported in the Int. J. Information and Computer Security by researchers from Auburn University in Alabama.

Denial of Service (DoS) and distributed Denial of Service (DDoS) attacks involve an attempt to make a computer resource unavailable to its intended users. This may simply be for malicious purposes as is often the case when big commercial or famous web sites undergo a DDoS attack. However, it is also possible to exploit the system’s response to such an attack to break system firewalls, access virtual private networks, and to access other private resources. A DoS attack can also be used to affect a complete network or even a whole section of the Internet.

Commonly, attack involves simply saturating the target machine with external internet requests. In the case of a DDoS attack the perpetrator recruits other unwitting computers into a network and uses a multitude of machines to mount the attack. The result is that the resource, whether it is a website, an email server, or a database, cannot respond to legitimate traffic in a timely manner and so essentially becomes unavailable to users.

Methods for configuring a network to filter out known DoS attack software and to recognize some of the traffic patterns associated with a mounting DoS attack are available. However, current filters usually rely on the computer being attacked to check whether or not incoming information requests are legitimate or not. This consumes its resources and in the case of a massive DDoS can compound the problem.

Now, computer engineers John Wu, Tong Liu, Andy Huang, and David Irwin of Auburn University have devised a filter to protect systems against DoS attacks that circumvents this problem by developing a new passive protocol that must be in place at each end of the connection: user and resource.

Their protocol – Identity-Based Privacy-Protected Access Control Filter (IPACF) – blocks threats to the gatekeeping computers, the Authentication Servers (AS), and so allows legitimate users with valid passwords to access private resources.

The user’s computer has to present a filter value for the server to do a quick check. The filter value is a one-time secret that needs to be presented with the pseudo ID. The pseudo ID is also one-time use. Attackers cannot forge either of these values correctly and so attack packets are filtered out.

One potential drawback of the added layer of information transfer required for checking user requests is that it could add to the resources needed by the server. However, the researchers have tested how well IPACF copes in the face of a massive DDoS attacks simulated on a network consisting of 1000 nodes with 10 gigabits per second bandwidth. They found that the server suffers little degradation, negligible added information transfer delay (latency) and minimal extra processor usage even when the 10 Gbps pipe to the authentication server is filled with DoS packets. Indeed, the IPACF takes just 6 nanoseconds to reject a non-legitimate information packet associated with the DoS attack.

###

“Modelling and simulations for Identity-Based Privacy-Protected Access Control Filter (IPACF) capability to resist massive denial of service attacks” in Int. J. Information and Computer Security, 2009, 3, 195-223

April 6, 2009

April 2009 media tips from Oak Ridge National Laboratory

The latest story ideas coming out of Oak Ridge National Laboratory.

The release:

April 2009 Story Tips

Story ideas from the Department of Energy’s Oak Ridge National Laboratory.

Sensors—Math to the rescue . . .

Making sense of the enormous amounts of information delivered by all types of sensors is an incredible challenge, but it’s being met head on with knowledge discovery techniques developed at Oak Ridge National Laboratory. Some of the strategies and approaches are outlined in a recently published book, “Knowledge Discovery from Sensor Data,” (http://books.google.com/books?id=dq7uAA3ssPcC) edited by a team led by Auroop Ganguly of ORNL’s Computational Sciences and Engineering Division. The book is specifically aimed at analyzing dynamic data streams from sensors that are geographically distributed. “We are especially interested in looking for changes – even ones that are very gradual — and anomalies,” Ganguly said. This work helps to validate and assign uncertainties to models developed to understand issues related to climate, transportation and biomass. Co-authors include Olufemi Omitaomu and Ranga Raju Vatsavai of ORNL. This research was originally funded by the Laboratory Directed Research and Development program. 

Cyber Security—Meeting of minds . . .

Dozens of the nation’s authorities on cyber security will be participating in the Fifth Cyber Security and Information Intelligence Research Workshop April 13-15 (http://www.ioc.ornl.gov/csiirw). The focus of this event, which is open to the public, is to discuss novel theoretical and empirical research to advance the field. “We aim to challenge, establish and debate a far-reaching agenda that broadly and comprehensively outlines a strategy for cyber security and information intelligence that is founded on sound principles and technologies,” said Frederick Sheldon, general chair and a member of Oak Ridge National Laboratory’s Computational Sciences and Engineering Division, a sponsor of the workshop. Other sponsors are the University of Tennessee and the Federal Business Council. The workshop, hosted by ORNL, is being held in cooperation with the Association for Computing Machinery. 

Material—Graphene cleanup . . .

Graphene, a single-layer sheet of graphite, has potential as a remarkable material, particularly for electronics and composite applications. However, working with the material leaves molecular-scale rough edges, which can spoil its properties. Researchers at MIT and the Laboratory for Nanoscience and Nanotechnology Research (LINAN) and Advanced Materials Department in San Luis Potosi, Mexico have been working with graphitic nanoribbons. Separate research performed at the Department of Energy’s Oak Ridge National Laboratory developed theory-based computer simulations with quantum mechanical calculations that explain how a process called Joule heating cleans up graphene as the rough carbon edges vaporize and then reconstruct at higher, voltage-induced temperatures. The collaborative project was recently described in Science magazine. 

Energy—Tighten up . . .

An effort to gather environmental data related to the energy efficiency of buildings through weatherization technologies will be conducted in a joint project that includes Oak Ridge National Laboratory’s Building Technologies, Research and Integration Center. ORNL engineer Andre Desjarlais says his group’s research will focus on the study of a building’s air tightness by monitoring unintended air movement – air leakage – between outdoors and indoors. In heating climates, up to 30 percent of the energy used in a building can be attributed to air leakage. The tests will be conducted at Syracuse University, which is also a partner. Other partners are the Air Barrier Association of America and it members, along with the New York State Energy Office. The DOE funding source is the Office of Building Technologies.