By Gerard Best
IBM Security, Packet Clearing House (PCH) and Global Cyber Alliance (GCA) unveiled a free Domain Name System (DNS) service designed to protect all Internet users from a wide range of common cyber threats. Launched on November 16 with simultaneous press events in London, Maputo and New York, the public DNS resolver has strong privacy and security features built-in, and can be enabled with a few changes to network settings, as outlined on the organization’s website.
Using the IP address 220.127.116.11, the aptly named Quad9 service leverages IBM X-Force threat intelligence and further correlates with more than a dozen additional threat intelligence feeds from leading cybersecurity firms, in order to help keep individual users’ data and devices safe. It automatically protects users from accessing any website or internet address identified as dangerous.
“Leveraging threat intelligence is a critical way to stay ahead of cybercriminals,” Jim Brennan, Vice President Strategy and Offering Management, IBM Security, said in a release. “Consumers and small businesses traditionally didn’t have free, direct access to the raw data used by security firms to protect big businesses. With Quad9, we’re putting that data to work for the industry in an open way and further enriching those insights via the community of users. Through IBM’s donating use of the 18.104.22.168 address to Quad9, we’re applying these collaborative defense techniques while giving users greater privacy controls.”
The open, free service became the latest to provide security to end users on a global scale by leveraging the DNS system to deliver a smart threat intelligence feed.
“Quad9 is a free layer of protection that can put the DNS to work for all Internet users,” said John Todd, executive director of Quad9. “It allows optional encryption of the query between the user and the server, and it minimises the amount of data that can leak to unknown destinations. And it uses DNSSEC to cryptographically validate the content of the DNS answers that it’s passing back to users for domain names that implement this security feature.”
It allows users to select from secure and unsecured service, the latter being for more advanced users who may have specific reasons they want to get to malware or phishing sites, or who want to perform testing against an unfiltered DNS recursive resolver. The service can also be extended to IoT devices, which face vulnerabilities such as botnet command-and-control requests.
Not only does Quad9 help Internet users avoid millions of malicious websites, but it also promises to help keep their browsing habits private. Deep-pocketed online advertisers are constantly investing in ways to take personal data from unsuspecting Internet users, in order to edge out competitors and expand markets. Frequently, low-security DNS servers are used to build extensive personal profiles of Internet users, including their browsing habits, location and identity. Many DNS providers, including many larger ISPs, are already in the lucrative business of storing personal data for resale to market research firms or digital advertising groups.
A further blow was struck in April when the US Federal Communications Commission repealed broadband privacy rules that would have required Internet service providers to get consumer consent before selling or sharing personal information with advertisers and other companies. But the fight is far from over. With the launch of Quad9, a group of Internet non-profits has made available a free service specifically designed to put Internet users back in control of their personal data.
The service is deliberately engineered to not store or analyze personally identifiable information (PII). Todd said that decision was, in part, a deliberate stance against the ingrained practice among Internet service providers (ISPs) who collect and resell private information to commercial data brokers such as online marketers.
“Our foremost goal is to protect Internet users from malicious actors, whether the threat be from malware or fraud or the nonconsensual monetization of their privacy. Quad9 doesn’t collect or store any PII, including Internet Protocol addresses. We don’t have accounts or profiles or ask who our users are. Since we don’t collect personal information, it can’t be sold or stolen,” he said.
The new service comes at a time when better protection of consumer data and Internet user privacy are being demanded by stakeholders, including governments. In May 2018, the European Union will adopt the General Data Protection Regulation (GDPR), a set of sweeping regulations meant to protect the personal data and privacy of its citizens.
Like their counterparts in Europe and USA, Caribbean stakeholders also stand to gain from these security and privacy benefits. By some estimates, global cybercrime will cost approximately $6 trillion per year on average through 2021. For businesses in developing economies of the Caribbean, cybercrime is a major concern. Around the region, legislators, law enforcement officials and security experts are locked in a struggle to keep pace with the escalating sophistication of transnational cybercriminal operations. The high cost typically involved in protecting against attacks by blocking them through DNS could explain why that technique has not been used widely by Caribbean businesses and Internet users.
“Sophisticated corporations can subscribe to dozens of threat feeds and block them through DNS, or pay a commercial provider for the service. However, small to medium-sized businesses and consumers have been left behind — they lack the resources or are not aware of what can be done with DNS. Quad9 solves these problems. It is memorable, easy to use, relies on excellent and broad threat information, protects privacy and security, and is free,” Phil Reitinger, president and CEO of GCA, said in a release.
