Posts Tagged ‘traffic’

By JORDAN ROBERTSON, AP Technology Writer Wed Aug 27, 5:16 PM ET

SAN FRANCISCO – Intercepting Internet traffic, and spying on the communication between two computers, is a gold mine for hackers. Now Carnegie Mellon University researchers hope software they’ve built will make it harder for criminals to hit that jackpot.

The software, a free download for use with latest version of the Firefox Web browser, creates an additional way for people to verify whether the site they’re trying to visit is authentic.

Most browsers already alert users when a site appears bogus. One way is by warning that a site that claims to be equipped to handle confidential information securely hasn’t been verified by a third party, like VeriSign Inc. or GoDaddy.com Inc. Those are two of many companies that sell so-called Secure Sockets Layer certificates, which generate the padlock icon in the address bar.

The problem, the Carnegie Mellon researchers say, is that many people are perplexed about how to proceed once they get one of those warnings about a bad certificate.

Some click through, going on to malicious sites that steal their personal information, while others retreat, skipping over harmless sites that used less expensive, “self-signed” certificates.

So the researchers — David Andersen, Adrian Perrig and Dan Wendlandt — created a program that performs a novel extra step. It can tap into a network of publicly accessible servers that have been programmed to ping Web sites and record changes in the encryption keys they use to secure data.

Any discrepancy can be a sign that hackers are rerouting traffic through machines under their control, a pernicious type of attack known as a “man in the middle.”

As a result, the new program either overrides the security warning if a site is deemed legitimate, or throws up another warning if the subsequent probes reveal more red flags.


On the Net:

Carnegie Mellon researchers’ site:



Read Full Post »

Lawrence Lessig, Lawrence Lessig

Lessig: One of the net’s founding principles is under threat

Tough action is required by US regulators to protect the principles that have made the net so successful, a leading digital rights lawyer has said.

Professor Lawrence Lessig was speaking at a public meeting to debate the tactics some net firms use to manage data traffic at busy times.

He said the Federal Communications Committee (FCC) should act to keep all net traffic flowing equally.

The FCC said net firms had a duty to tell customers about data management.

No more rules

The seven-hour public meeting was held at Stanford University and featured presentations from Prof Lessing, songwriters, network administrators and net engineers.

Prof Lessig said one of the principles that guided the foundation of the net was that all traffic should flow equally across it.

This principle of net neutrality, he said, was being eroded as net firms manage traffic and place restrictions on what their domestic broadband customers can do.

Consumers must be fully informed of the exact nature of the service they are purchasing
Kevin Martin, FCC

The meeting was called by the FCC in reaction to the news that US net firm Comcast had been exposed as managing traffic by stopping some of its 13m customers uploading files to BitTorrent and other peer-to-peer networks.

The FCC has started a formal investigation to see if Comcast merits a fine for its actions.

In response to the publicity surrounding its actions, Comcast has said it would change its policy.

In the UK many net firms manage traffic at peak times in a bid to ensure that everyone gets the highest broadband speed possible.

Prof Lessig said there had to be clear rules, perhaps involving financial incentives, to force net firms to respect net neutrality. Current rules, he warned, meant that many firms were tempted to manage traffic to protect profits.

At the meeting the two Democrats who sit on the five-strong FCC board said it needed new powers to make sure net firms complied with net neutrality principles.

But the two Republican commissioners on the board warned against over-burdening net firms with more rules.

Summing up, FCC chairman Kevin Martin said its net policies were powerful enough but just needed to be properly enforced.

He said there was nothing wrong with net firms managing traffic as long as they kept customers fully informed.

“There must be adequate disclosures of the particular traffic management tools,” said Mr Martin. “Consumers must be fully informed of the exact nature of the service they are purchasing.”

Read Full Post »