Last Day to Get an iPad Air with Smart Keyboard, or Surface Go, or $300 Off with OnDemand or vLive Training through Today Only!

SANS Security Trend Line

This Old Internet: Putting #Norm, #Rich and #Tom to Work on Replacing Rotted Out Internet Joists and Plumbing

I've been a faithful viewer of the public TV show "This Old House"1 since around 1986, when Tom Silva joined Norm Abram and Rich Trethewey in renovating older houses on a very educational show. Almost invariably, they would find that the outside of the house might look fine, the family living inside was humming along - but there were termites in the joists and the plumbing was corroding, or the electrical wiring was just not up to the demand of today's home appliance and device loads.

In yesterday's SANS Newsbites, I commented on an article about DNSSEC:

DNSSEC Adoption Growing in Government, But Unpopular with eCommerce and Finance (February 18, 2013)

Although DNSSEC (DNS Security Extensions) technology helps prevent spoofing of websites, none of the top e-commerce companies or banking and financial services companies have deployed it fully. In contrast, two-thirds of US government agencies are using DNSSEC, although some of the agencies are signing their domains incorrectly. -

[Editor's Note (Pescatore): I imagine that in the US in 1963 there were similar stories about the unpopularity of a change required to make delivery of physical messages more reliable. It was called the Zone Improvement Plan - and these days we routinely put ZIP codes on snail mail addresses without grumbling. Need to get over that hump with DNSSEC - and then use the freed-up energy to push BGP and SSL Certificate Authority security improvements up the next hill.

The DNS system, BGP and the way SSL works are three key pieces of "This Old Internet" that really do need to be renovated. There are several other things under that hood that need to be modernized, as well. One is the way passwords are stored - too often this is done insecurely, but even the accepted secure solutions have grown old and prone to easy brute force cracking.

So, it was great to see the Password Hashing Competition kicked off, with a broad panel of judges inlcuding members from NIST, Microsoft, FreeBSD and other places. Check it out, support the review process with your input.

1 - For you readers outside North America, "This Old House" is a show where really talented working plumbers, carpenters, woodworkers and landscapers help homeowners renovate their houses with really expensive new heating systems, complicated faucets, tubs, stoves and all kinds of the latest crazy ideas the home furnishing industry has (glass walls around bathrooms?? refrigerators with Internet connections??) But if you ignore the hype, a very interesting and informative show about making focusing on the infrastructure of a house first, then adding the glitz on top.

Post a Comment


* Indicates a required field.