The new Quad9 service shares the global infrastructure of PCH, a US-based non-profit which has over the last two decades established the world’s largest authoritative DNS service network, extending from heavily networked parts of North America, Europe and Asia to the less well-connected areas of sub-Saharan Africa and the Caribbean. PCH hosts multiple root letters and more than 300 TLDs on thousands of servers in 150 locations across the globe.
Quad 9 has 100 points of presence in 59 countries, including 12 in the Caribbean, and plans to double that location count by 2019. Leveraging the expertise and global assets of PCH, the new DNS service promises to offer security and privacy to users in the Caribbean, without compromising speed. Bill Woodcock, executive director of Packet Clearing House, said Quad9 users in those regions could actually experience noticeable improvements in performance and resiliency.
“Many DNS service providers are not sufficiently provisioned to be able to support high-volume input/output and caching, and adequately balance load among their servers. But Quad9 uses large caches, and load-balances user traffic to ensure shared caching, letting us answer a large fraction of queries from cache. Because Quad9 shares the PCH DNS infrastructure platform, all root and most TLD queries can be answered locally within the same stack of servers, without passing query onward and making it vulnerable to interception and collection by others. When Quad9 does have to pass a query onward to a server outside of our control, unlike other recursive resolvers, we use a variety of techniques to ensure that the very minimum necessary information leaves our network and users’ privacy is maximised,” he said.
“This is a service that is squarely aimed at improving the Internet security and privacy situation for the global Internet user base, not just the developed world,” he added. “The fact that we can do it faster is just icing on the cake.”
Written by Gerard Best, Development Journalist
Follow CircleID on Twitter
Read more here:: feeds.circleid.com/cid_sections/blogs?format=xml
Italtel, a telecommunications company in IT system integration, managed services, Network Functions Virtualisation (NFV) and all-IP solutions, has launched an Open Innovation program, which will see it collaborate with start-ups and new businesses to leverage emerging technologies for applications such as Industry 4.0, Smart Cities and Digital Healthcare.
The program will see Italtel collaborate with start-ups and smaller enterprises to develop and test their solutions, with the goal of jointly commercialising them. It will initially focus on the Internet of Things (IoT), Blockchain and cybersecurity technologies.
“Italy has a rich entrepreneurial fabric which stimulates creativity and innovative ideas, but start-ups and small businesses are often limited in what assets they have to develop these ideas further,” said Luca Ferraris, head of Strategy, Innovation & Collaboration, at Italtel. “This is why this program is so important; it provides an innovation network and an opportunity to collaborate which is not limited to the laboratory.”
The use of physical spaces, test plants and IT resources are among the resources Italtel can offer to program participants in Settimo Milanese and Carini (Palermo). In exchange for this support, Italtel will be able to utilize the technologies and applications created under the program and quickly bring them to market.
Since the launch of the program six-months ago, 60 participating companies have already received appraisal for their ground-breaking work, leading to new opportunities in Industry 4.0.
“The scheme is a great opportunity for our partners to receive support in overcoming key industry hurdles frequently faced when launching new products and to have a platform which enables them toreach global markets,” added Ferraris.
For more details about Italtel’s Open Innovation program, including how to join click here.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow
Read more here:: www.m2mnow.biz/feed/
Italtel, a leading telecommunications company in IT system integration, managed services, Network Functions Virtualization (NFV) and all-IP solutions, has launched an Open Innovation program, which will see it collaborate with start-ups and new businesses to leverage emerging technologies for applications such as Industry 4.0, Smart Cities and Digital Healthcare. The program will see Italtel […]
Read more here:: iot.do/feed
In a joint project, IBM Security along with Packet Clearing House (PCH) and The Global Cyber Alliance (GCA) today launched a free service designed to give consumers and businesses added online privacy and security protection. The new DNS service is called Quad9 in reference to the IP address 22.214.171.124 offered for the service. The group says the service is aimed at protecting users from accessing malicious websites known to steal personal information, infect users with ransomware and malware, or conduct fraudulent activity.
Quad9 is said to provide these protections without compromising the speed of users’ online experience. From the announcement: “Leveraging PCH’s expertise and global assets around the world, Quad9 has points of presence in over 70 locations across 40 countries at launch. Over the next 18 months, Quad9 points of presence are expected to double, further improving the speed, performance, privacy and security for users globally. Telemetry data on blocked domains from Quad9 will be shared with threat intelligence partners for the improvement of their threat intelligence responses for their customers and Quad9.”
— The Genesis of Quad9: “Quad9 began as the brainchild of GCA. The intent was to provide security to end users on a global scale by leveraging the DNS service to deliver a comprehensive threat intelligence feed. This idea lead to the collaboration of the three entities: GCA: Provides system development capabilities and brought the threat intelligence community together; PCH: Provides Quad9’s network infrastructure; and IBM: Provides IBM X-Force threat intelligence and the easily memorable IP address (126.96.36.199).”
