Wednesday, 30 November 2011

Are We Trying To Run Before We Can Walk

Yesterday the Chancellor announced an extra £5bn for infrastructure projects, including the roll out of broadband.  Initially, approximately £100m will be used to enable higher speeds in the capital cities of the England, Scotland, Wales and Northern Ireland.  But is that really the priority in these harsh economic times.  What about the digital divide between the cities and rural areas. 

Admittedly, with the average speed of broadband under 7 Mbps it is important that we enable our broadband network to reach speeds of up to 100Mbps so that we can compete with the emerging economies of the world.  However, we seem to be forgetting the significant number of people who do not have access to even low speed broadband: those that live in more isolated areas.  Even by the end of 2014 BT will have only reached two thirds of of UK homes and businesses with its fast broadband.  And as most rely upon BT to provide the wholesale bandwidth this means it applies to majority of the broadband offerings.  This seems rather slow bearing in mind that the UK Government had already allocated £530m to encourage local authorities in this endeavour.

Perhaps the answer lies in a different direction: wireless broadband.  In the US there are already a number of providers offering broadband services using WiMAX technology.  Now with the progress on Long Term Evolution (LTE) wireless offerings it would seem that mobile broadband might be available before copper based high speed broadband reaches rural areas.  Perhaps the money would be better spent helping to accelerate this infrastructure.  That's not to say that wireless broadband is without its problems - the two main US providers (Clearwire and Light Squared) have suffered from either funding problems or regulatory issues. 

And, there are those that say that with limited spectrum, demand may exceed supply before an economic return could be realised.  But, I have faith that emerging technologies will surprise many and make our use of limited spectrum more and more efficient.  After all, we have progressively managed to flow more and more data down copper links so why not wirelessly.  A good example, is the development of Cognitive Radio (CR).  Basically, CR allows a set area of the spectrum to be used intelligently so that it is used to maximum capacity.  With research in this area coming up with new and more effective algorithms as we speak I cannot believe that progress will not be rapid once the telecoms providers decide they need it.

So, maybe rather than putting in more money to just procuring the existing technologies in the hope of achieving rural coverage, and limiting superfast broadband to the cities, the UK Government might like to put a significant amount into research into these emerging techniques as a means of achieving more for less.

Tuesday, 29 November 2011

Landmark Decision Means ISPs Have Dodged A Bullet

For a considerable time now Internet Service Providers (ISP) in Europe have been awaiting the outcome of a case being considered by the European Court of Justice (CJEU) which if upheld would have required ISPs to monitor all peer-to-peer traffic, determine if the content was the copyright of a third party and if it was block the communication.  The action was originally bought by the Belgian Society of Authors, Composers, and Publishers against Tiscali in 2007.  The result was an injunction requiring Tiscali to install software that would monitor all peer-to-peer communications to ensure no illegal copying of music occurred.

Not surprisingly Tiscali appealed and it finally ended up in the CJEU.

To cut a long story short, the CJEU found that the type of monitoring that would be required was prohibited by the Article 15 of the E-Commerce Directive (see the E-commerce Directive here) which states that Member States shall not impose a general obligation on providers to monitor the information which they transmit or store nor a general obligation actively to seek facts or circumstances indicating unlawful activity.  Hence, CJEU ruled that the Belgian courts had no right to grant the injunction.  Well, that seems pretty conclusive.

However, as will all things European there was a lot on the background statement given by the court that should still worry the ISPs, not least the concept of "proportionality" ie all situations require a balance between  the rights of free trade and the right to prevent illegal actions.  I suspect the ISPs haven't heard the last of this.  But at least for now the buck doesn't stop with them as far as illegal file sharing is concerned.

Monday, 28 November 2011

International Workshop on Digital-forensics and Watermarking

International Workshop on Digital-forensics and Watermarking

Analysis Emerges About Government Cyber Strategy

It's fascinating to watch the various interpretation that have emerged over the weekend following the release on Friday of the UK Government Cyber Strategy.  Some do appear to have come up with some quite extreme interpretations such as that from ZNet (http://www.zdnet.com/blog/london/uk-government-8216planning-to-launch-stuxnet-like-attacks-against-hostile-states/1128) who read from the document that the UK was about to go on the offensive with attacks such as the Stuxnet attack of 2010 through clandestine means.  However, as if to salve their own journalistic conscience they did add that it had been worded "vaguely".  Quite.

