Posted 12/02/09 at 03:32:57 PM by Bart Salisbury

With all the promise offered by the Internet, it seems to be evolving instead into a rabbit warren of risk. Can’t step outside your ‘door’ without risking a knife in the ribs. The danger, luckily, isn’t uniform. McAfee, which offers Internet security software, has pieced together a world map identify which countries and which domains are the most risky.

McAfee used its SiteAdvisor technology to crawl the web and test domains for security threats--a total of 27 million domains in all. Overall, McAfee reports that 5.8% of them were a problem. The percentage of risky sites is up over 2007 and 2008, but, McAfee says, because of a change in methodology it’s not possible to say the Internet has become more risky.

The places to avoid? By Top Level Domain (TLD) they are .CM (Cameroon), with a risk factor of 36.7%, .COM (Commercial), 32.3%, .CN (People’s Republic of China), 23.4%, .WS (Samoa), 17.8%, and .INFO (Information), 15.8%. For downloads the worst place to be is .RO (Romania).

The safest places to play on the Internet (and perhaps the least interesting), are .GOV (Government), .JP (Japan), .EDU (Education), .IE (Ireland), and .HR (Croatia).

The Untied States sits toward the top of the risky list, ranked 17th, with a risk ratio of 3.1%.

McAfee also says the likelihood of receiving spam if registering with an email address has dropped from 7.6% to 2.8%. And the percent of sites delivering viruses, spyware or adware has edged down, from 4.7% to 4.5%. (McAfee cautions that this last finding doesn’t mean there are fewer Potentially Unwanted Programs (PUPs) in the tubes, but rather they are getting harder to detect using standard procedures.)

Overall, sites registered in the Americas, Europe, the Middle East, and Africa are relatively safe. Sites registered in the Asia-Pacific region are not.

Read More

Posted 09/02/08 at 03:45:22 PM by Pulkit Chandna

Two researchers, Alex Pilosov and Anton Kapela, have concocted a technique to exploit the Border Gateway Protocol (BGP) – internet’s core routing protocol. They demonstrated their technique at the DefCon hacker conference in Las Vegas. The threat emanates from the innate credulity of the routing protocol: the BGP apparently is designed to trust all nodes and can be exploited to redirect insane volumes of internet traffic to malevolent networks.

It can be used for spying at a truly unprecedented scale. No, we are not talking about stalking someone on Facebook but nation-state espionage. Millions of users can be exposed within moments of such an attack. A few solutions have already been propounded, but ISPs seem to be watching quietly from the sidelines.

Read More