Archive | Legal

View all postings from the Legal category in “Security to the Core,” the Arbor Networks Security Engineering and Response Team Blog.

$10M in 10 Minutes? – Security Implications of UAL Bankruptcy Snafu

Unless you’re living under a rock, it’s likely you’ve already shaken your head at least once today at the impact an archived, 6 year old newspaper article had on United Airline’s (UAUA) stock today.  If you are living under a rock, then read this. For anyone even remotely security minded, reading stories like this bring […]

Continue Reading

Net Neutrality’s Unintended Consequence

Most of the discussion surrounding net neutrality to date seems to revolve around fixed broadband consumers complaining that ISPs are unjustly mucking with their traffic, discriminating between different traffic types, and providing prioritization without their consent — and the providers shouldn’t be. Rob took a bit of a consumer-centric view to practically addressing net neutrality […]

Continue Reading

5 Ways to Molest Internet Users

A good bit of the attention garnered by DMK’s ToorCon presentation focused on how ISPs are employing Provider-In-The-Middle Attacks (PITMAs) to collect ad-related revenue from their customers, and how security “of the web” ends up being fully gated by the security of the ad server folks. While I completely agree with this, I would emphasize […]

Continue Reading

IPv4 Exhaustion::Trading Routing Autonomy for Security

To see who’s been paying attention, let’s kick this off with a quiz. What do the following three items have in common: Allocation authentication (i.e., titles) for Internet numbers (i.e., IPv4 & IPv6 addresses, AS Numbers) Inter-domain routing security on the Internet IPv4 exhaustion If your answer was along the likes of: 2 requires 1 […]

Continue Reading