Of more interest are those that have picked up on the fact that the MoD will be involved in developing capability alongside GCHQ.  British Forces Broadcasting Service of all people gave a succinct interpretation which I thought was really rather good, although a tiny bit of irony perhaps in having to admit that they had lost quite so much data:


Saturday, 26 November 2011

Beware Free Software: You Might Get More Than You Bargained For

I've been preparing a lab for our Level 3 students studying Computer & Network Security.  To make the whole exercise more interesting I've been looking for a free packet sniffer that we can use to demonstrate how easy it is to capture network traffic and analyse what unwitting users are telling you about themselves.  I was interested, therefore, to see in a well known security newsletter that there was a completely free packet capture and analysis tool.  Worth a look I thought.  Afterall, free software is just what we need as an impoverished  University.

My suspicions were aroused by the fact that the URL given was a "ru" domain but surely I could be sure that this software was safe as it had been listed by a journal known by those in cyber security as quite reputable.  Well, being an old cynic I just had to double check.  Sure enough I popped the URL into McAfee Site Advisor (http://www.siteadvisor.com/) and a flurry of red crosses resulted.  The network sniffer contained a trojan (BackDoor-AZN trojan,Artemis).  So maybe being an old cynic isn't so bad after all. 

This set me to thinking.  This is actually one of the oldest tricks in the book.  However, this time it looks like it might be an attempt by hackers to use the very people attempting to thwart them to introduce malware to the networks they are meant to be protecting.  Maybe you really do get what you pay for.

So, as I say in my lectures, old cynic that I am, you should always practice your ABC:

A - Assume nothing
B - Believe noone
C - Check everything

If you are looking for a good packet analyser I suggest Colasoft's Capsa 7 or Capsa WiFi.  One is free, but cut down from the full version, and the second is time limited.  And yes I did check these before downloading  even though it was a proper commercial site,  and all I saw were green ticks.  Better safe than sorry.

Cyber Defence Through Community Action

Today sees the start of Malcon (http://malcon.org/) in India.  The clue is in the name: it is a conference about malware.  However, it has some important differences to the now infamous DEFCON gathering in Las Vegas each year, where hackers attend to learn from each other how best to attack systems around the world.  Malcon has a degree of involvement from the Indian government.  Not hidden or disguised: totally in the open.  Whereas DEFCON has a "spot the fed" competition, Malcon appears to welcome government involvement.

The Indian government formed a centrally run register of those who can help organisations to counter and respond to cyber attack.  It is known as the National Security Database (http://nsd.org.in/web/).  The government certifies the individuals they list so that users of the register can trust those that they call upon. Whilst it has existed for some time, the NSD is due to be launched (or some would say re-launched) at Malcon.  The NSD was conceived after the terror attacks in Mumbai in 2008 when India realised it was as vulnerable as anyone else to attack, including cyber attack, particularly on critical national infrastructure.

In many ways the NSD look a lot like some elements of the planned "hub" in the UK.  How successful either model will be has yet to be seen, but at least the Indians have taken action and have put the NSD in place.

In a further demonstration of how a community can (apparently) come together to help defend itself, a not-for-profit organisation has been formed called the Indian Cyber Army (http://www.cyberarmy.in/).  Their ambitions appear very laudable in trying to engage white and black hat hackers in defence rather than attack.  Whats more, they are trying to engage them from a very early age.  However, whether this works or is simply a magnet for black hat hackers to collaborate through will only become clear over time.

Friday, 25 November 2011

UK Government Cyber Security Strategy published today



The new government cyber strategy is out today. The main response is not a technological one but one of education: advising companies as well as government departments when and how they are under attack, and the simple steps, already within their gift, that they can take to repel these attacks.

A key element of the strategy is information sharing. When one organisation suffers an attack then the details and how to cope with it need to be made available to others so they can be suitably prepared should the attack turn in their direction. In a connected world, the very thing that makes cyber-attacks relatively easy can be used to help defend against them. Afterall tehre is no point in receiving a quarterly update that simply tell you what happened. What you want is
real-time infromation to allow to pre-empt an attack.

Why is all of this so important. It is not just that between 5 and 10% of our GDP is directly dependent upon the Internet, and is growing very fast. The real issue is the theft of intellectual property. Earlier this year the Cabinet Office issued a report showing that of the estimated £27bn loss of cybercrime £21bn was related to stealing other people’s ideas (http://www.cabinetoffice.gov.uk/resource-library/cost-of-cyber-crime ). Companies that are key to the UK economy such as Rolls Royce are constantly under attack with the attackers looking to steal valuable commercial ideas such as engine designs and alloy compositions which have taken many millions to develop. And the same is happening elsewhere with examples in recent days of the Norwegian oil industry losing commercially sensitive data through cybercrime.

But the danger does not stop there. In recent days we have seen yet more attacks on infrastructure with the techniques first seen disrupting the Iranian nuclear facilities now evolving to be used to disrupt things like the water supply in Houston, USA.

So, the UK Government strategy will not be about protection government assets alone. The UK Government has a significant role to play in helping UK PLC avoid major commercial losses and serious disruption.