346 – 0X15A – 101011010

The very first Threat Of The Week was posted on 1st February 2013. Since then ITC has published it every week.

Today’s blog is the 346th, and as it happens the last, at least to be written by yours truly.

All good things come to an end (bad things tend to linger).

This week has seen interesting developments in the proposed adoption of DNS-OVER-HTTPS, enhancements to TLS, a very serious Linux bug (surprise!) and yet another Facebook SNAFU.

The first two are very interesting in the context of the unstoppable privacy wave that is coming down the pipe.

It appears to be the case that the broadband industry has been whinging about the adoption of DNS-OVER-HTTPS. In the USA, ISPs have been lobbying congress about the adoption of secured DNS, which of course obfuscates DNS requests from inspection.

This has a massive impact on ISPs who can use DNS lookup data for a plethora of marketing purposes like injecting advertising (for which they get paid). It also has a major impact within the enterprise, many of which use DNS inspection to reveal rogue traffic. For instance, the likes of Cisco, Darktrace and all of the rest.

When you add this to the inevitable TLS 1.3 adoption, there will have to be a better way to identify malware activity on your network, many of which are already using SSL/TLS to hide.

Fortunately, technologies which facilitate detection under this environment are available and ITC would be very happy to help you.

Moving on to the Linux bug, if you run Linux platforms, you need to be aware of a new serious issue in a Linux module, in this case Libarchive. As this excellent article by the very thorough people at Sophos Naked Security points out, if you run Debian or Ubuntu, pay attention.

As for Facebook, we all know that the data sharing shizzle was developed too quickly and will probably never be secure. Great news going into a general election with potential interference issues. Yes, yes they are still at it.

As ever, the highly proficient and capable ITC staff would be more than happy to help you out with any of these issues. Contact them at: [email protected] or call 020 7517 3900.

On a personal note, it has been a privilege to write this blog for so long, thank you all for reading it. Special thanks go out to all the ITC staff who have helped with the content (The SOC team especially), my troop of Jedi Greybeards and of course ITC’s Marketing team, in particular Sophia Casimir.

I will continue blogging (after 7 years, I am addicted). See my LinkedIn if you haven’t had enough.

Wishing everyone at ITC, long suffering readers, customers and associates all of the very best.