Language Selection

English French German Italian Portuguese Spanish

Worms could dodge Net traps

Filed under
Security

In a pair of papers presented at the Usenix Security Symposium here Thursday, computer scientists said would-be attackers can locate such sensors, which act as trip wires that detect unusual activity. That would permit nefarious activities to take place without detection.

Internet sensor networks, such as the University of Michigan's Internet Motion Sensor and the SANS Internet Storm Center, are groups of machines that monitor traffic across active networks and chunks of unused IP space. The sensor networks generate and publish statistical reports that permit an analyst to track the traffic, sniff out malicious activity and seek ways to combat it.

Just as surveillance cameras are sometimes hidden, the locations of the Internet sensors are kept secret. "If the set of sensors is known, a malicious attacker could avoid the sensors entirely or could overwhelm the sensors with errant data," a team of computer scientists from the University of Wisconsin wrote in its award-winning paper titled "Mapping Internet Sensors with Probe Response Attacks."

But the Wisconsin researchers discovered that the sensor maps furnish just enough information for someone to create an algorithm that can map the location of the sensors "even with reasonable constraint on bandwidth and resources," John Bethencourt, one of the paper's authors, said in his presentation.

Full Story.

More in Tux Machines

SOSCON Booms with 1,000+ Open Source Software Developers

The first-ever Samsung Open Source Conference (SOSCON) opened on Sept. 16 at the Grand Intercontinental Hotel located in Samsung-dong, Seoul. Over 1,000 people attended the largest open source conference in Korea. Prepared by Samsung Electronics, the software developers’ conference has the purpose of sharing open source knowledge and experience as with the annual Worldwide Developers’ Conference (WWDC) of Apple held in San Francisco. The first keynote speaker was former Ubuntu community manager Jono Bacon, who is currently a senior director at the X Prize Foundation. He made a speech on the topic of the value of sharing and the way open source software enriches people’s lives. Read more

Bitcoin for FOSS Projects

There has been a growing interest among Free and Open Source Software ("FOSS") projects in the use of crypto-currencies such as Bitcoin and its myriad derivatives (hereinafter "Bitcoin"). However, uncertainty over the treatment of these currencies by US law has dissuaded developers from from using Bitcoin. This post provides some general guidance on the legal consequences of using such convertible virtual currency. Please note that different jurisdictions address the issues related to Bitcoin differently. The comments provided in this post are restricted to U.S. law. If you are uncertain of your legal obligations, contact the Software Freedom Law Center or seek other legal counsel. Read more

Ozon OS "Hydrogen" Alpha Available For Testing

Ozon OS Ozon OS "Hydrogen" alpha is based on Fedora 20 and it uses GNOME Shell and Gnome apps by default, customized with various extensions. The newly released alpha is aimed at developers and ships with only part of the Atom Shell: Atom Dock, Launcher and Panel, so it's not really interesting for regular desktop users. However, the beta (and obviously, the final release) should include a lot more exiting stuff. Read more

Ubuntu Touch RTM Officially Released – Screenshot Tour

In just a few months, two years will have passed since the official announcement of Ubuntu for mobiles and tablets. It looks like Canonical is almost ready to release the OS on a device that's actually selling in stores, and that will be the true test of the new operating system. The first Ubuntu Touch-powered phones are expected to arrive in December, from Meizu, so the release of an RTM version a couple of months ahead of time is actually very good news. In case you didn't know, RTM means release to manufacturing and indicates that a system is almost complete, feature-wise, and that the developers are now only focusing on the bugs and various performance issues. Read more