Category Archives: Technology Lab

amplification, BItTorrent, DDoS, distributed denial of service, DNS, Law & Disorder, NTP, Risk Assessment, Technology Lab

How BitTorrent could let lone DDoS attackers bring down big sites

Some of the most widely used BitTorrent applications, including uTorrent, Mainline, and Vuze are also the most vulnerable to a newly discovered form of denial of service attack that makes it easy for a single person to bring down large sites.

The distributed reflective DoS (DRDoS) attacks exploit weaknesses found in the open BitTorrent protocol, which millions of people rely on to exchange files over the Internet. But it turns out that features found uTorrent, Mainline, and Vuze make them especially suitable for the technique. DRDoS allows a single BitTorrent user with only modest amounts of bandwidth to send malformed requests to other BitTorrent users.

The BitTorrent applications receiving the request, in turn, flood a third-party target with data that’s 50 to 120 times bigger than the original request. Key to making the attack possible is BitTorrent’s use of the user datagram protocol, which provides no mechanism to prevent the falsifying of IP addresses. By replacing the attacker’s IP address in the malicious request with the spoofed address of the target, the attacker causes the data flood to hit victim’s computer.

Read 4 remaining paragraphs | Comments

exploits, Law & Disorder, malvertising, malware, Risk Assessment, Technology Lab, vulnerabilities

My browser visited Weather.com and all I got was this lousy malware (Updated)

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo’s ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Read 3 remaining paragraphs | Comments

amazon cloud, data centers, Netflix, Technology Lab

Netflix shuts down its last data center, but it still runs a big IT operation

Netflix has been shifting technology from in-house data centers to third-party facilities for years now, and it says that the process is coming to its logical conclusion—the company is shutting down the last of its data centers.

Netflix still operates a huge IT infrastructure, but it’s located in Amazon’s cloud data centers, the facilities of Internet service providers, and Internet exchange points where many companies exchange traffic.

In an article titled “Netflix to pull plug on final data center,” The Wall Street Journal’s CIO Journal blog reported yesterday:

Read 6 remaining paragraphs | Comments

Android, exploits, Gear & Gadgets, malware, Risk Assessment, Technology Lab, vulnerabilities

Android security on the ropes with one-two punch from researchers

Android security woes got worse on Thursday, with two separate reports of code defects that put millions of end users at risk.

The first involves the update Google released last week fixing a flaw that allowed attackers to execute malicious code on an estimated 950 million phones with nothing more than a maliciously crafted text message. Seven days later, security researchers are reporting that the patch, which has been in Google’s possession since April, is so flawed that attackers can exploit the vulnerability anyway.

“The patch is 4 lines of code and was (presumably) reviewed by Google engineers prior to shipping,” Jordan Gruskovnjak and Aaron Portnoy, who are researchers with security firm Exodus Intelligence, wrote in a blog post published Thursday. “The public at large believes the current patch protects them when it in fact does not.”

Read 6 remaining paragraphs | Comments

Features, IT, Software, Technology Lab

How to succeed in business—er, remote IT work—without really trying

With more people than ever using ’em, it’s probably difficult to find an Ars reader who doesn’t have a family member or old friend that’s lost at sea when it comes to keeping a computer running. And when that familiar call or e-mail comes—”Do you have a minute? How do you…”—it’s instantly obvious. This person needs a significant amount of long-term help.

In today’s ever more technological and connected world, these requests tend to come often. And while it’s maddening enough playing amateur IT professional for someone in the same house, how do you cope when increasingly the tech-challenged live across town or even across the country? To no one’s surprise, there are as many strategies out there as there are readers.

Luckily for you (and agonizingly for me), I’ve had some experience here.

Read 40 remaining paragraphs | Comments

Ministry of Innovation, Technology Lab, throttling, unlimited data, verizon wireless

Verizon stopped throttling 3G data when net neutrality rules took effect

A year ago, Verizon Wireless announced that it would begin throttling 4G LTE service for users on unlimited data plans, using the same policy it already applied to its slower 3G network. Verizon caved after criticism from Federal Communications Commission Chairman Tom Wheeler, so the 4G throttling never went into effect. However, Verizon kept right on throttling its 3G customers.

That finally changed two months ago, though we didn’t notice it at the time.”Beginning in 2011, to optimize our network, we managed data connection speeds for a small subset of customers—those who are in the top five percent of data users and have 3G devices on unlimited data plans—and only in places and at times when the network was experiencing high demand. We discontinued this practice in June 2015,” Verizon now says on its website. A reader pointed out the updated language to us yesterday, and RCRWireless News reported the change today.

The change in June occurred in the same month that the Federal Communications Commission’s network neutrality rules against throttling took effect. Though carriers could argue that some throttling is allowable under an exception for “reasonable network management,” Sprint stopped throttling its heaviest users just in case.

Read 5 remaining paragraphs | Comments