Hackers Targeting IPv6 Networks
Plus, Google bypassing browser privacy policies.
Who here hasn't heard the argument from less-than-informed friends and family that they chose a Mac because hackers can't attack it?
We know better. Why attack a target that only has 6.45 percent of global market share for personal computers when you can go after the juicy 92.05 percent of worldwide computer owners with a Windows machine?
The same can be said for those attackers trying to leverage DDoS attacks against IPv6 Web sites. Why attack it if nobody is using it?
That used to be the case for the Internet protocol's short history. According to Arbor Networks' Worldwide Infrastructure Security Report, there is a direct correlation on the growth of attacks and the growth of adoption, which shouldn't be shocking to anyone.
What is shocking (well, alarming) is that a majority of those who have implemented the protocol don't have the personnel to handle security issues. "Even though IPv6 shares many security vulnerabilities with IPv4, and has some unique vulnerabilities unique to IPv6, secure network-centric service provisioning is about much more than protection for data in-flight," said John Spence at IPv6 integration firm Nephos6.
In other words, just because you knew how to handle the previous generation of tech, don't expect to be an expert on the new tech (another fact that shouldn't be too shocking).
While security for IPv6 may be lagging, there's nothing like the rising threat of attacks to get enterprises to properly arm themselves.
Have you implemented IPv6 yet, and how have you tackled the issues of security with it? Let me know at [email protected]
Google's 'Accidental' Browser Bypass
Last week Apple cried foul on Google, saying that it had bypassed Chrome privacy features and inserted tracking cookies on user's systems without their permission.
Google replied that it was an accident.
Now this week Microsoft said the same thing is occurring with Internet Explorer.
I'm serious. Here's the actual response from Google: "It is well known -- including by Microsoft -- that it is impractical to comply with Microsoft's request while providing modern web functionality," said a Google representative. "We have been open about our approach, as have many other websites."
So how can Google's actions be an accident one week and willful disobedience the next?
At least there's those that are willing to speak out against this type of practice. This week also brought a filing with the U.S. District Court for Delaware for a class-action lawsuit against Google over its bypassing of browser privacy protocols. And the charges? Violations against the Stored Electronic Communication Act, the Federal Computer Fraud and Abuse Act and the Federal Wiretap Act.
While I'm not saying Google is guilty, this sounds like the list of charges reserved for a sophisticated criminal enterprise -- not an Internet search company.
So which one is Google: legitimate businessman or mob boss? Let me know at [email protected]