A Search Engine for the Internet’s Dirty Secrets
Google is helping to power a new
search engine built on a daily scan of the whole Internet.
By Tom Simonite on
December 4, 2015 the technologyreview.com
A map showing the approximate
location of some industrial control systems connected to the Internet, found
using the search engine Censys.
Early this week the Austrian
security company SEC Consult found that more
than three million routers, modems, and other devices are vulnerable to being
hijacked over the Internet. Instead of giving each device a unique encryption
key to secure its communications, manufacturers including Cisco and General
Electric had lazily used a much smaller number of security keys over and over
again.
That security screwup was discovered
with the help of Censys, a search engine aimed at helping security
researchers find the Internet’s dirty little secrets by tracking all the
devices hooked up to it. Launched in October by researchers at the University
of Michigan, it is likely to produce many more hair-raising findings. Google is
providing infrastructure to power the search engine, which is free to use.
“We’re trying to maintain a complete
database of everything on the Internet,” says Zakir Durumeric, the University of
Michigan researcher who leads the open-source project.
Censys searches data harvested by
software called ZMap that Durumeric developed with Michigan
colleagues. Every day Censys is updated with a fresh set of data collected
after ZMap “pings” more than four billion of the numerical IP addresses
allocated to devices connected to the Internet. Grabbing a fresh set of that
data takes only hours.
The data that comes back can
identify what kind of device responded, as well as details about its software,
such as whether it uses encryption and how it is configured. Searching on
Censys for software or configuration details associated with a new security
flaw can reveal how widespread it is, what devices suffer from it, who they are
operated by, and even their approximate location.
Steve Manzuik, director of security
research at Duo Security, says that Censys should help make the
Internet more secure. His researchers used the tool in their investigation of a major security flaw on computers sold by Dell revealed
last week.
Dell had to apologize and rush out
remediation tools after Duo showed that the company was putting rogue security
certificates on its computers that could be used to remotely eavesdrop on a
person’s encrypted Web traffic, for example to intercept passwords. Duo used
Censys to find that a Kentucky water plant’s control system was affected, and
the Department of Homeland Security stepped in.
Censys was born after Durumeric and
colleagues found themselves deluged with requests to run scans to help measure
new problems. This March they helped with the response to a major encryption
flaw affecting some five million websites including those of Apple, Google, and
the FBI (see “Probing the Whole Internet for Weak Spots”).
For a great email parody, view the following link:
=======================================================
https://www.youtube.com/watch?v=HTgYHHKs0Zw
scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
==============================================
Special Bulletin - My just released book,
"You're Hired. Super Charge our Email Skills in 60 Minutes! (And Get That Job...)
is now on sales at Amazon.com
Great Reasons for Purchasing Netiquette IQ
·
Get more
email opens. Improve 100% or more.
·
Receive
more responses, interviews, appointments, prospects and sales.
·
Be better
understood.
·
Eliminate
indecision.
·
Avoid
being spammed 100% or more.
·
Have
recipient finish reading your email content.
·
Save time
by reducing questions.
·
Increase
your level of clarity.
·
Improve
you time management with your email.
·
Have
quick access to a wealth of relevant email information.
Enjoy
most of what you need for email in a single book.
=================================
**Important note** - contact our company for very powerful solutions for IPmanagement (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
==================================================
Another Special Announcement - Tune in to my upcoming radio interview, Sunday, December 6th at 8 a.m. on Rider University's station, www.1077thebronc.com I will be discussing my recent book, above on "Your Career Is Calling", hosted by Wanda Ellett.
In addition to this blog, Netiquette IQ
has a website with great
assets which are being added to on a regular basis. I have authored the
premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to
Improve,
Enhance and Add Power to Your Email". My new book, “You’re Hired! Super
Charge
Your Email Skills in 60 Minutes. . . And Get That Job!” has just been
published and will be followed by a trilogy of books on Netiquette for
young people. You can view my
profile, reviews of the book and content excerpts at:www.amazon.com/author/paulbabicki
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
=============================================================
No comments:
Post a Comment