{"id":1635,"date":"2013-04-06T11:54:02","date_gmt":"2013-04-06T15:54:02","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1635"},"modified":"2013-04-06T11:54:02","modified_gmt":"2013-04-06T15:54:02","slug":"possible-security-disasters-loom-with-rollout-of-new-top-level-domains-ars-technica","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/04\/06\/possible-security-disasters-loom-with-rollout-of-new-top-level-domains-ars-technica\/","title":{"rendered":"Possible security disasters loom with rollout of new top-level domains"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/arstechnica.com\/security\/2013\/04\/possible-security-disasters-loom-with-rollout-of-new-top-level-domains\/\"><img decoding=\"async\" alt=\"\" src=\"http:\/\/nccomputertech.files.wordpress.com\/2013\/04\/danger.jpg\" \/><\/a><\/p>\n<p>Plans to populate the Internet with dozens of new top-level domains in the next year could give criminals an easy way to bypass encryption protections safeguarding corporate e-mail servers and company intranets, officials from PayPal and a group of certificate authorities are warning.<br \/>\nThe introduction of Internet addresses with suffixes such as &#8220;.corp&#8221;, &#8220;.bank&#8221;, and &#8220;.ads&#8221; are particularly alarming to these officials because many large and medium-sized businesses use those strings to name machines inside their networks. If the names become available as top-level domains to route traffic over the Internet, private digital certificates that previously worked only over internal networks could potentially be used as a sort of skeleton key that would unlock communications for huge numbers of public addresses.<br \/>\nA secure sockets layer certificate used by employees to access a company intranet designated as &#8220;.corp&#8221;, for instance, might be able to spoof a public credential for the website McDonands.corp or Ford.corp. Employee laptops that are used at an Internet cafe or other location outside of a corporate network might also be tricked into divulging private information.<br \/>\n&#8220;If the appropriate service endpoints are available, these clients will next begin to dump confidential data and potentially pull incorrect information and apply damaging state changes,&#8221; PayPal Information Risk Management officials Brad Hill and Bill Smith wrote in recently published letter to Fadi Chehade and Stephen D. Crocker, the chief executive and chairman respectively of the Internet Corporation for Assigned Names and Numbers (ICANN). &#8220;The potential for malicious abuse is extraordinary, the incidental damage will be large even in the absence of malicious intent, and such services will become immediate targets of attack as they inadvertently collect high-value credentials and private data from potentially millions of systems.&#8221;<br \/>\nThe security concerns come in response to ICANN&#8217;s plans to create a variety of new top-level domains by the end of this year to bolster currently available suffixes such as &#8220;.com&#8221;, &#8220;.net&#8221;, and &#8220;.biz&#8221;. Last week, VeriSign also sharply criticized the plan, saying the speed at which ICANN was moving threatened the stability of the Internet address system.<br \/>\nA report recently published by ICANN&#8217;s Security and Stability Advisory Committee provides support for the security concerns, which in addition to PayPal are being voiced by members of a group of certificate authorities. Citing data assembled three years ago by the Electronic Frontier Foundation&#8217;s SSL observatory, the report said there were 1,053 certificates signed by recognized authorities that end in 63 strings which are candidates to become top-level domains. Such a scenario might make it possible for &#8220;man-in-the-middle&#8221; attackers, who control a connection between a website and end users, to spoof traffic in a way that would completely bypass encryption protections provided by SSL.<br \/>\n&#8220;If an attacker obtains a certificate before the new TLD is delegated, he\/she could surreptitiously redirect a user from the original site to the attacker site, present his certificate, and the victim would get the Transport Layer Security\/SSL (TLS\/SSL) lock icon,&#8221; the ICANN report stated. &#8220;This poses a significant risk to the privacy and integrity of HTTPS communications as well as other protocols that use X.509 certificates (e.g. TLS\/SSL-based e-mail communication).&#8221;<br \/>\nThe report went on to say that the number of &#8220;short name&#8221; certificates that could collide with the new domains is almost certainly much higher. That&#8217;s because the SSL Observatory only scanned for certificates publicly advertised on the Internet. That leaves most private certificates unaccounted for. Another reason the SSL Observatory is likely understating the problem is that it probably doesn&#8217;t scan many ports used by e-mail servers.<br \/>\nICANN officials didn&#8217;t respond to an e-mail seeking comment for this article.