With the attempted coup in Turkey, reports went out about social media being throttled and/or blocked. We analysed data about this that we collected with RIPE Atlas and the Open Observatory of Network Interference (OONI).
The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. Now that the Snowden files have sensitized us to the level of such activities, we have become acutely aware that many of our tools are just way too trusting, way too chatty, and way too easily subverted. First and foremost in this collection of vulnerable tools is the Domain Name System.
Following my recent research on DNS hijacking and the cases I have personally observed, I wondered whether this is a common practice among the operators. With the help of RIPE Atlas, I started to think of a solution to figure out whether such practice is widespread in other areas of the world.
Large scale IPv6 deployments suggest that IPv6 is at least a technical success - the technology works. Now it's time to visit the other important question: does it work commercially? Does IPv6 really come with a positive business case? We are about to find out, if you help us... (for instance by filling in the poll next to the article)
You might not have noticed, but there are chances that your ISP is playing nasty tricks with your DNS traffic.
Some of the third version of RIPE Atlas probes have recently had an issue with their USB sticks. We're investigating what may be causing this issue and have a possible solution, outlined below. (At the same time, we're also looking into a new hardware solution for the future.) If you've had trouble with your probe, please follow these simple steps. RIPE Atlas users everywhere will thank you for getting your probe back online - and we will, too!
What makes the Internet of Things (IoT) different from the Internet as we know it? Today's Internet connects people, while the Internet of Things connects... things. What are these things? In the case of IoT, it means embedded computer chips that are attached to some physical device with networking capability.
In June 2016, the Organization for Economic Cooperation and Development (OECD) hosted a meeting of ministers to consider the state of the Digital Economy. The central message from this meeting was the message that: “Governments must act faster to help people and firms to make greater use of the Internet and remove regulatory barriers to digital innovation or else risk missing out on the potentially huge economic and social benefits of the digital economy.” All well and good, and as a piece of rhetoric, it seems to strike an appropriately positive note without straying far from what appears to be bland truisms of our time.
In this article, I'm showing how we can mitigate DNS attacks by implementing a stateless firewall filter at the aggregation or edge router.
There are about 600 DNS root server instances deployed around the world. But does everyone have an equal level of access to a root server in their region? Are they fairly distributed? Do all major (and country level) network operators recognise the value in deploying (or peering with) a root server in their network?