Image: Cloudflare

When you visit a webpage, send out an e-mail or watch a funny cat video, how does that particular piece of data find its way from one end of the Internet to the other? You may be aware that the Internet is a collection of many smaller networks, connected to each other using routers. When a router recieves a packet of information, it will check the destination address and then forward it to the next router along the way. That router repeats the process, and so on, until the final destination is reached. So, how do routers know in what direction they should be forwarding these packets? The answer is that they use routing protocols to share information with one another. Suppose that router A knows of a way to reach a certain destination. It will communicate this route to other routers. On receiving this information, router B may answer: sure, you may know of a way to reach that destination, but I know this shorter route!

The Border Gateway Protocol

To connect various different networks together, we really all need to speak the same language. The routing protocol that thus forms the backbone of the Intenet is BGP, the Border Gateway Protocol. Like many of the fundamental protocols that make the Internet work, it was not designed with much focus on security. Routers will simply accept the updates they receive from other routers, without validating the authenticity. And this is, in fact, a big problem!

Read More

Image: Bas van Schaik, CC BY-SA 3.0, Wikimedia

Earlier this month, the Amsterdam Internet Exchange, or AMS-IX, hit a new record: per second, more than 9 Terabits of data passed through the Exchange. To put that into perspective: that’s about 256 movie DVDs, or 469 hours of HD video streaming, or 220 million pages of typed text. In a single second! What is the Amsterdam Internet Exchange, and why are they seeing this much data traffic?

For starters, since the early days of the Internet, traffic volumes have always been growing as new applications were invented and the Internet found an evermore important role to play in our lifes. The current Covid crisis is also definitely having an impact: as more and more people are video conferencing instead of going into the office, or trying to ward of boredom by streaming another Netflix series, data usage continues to grow. So it makes sense for Internet traffic to reach new records. But why exactly is AMS-IX seeing so much of it?

Read More

Donald Trump
Image: Jon Tyson on Unsplash

We’ve talked about the importance of choosing a good password before, and we’re happy to make this point again. Of course you should avoid using passwords like ‘secret’ or ‘12345’. Everybody else is using them and rest assured: hackers are well aware of that. In addition, you should also be careful not to use any personal information: anyone that knows you well enough to know your birthday, the name of your kids or your favourite pets, could have an easy way into your account.

It seems like Donald Trump did not receive this particular word of advice. A Dutch hacker was able to access his Twitter account after no more than 5 tries to guess his password! After entering the password ‘maga2020!’ (from his well-known campaign slogan: Make America Great Again), security expert Victor Gevers found himself having unrestricted access to the president’s 87 million followers. Amazingly, this was not the first time Gevers pulled this off: in 2016 he also managed to login to Trump’s account using the password ‘yourefired’, the catchphrase from the hit TV series the Apprentice, that made Donald famous at the time.

If one hacker can accomplish this in a manner of minutes, just imagine what havoc a dedicated army of state-sponsored Chinese, Russian, or North-Korean hackers could wreak on the accounts of the President of the United States.

The moral of this story: don’t be like Donald and use a password manager to generate and store strong passwords. Also enable two-factor authentication when you can!

Update: after posting, I found an interesting article on the Vrij Nederland website, explaining more about Gevers’ approach as an ethical hacker and his commitment to responsible disclosure. Meanwhile Twitter claims to see no evidence of this hack.

December 17, another update: after this news was initially released, it caused quite some controversy. Many people didn’t believe any of this really happened and suspected Gevers of boasting, while others pointed out his respected reputation in the field of cyber security. Twitter denied seeing evidence of the hack, as I added to the story at the time. The White House also issued a denial, which I didn’t add, as I prefer to report from reliable sources only. In what will perhaps be the final word, the Dutch Ministry now confirmed, based on an investigation by the national police’s High Tech Crime unit, that this hack did in fact take place.

Moon
Image: 2001, a Space Odyssey

Have you ever dreamt of exploring space? Perhaps, in our lifetime, we will be able to do some sightseeing on the Moon. If and when we get there, at least we’ll be able to stream our funny cat videos in HD. NASA and Nokia are working together to bring 4G connectivity to the lunar landscape.

