Hi Ghosties! We haven’t published our Weekly Digest article in quite a while, but with all that’s been going on, we could not miss another week. Online privacy and security issues have made the headlines through some major issues that got us a bit worried from a multitude of reasons. Here is what we’re talking about:
Recent DDoS attack may have been largest in history
On Friday, October 21st, a series of Distributed Denial of Service (DDoS) attacks caused widespread disruption of legitimate internet activity in the US. The attacks targeted the servers of Dyn, a company controlling much of the Internet’s Domain Name Servers, or the Internet’s equivalent of a phone book, as they maintain a directory of domain names and translate them to Internet Protocol (IP) addresses.
Thus, the DDoS attacks, caused by the Mirai botnet, managed to bring down much of America’s Internet, including sites such as Twitter, the Guardian, Netflix, Reddit, CNN and many others in Europe and the US.
What’s interesting, though, is that the Mirai botnet is largely made up of so-called IoT devices, such as CCTV video cameras and digital video recorders. Since it had so many internet-connected devices to choose from, the Mirai attacks are believed to be much larger than before, involving an estimated 100,000 malicious endpoints. Get more details about this issue from here.
China plans to rate its society based on big data
By 2020, China aims to build a Social Credit System, which will attribute scores to its citizens, in order to build a culture of “sincerity”, where “keeping trust is glorious.”
The ambition is to collect every scrap of information available online about China’s companies and citizens in a single place — and then assign each of them a score based on their political, commercial, social and legal “credit.” Those who fall short would be denied certain privileges and be subjected to expanded daily supervision and random inspections.
Read an eye-opening analysis on the topic here.
Basically, the change implies that your activity on other websites “may be associated with your personal information in order to improve Google’s services and the ads delivered by Google”. However, back in 2007, upon the acquisition of DoubleClick, the organization maintained that its user data was separate from ad tracking.
You can view what Google thinks your interests are, and choose to opt out of personalized ads, here.
Turkey might have hacked its citizens through US firm
Information from Forbes magazine shows that Turkey’s partly state-owned telecom provider, Türk Telekom, requested a feed of subscribers’ usernames and passwords for unencrypted websites, along with a list of what sites they visited and when, from the California-based tech firm Procera Networks.
According to a half dozen current and former employees, who spoke on the condition of anonymity, leaked Procera documents and internal communications, Türk Telekom requested not just a feed of subscribers’ usernames and passwords for unencrypted websites, but also their IP addresses, what sites they’d visited and when.
Türk Telekom apparently benefits from Procera’s services through Sekom, a contractor that has a $6 million contract with the US firm.
Assange, the potential reason of DDos attacks, alive and well
Following the DDoS attacks on October 21st, some voices claimed that they were done in retaliation to events surrounding the fate of WikiLeaks and its founder, Julian Assange.
However, WikiLeaks made it clear that Assange was in no danger and asked for an end of the attack. If he was proven to be threatened in any way, the attacks could have gone a lot worse.
Fortunately, on October 27th, had a live telephone call at a computer conference in Argentina, proving that he is alive and well.