— Philip Reitinger, President and CEO of the Global Cyber Alliance: “Protecting against attacks by blocking them through DNS has been available for a long time, but has not been used widely. Sophisticated corporations can subscribe to dozens of threat feeds and block them through DNS, or pay a commercial provider for the service. However, small to medium-sized businesses and consumers have been left behind — they lack the resources, are not aware of what can be done with DNS, or are concerned about exposing their privacy and confidential information. Quad9 solves these problems. It is memorable, easy to use, relies on excellent and broad threat information, protects privacy, and security and is free.”
Follow CircleID on Twitter
Read more here:: feeds.circleid.com/cid_sections/news?format=xml
A bird’s-eye view of a playground. The inside of a convenience store. The entrance to a home.
All of these scenes, recorded live by Internet-connected surveillance cameras, have been open to snooping by even the most novice hackers, say researchers at Refirm Labs, a new startup founded by ex-National Security Agency workers. Anyone could remotely view these and scores of other remote locales through a vulnerability affecting certain surveillance cameras manufactured by TRENDnet, a California-based gadget-maker, they said.
Refirm is set to disclose this and other critical vulnerabilities affecting other devices, such as TRENDnet and Belkin routers as well as Dahua security cameras, on Wednesday. The company previewed its findings exclusively with Fortune in the lead-up to their publication.
“I wouldn’t even call this a hack because it doesn’t take any sophistication,” said Terry Dunlap, cofounder and CEO of Refirm, about the vulnerability, which affects TRENDnet’s TV-IP344PI camera model. Tuning into these cameras’ video feeds requires neither authorization nor authentication, but merely the knowledge of a device’s IP address, an easily obtained bit of identifying information, Dunlap said.
The findings call into question whether Trendnet has been taking the security of its products seriously enough in the wake of a 2014 settlement with the Federal Trade Commission that found its security to be lax. Trendnet was forced to abide by tightened regulatory standards–bolstering its information security program and submitting to regular security audits–after a severe vulnerability allowed attackers to monitor and expose hundreds of video feeds from faulty cameras.
The latest version of the TRENDnet camera still has flaws that allow attackers to gain total control of a given camera, to use it to launch other attacks, to “brick” or destroy it, to meddle with its video outputs, or to install new programming instructions on it, the researchers said.
You can watch a demonstration of how hackers can take advantage of some of the bugs here.
TRENDnet was notified of the vulnerabilities this week, Dunlap said.
“We have just received this report, and TRENDnet is currently reviewing it to validate the authenticity of each claim,” said Emily Chae, a spokesperson for TRENDnet, in an email to Fortune on Tuesday. “All TRENDnet products are tested by an internal audit team, and TRENDnet cameras go under further testing by a leading 3rd party security group. We will release a patch soon for any confirmed vulnerabilities.”
Other findings by Refirm included security holes in Belkin routers (model F9K1124v1), TRENDnet routers (TEW-816DRM), and a Dahua security camera (IPC-HDW4300S). The bugs could allow hackers to hijack devices, to meddle with their inner workings, to siphon data from networks, or to burrow deeper inside of them, the researchers said.
Dunlap’s team notified Belkin about the vulnerabilities affecting its products in two reports released in June and Oct. by his previous company, Tactical Network Solutions. Belkin released patches soon after.
“All three vulnerabilities have been addressed and we recommend that Belkin customers update their routers to this latest firmware,” said Karen Sohl, a spokesperson for Belkin.
Like TRENDnet, Dahua is only just learning about the issues affecting their products. Refirm is urging people to avoid Dahua’s products entirely, since it says many of them include hardcoded credentials that allow anyone to tamper with a device’s firmware or install backdoors.
The Refirm team provocatively suggested that this may have been done intentionally.
“This vulnerability is not the result of an accidental logic error or poor programming practice, but rather an intentional backdoor placed into the product by the vendor,” the researchers wrote. “Given that many other Dahua products contain this exact same backdoor, we strongly recommend against connecting any Dahua products to critical or sensitive networks.”
Refirm didn’t explain why Dahua would want to such a thing, and Dahua did not immediately respond to Fortune’s request for comment.
In most cases, Dunlap says, “if developers implemented secure coding practices from the very start, a significant number of IoT [Internet of Things] attacks would not exist today.”
Get Data Sheet, Fortune‘s technology newsletter
Where patches are not available, as is the case for TRENDnet and Dahua, Refirm advises people to sequester their cameras and routers away from internal networks, to limit their access to sensitive resources, or to remove them entirely until further notice.
Read more here:: fortune.com/tech/feed/