The cellular network will be launched aboard a lunar lander and after touchdown on the Moon surface, should deploy and configure itself. As stated in Nokia’s press release: “The network will provide critical communication capabilities for many different data transmission applications, including vital command and control functions, remote control of lunar rovers, real-time navigation and streaming of high definition video. These communication applications are all vital to long-term human presence on the lunar surface.”

For now the cellular network will be based on proven 4G technology, but a future upgrade to 5G speeds is being planned for. Deploying hardware on the Moon will bring some unique challenges, like dealing with the impact of cosmic radiation and the need for very low power consumption. On the upside, there will be no risk of obstacles or other sources of interference messing up our phone’s reception.

I for one am excited by the thought of the Internet reaching out into space. The Moon will be just the first step, as Elon Musk’s Starlink is already preparing to expand the network to Mars.

 

Merchant
Image: Capcom

Large parts of the Internet still run on IP version 4, which offers about 4 billion different IP addresses for use. For a long time we’ve known that eventually we would run out. For example, RIPE NCC, that manages IP addresses for Europe, the Middle East and part of Asia, no longer has any IP addresses left to hand out since November 2019. The long term solution will be to migrate to IP version 6, but large parts of the Internet are still not quite prepared for that. Meanwhile, if you wanted to start a new Internet Service Provider or build a large new network, you’re simply out of luck… There just are no more addresses available for you.

Perhaps not unsurprisingly, this has led to the rise of marketplaces where you can buy or lease ‘second-hand’ IP addresses. At some of these marketplaces, blocks of IP addresses are traded for around US$20–24 per IP address, or rented out for prices between 20 cents to US$1.20 per month.

Though this does seem to go somewhat against the original philosophy of the Internet, viewing IP addresses as a public resource, perhaps it makes sense. If a domainname like business.com can sell for 345 million dollars (!), then surely a fancy IP-address like 1.2.3.4 must be worth a handsome price!

Source: the Internet Protocol Journal

The social dilemma
Image: Netflix.com

Sometimes, on this blog, we offer some recommended reading. Today, I’d like to suggest some recommended watching, at least for those that have a Netflix subscription or know someone who does. The documentary ‘The Social Dilemma‘ is a fascinating story, related by Silicon Valley insiders, about how social media have slowly turned into gruesomely effective tools to capture your attention and sell it to the highest bidder.

To paraphrase from the movie: on one side of the screen is you, and on the other side of the screen are dozens of the world’s best experts, aided by supercomputer AI’s. They do not have your best interest in mind. Imagine how that battle is going to play out?

While I’m certainly very worried by such developments, I still strongly believe computer networks can be a force for good, bringing people together and sharing knowledge ever more widely. In the end, it’s in our own hands to decide how we’ll design the tools of the future and at what price we’re willing to use them. Initiatives like the Decentralised Web offer a different vision for the future, where we could take control of our data back from big business.

Image: Apple / Google

With much of the world still suffering the effects of the Coronavirus, many of us are hoping for a vaccin or cure to be found. With many suggestions being looked at, from swallowing cleaning agent (sorry Donald: not helpful!) to utilising Llamas (not as crazy as you may think!), a breakthrough may happen, but experts caution us it may take years for an effective vaccin to become available.

Meanwhile, contact tracing apps promise us a different road out of lockdown. What is contact tracing, what technology would an app use to do this, and what are some of the privacy concerns involved? Read more in this article, where we look at a number of different ways to make this happen.

Read More

Wired Magazine
Image: Ramona Rosales, Wired.com

Today’s recommended reading: the story of Marcus Hutchins, about a boy growing up to develop extraordinary computer skills, slowly being swayed towards the dark side of hacking, then ending up saving the world (and quite literally saving lifes) by stopping the infamous WannaCry ransomware attack, only to find himself being haunted by his past…

Please read the excellent article on Wired.com.