<br \/>\nFull Story: <a href=\"http:\/\/arstechnica.com\/security\/2013\/04\/possible-security-disasters-loom-with-rollout-of-new-top-level-domains\/\" target=\"_blank\">Possible security disasters loom with rollout of new top-level domains | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plans to populate the Internet with dozens of new top-level domains in the next year could give criminals an easy [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7,10],"tags":[298,455],"class_list":["post-1635","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-technology","tag-domains","tag-hacking"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-qn","jetpack-related-posts":[{"id":8857,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/03\/07\/these-are-the-worst-domains-for-harboring-malware\/","url_meta":{"origin":1635,"position":0},"title":"These are the worst domains for harboring malware","author":"NCCT","date":"March 7, 2016","format":false,"excerpt":"By Lucian Constantin | IDG News Service | PCWorld Generic top-level domains (gTLDs) that have sprung up in recent years have become a magnet for cybercriminals, to the point where some of them host more malicious domains than legitimate ones. Spamhaus, an organization that monitors spam, botnet and malware activity\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5958,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/10\/crypto-certificates-impersonating-google-and-yahoo-pose-threat-to-windows-users\/","url_meta":{"origin":1635,"position":1},"title":"Crypto certificates impersonating Google and Yahoo pose threat to Windows users","author":"NCCT","date":"July 10, 2014","format":false,"excerpt":"People using Internet Explorer and possibly other Windows applications could be at risk of attacks that abuse counterfeit encryption certificates recently discovered masquerading as legitimate credentials for Google, Yahoo, and possibly an unlimited number of other Internet properties. A blog post published Tuesday by Google security engineer Adam Langley said\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":7570,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/05\/malicious-advertisements-on-major-sites-compromised-many-many-pcs\/","url_meta":{"origin":1635,"position":2},"title":"Malicious advertisements on major sites compromised many, many PCs","author":"NCCT","date":"February 5, 2015","format":false,"excerpt":"Attackers who have slipped malicious advertisements onto major websites over the last month have potentially compromised large numbers of computers. Several security vendors have documented attacks involving malicious advertisements, which automatically redirect victims to other websites or pages that silently attack their computer and install malware. \u201cWe certainly see malvertising\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7150,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/17\/russian-malware-targets-wordpress-users-over-100000-sites-infected\/","url_meta":{"origin":1635,"position":3},"title":"Russian malware targets WordPress users, over 100,000 sites infected","author":"NCCT","date":"December 17, 2014","format":false,"excerpt":"Our blog was not affected...NCCT. A Russian malware dubbed SoakSoak has infected nearly 100,000 WordPress websites since Sunday, prompting Google to blacklist over 11,000 of those domains (the number is increasing), according to a report from cybersecurity firm Sucuri. The malware exploits a previously-known vulnerability in a WordPress plugin called\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7965,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/02\/google-chrome-will-banish-chinese-certificate-authority-for-breach-of-trust-updated\/","url_meta":{"origin":1635,"position":4},"title":"Google Chrome will banish Chinese certificate authority for breach of trust [Updated]","author":"NCCT","date":"April 2, 2015","format":false,"excerpt":"Google's Chrome browser will stop trusting all digital certificates issued by the China Internet Network Information Center following a major trust breach last week that led to the issuance of unauthorized credentials for Gmail and several other Google domains. The move could have major consequences for huge numbers of Internet\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/handcuffs-640x301.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/handcuffs-640x301.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/handcuffs-640x301.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":3106,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/05\/attackers-reported-seeding-cloud-services-with-malware\/","url_meta":{"origin":1635,"position":5},"title":"Attackers reported seeding cloud services with malware","author":"NCCT","date":"August 5, 2013","format":false,"excerpt":"LAS VEGAS -- Malware writers are ramping up their use of commercial file hosting sites and cloud services to distribute malware programs, security researchers said at this week's Black Hat conference here. Traditionally, malware writers had distributed their malicious code from their own sites. But as security vendors get better\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1635","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1635"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1635\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1635"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1635"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}