Security Advisor

Hackers Targeting IPv6 Networks

Plus, Google bypassing browser privacy policies.

Who here hasn't heard the argument from less-than-informed friends and family that they chose a Mac because hackers can't attack it?

We know better. Why attack a target that only has 6.45 percent of global market share for personal computers when you can go after the juicy 92.05 percent of worldwide computer owners with a Windows machine?

The same can be said for those attackers trying to leverage DDoS attacks against IPv6 Web sites. Why attack it if nobody is using it?

That used to be the case for the Internet protocol's short history. According to Arbor Networks' Worldwide Infrastructure Security Report, there is a direct correlation on the growth of attacks and the growth of adoption, which shouldn't be shocking to anyone.

What is shocking (well, alarming) is that a majority of those who have implemented the protocol don't have the personnel to handle security issues. "Even though IPv6 shares many security vulnerabilities with IPv4, and has some unique vulnerabilities unique to IPv6, secure network-centric service provisioning is about much more than protection for data in-flight," said John Spence at IPv6 integration firm Nephos6.

In other words, just because you knew how to handle the previous generation of tech, don't expect to be an expert on the new tech (another fact that shouldn't be too shocking).

While security for IPv6 may be lagging, there's nothing like the rising threat of attacks to get enterprises to properly arm themselves.

Have you implemented IPv6 yet, and how have you tackled the issues of security with it? Let me know at cpaoli@gmail.com.

Google's 'Accidental' Browser Bypass
Last week Apple cried foul on Google, saying that it had bypassed Chrome privacy features and inserted tracking cookies on user's systems without their permission.

Google replied that it was an accident.

Now this week Microsoft said the same thing is occurring with Internet Explorer.

Google replied that Microsoft's privacy policy is stupid and should be ignored.

I'm serious. Here's the actual response from Google: "It is well known -- including by Microsoft -- that it is impractical to comply with Microsoft's request while providing modern web functionality," said a Google representative. "We have been open about our approach, as have many other websites."

So how can Google's actions be an accident one week and willful disobedience the next? 

I guess that when you get to be as big as Google, you don't have to play by anybody's rules but your own. Just look at its insane, new privacy policy. It WANTS you to know that it's watching you. And it has little concern over your privacy.

At least there's those that are willing to speak out against this type of practice. This week also brought a filing with the U.S. District Court for Delaware for a class-action lawsuit against Google over its bypassing of browser privacy protocols. And the charges? Violations against the Stored Electronic Communication Act, the Federal Computer Fraud and Abuse Act and the Federal Wiretap Act.

While  I'm not saying Google is guilty, this sounds like the list of charges reserved for a sophisticated criminal enterprise -- not an Internet search company.

So which one is Google: legitimate businessman or mob boss? Let me know at cpaoli@gmail.com.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

SharePoint Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.