36 Years of the Digest ... founded August 21, 1981
Copyright © 2018 E. William Horne. All Rights Reserved.

The Telecom Digest for Thu, 26 Apr 2018
Volume 37 : Issue 99 : "text" format

Table of contents
Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrencyMonty Solomon
Re: The Phantom of the Open-Source OperaHAncock4
Re: 'No Company Is So Important Its Existence Justifies Setting Up a Police State'HAncock4
---------------------------------------------------------------------- Message-ID: <CAFECF6F-4A16-4ABC-837F-E6F037D46E35@roscom.com> Date: Tue, 24 Apr 2018 15:49:00 -0400 From: Monty Solomon <monty@roscom.com> Subject: Suspicious event hijacks Amazon traffic for 2 hours, ste= als cryptocurrency Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency Almost 1,300 addresses for Amazon Route 53 rerouted for two hours. Amazon lost control of a small number of its cloud services IP addresses for two hours on Tuesday morning when hackers exploited a known Internet-protocol weakness that let them to redirect traffic to rogue destinations. By subverting Amazon's domain-resolution service, the attackers masqueraded as cryptocurrency website MyEtherWallet.com and stole about $150,000 in digital coins from unwitting end users. They may have targeted other Amazon customers as well. The incident, which started around 6 AM California time, hijacked roughly 1,300 IP addresses, Oracle-owned Internet Intelligence said on Twitter. The malicious redirection was caused by fraudulent routes that were announced by Columbus, Ohio-based eNet, a large Internet service provider that is referred to as autonomous system 10297. Once in place, the eNet announcement caused Hurricane Electric and possibly Hurricane Electric customers and other eNet peers to send traffic over the same unauthorized routes. The 1,300 addresses belonged to Route 53, Amazon's domain name system service https://arstechnica.com/information-technology/2018/04/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency/ ------------------------------ Message-ID: <bbd33849-a525-479b-b820-037c3d0ebc0a@googlegroups.com> Date: Tue, 24 Apr 2018 13:28:19 -0700 (PDT) From: HAncock4 <withheld@invalid.telecom-digest.org> Subject: Re: The Phantom of the Open-Source Opera On Tuesday, April 24, 2018 at 2:35:41 PM UTC-4, Bill Horne wrote: > New York Magazine has been running a series called "The Internet > Apologizes," featuring interviews with some of the those who were > present at the creation of the digital world. Noted author Walter Isaacson wrote a book, "The Innovators: How a Group of Hackers, Geniuses, and Geeks Created the Digital Revolution is an overview of the history of computer science and the Digital Revolution" published in 2014 by Simon & Schuster. https://en.wikipedia.org/wiki/The_Innovators_(book) In reading the book, I found myself in disagreement with many of the thoughts of the Internet and personal computer pioneers. In my humble opinion, they had a naïve view of human behavior, and their deliberately designed "open" systems left themselves far too vulnerable to malicious exploitation. How much are we forced to spend today for virus and malware protection, and to fix our systems after a breach? How much does identity theft protection and recovery cost us? As an aside, lately I've been getting robo-calls where the caller ID is fake. IMHO, as mentioned before, that should be blatantly illegal and easy to report; and the carriers should be able (and willing) to track it down. ***** Moderator's Note ***** When I was in high school, I knew a ham operator who worked at the Artificial Intelligence lab at M.I.T., and I met many of the men and women he worked with there. He taught me a bit of lisp, and a little bit about the net, but a lot about the hacker culture and those who were in it. They were not naïve: they were disciplined, wordly, dedicated scientists who were working on a deadline with objectives to meet and bosses to please. They were building a reliable network out of unreliable links - and, for those who never had to use modems or deal with Mother Bell, the data links of that time /were/ unreliable - and they wanted to make it the best they could and put it to work. But - and I am now old enough to say this - they weren't able to think about security. Obviously, there were passwords and lots of things that only they would know about how to access their systems - but "security," as we think of it today, was not something that they were charged with coding. They had a job to do, and thought nothing of working 18-hour days to get it done, but nobody in their leadership was telling them to anticipate that at some future date, some unknown evil-doer would break the rules for commercial gain. Bill Horne Moderator ------------------------------ Message-ID: <cfdd55f8-b3b4-4958-b3c9-022d26de12b0@googlegroups.com> Date: Tue, 24 Apr 2018 13:20:18 -0700 (PDT) From: HAncock4 <withheld@invalid.telecom-digest.org> Subject: Re: 'No Company Is So Important Its Existence Justifies Setting Up a Police State' On Monday, April 23, 2018 at 5:09:00 PM UTC-4, Monty Solomon wrote: > "No Company Is So Important Its Existence Justifies Setting Up a Police State" > > A conversation with legendary programmer Richard Stallman on the real > meaning of "privacy rights" and why he only ever uses cash. > > http://nymag.com/selectall/2018/04/richard-stallman-rms-on-privacy-data-and-free-software.html Unfortunately, as the author notes, in order to survive (i.e. get health care, travel, a place to live, etc) one is mandated to provide personal data. Short of much better privacy laws, there isn't much that can be done. Privacy laws add costs to businesses, and they fight them very aggressively. A big problem is that everyday consumers _like_ the Internet and networks. They like the convenience of being able to get instant credit at a retail store. They like the ease of ordering on-line. They like sharing their personal lives on social media. Heck, I must admit that when I order on-line, I like the fact that my info is already stored and I don't have to retype it, even though that risks it [being] stolen, as happens a lot. My doctor upgraded his computer and they asked me to review my profile. Thank goodness they reviewed it, as the upgrade created lots of significant errors in my record: my address was wrong. They had an obsolete phone number. My medications were wrong. Anyway, how much erroneous crap is out there on our medical or financial records that will come back to bite us in the butt at some point? (Side note: I carry a wallet card I created with my capsule medical history and medications on it. It is most helpful and I recommend everyone have something like it--easy to do on the word processor.) ------------------------------ ********************************************* End of telecom Digest Thu, 26 Apr 2018

Telecom Digest Archives