DNS + its Security Risks

DNS stands for “Domain Name System”. A domain name is like the translated, human-friendly version of an IP address: “google.com”, for example. IP addresses are “unique addresses that identify devices connected to the internet or local networks” and they look somewhat like this: “xxx.xx.x.xx.” In the diagram below, the relationship between IP address and domain is outlined pretty clearly. 

A huge risk associated with DNS is something called “typosquatting”; Typosquatting is when people buy domain names that are purposefully incredibly similar to popular, trustworthy domain names that are frequently interacted with by users, in hopes that they press one wrong key and are directed to an alternate site where cybercriminals are able to steal your information or install malware onto your device. Typosquatting is a remarkably easy cyber attack to carry out, since all you have to do is purchase an available domain. This does not change the fact that this is still a very effective form of attack that poses a viable risk to users.

A typosquatting attack for a website looks somewhat like this: google.com is the desired website, goggle.com or even google.org is the hacker’s domain.  For emails, it can look like this: user@yahooo.com vs. user@yahoo.com

Effects

Security researchers performed an experiment with typosquatting email addresses of S&P 500 companies by removing a period in the address, and successfully obtained over 120,000 corporate emails including many with sensitive information. The DNS risk of typosquatting is intertwined with user error, so solutions have been a little difficult to come by. Many large companies have been hit with these types of attacks, most famously google.com vs goggle.com, but also airfrance.com was hit with a arifrance.com attack. 

Solutions

There are effective ways to protect against the dangers of typosquatting. A company can protect against this by paying to trademark their domain name, and purchasing any domains remotely similar so simple user misspellings are less dangerous. As users, we can be very intentional and careful when typing in a URL because a wrong key press can install hazardous malware on your device. These risks are particularly serious with medium-sized and small-sized companies, as they might not have the resources to buy up every possible misspelling of their domain name to keep their consumers safe. Other ways to protect against this threat is to use resources like DNS twist, which search through domain databases to see if there might already be fake domains (with similar spellings, etc)  created to steal traffic. Another way to stay ahead of typosquatting is to frequently monitor the traffic on your website for a rapid decrease in traffic because this is a telltale sign of this kind of cyberattack. DNS is a a very important, though often overlooked component of internet safety and it is imperative we protect ourselves against its areas that may pose risks. 

 

https://www.apple.com/\
Click here

DNS Masking: I don’t think DNs masking should be allowed because it puts the user at risk of going to malicious websites since you can’t be sure the URL you’re clicking is taking you to your desired location in the internet. Users have a right to know and choose what websites they visit. DNS masking should be regulated so users are less vulnerable to phishing attacks and other hostile attempts by hackers to steal your information, etc.

Why is net neutrality important?

Net neutrality is important because it opens the door for economic growth, and helps hinder monopolies which prevent small startups from forming and becoming successful. It keeps the internet a place that is not dominated by a few massive corporations, and it ensures that all internet traffic is treated uniformly. Net neutrality is important because it also helps make sure the average individual is able to browse the internet as they please, and their attention will not be sold by internet providers to corporations seeking to profit from advertising. Net neutrality is also central to avoiding censorship and ensuring the free circulation of truth throughout the internet community. 

Why should ISPs get to decide what content to prioritize?

It is important for ISP’s to decide which content gets prioritized because certain content should not be given equal access. Net neutrality rules have been used in recent years to expand the spread of false information, for example in the Trump Campaign, and ISPs have the power to deprioritize websites that feature harmful spam content and can help direct the internet community to content that is truthful and appropriate. The internet is largely unregulated, and ISPs are in a position to instill structure through prioritization of trustworthy sites while still creating the opportunity for startup companies to compete and gain success among the established ones.

In class we’ve learned about RSA encryption and matrix encryption.

RSA Encryption: RSA uses a double key method, where the data sent uses a public key to encrypt, and the receiver uses a private key to successfully decode the messages. The aforementioned “keys” are the factors of ectremely large prime numbers.

Matrix Encryption: Translate data (a message, etc) to binary, arrange in a matrix, then multiply it by another matrix (the key). The inverse of the key multiplied by the encrypted matrix will decrypt the matrix.

Another form of encryption is AES.  Advanced Encryption Standard uses a “symmetric key algorithm”, meaning the same key is used to encode and decode. It is considered to be one of the most secure forms of encryption, utilized most notably by the US government. AES is considered a “block cipher” meaning it encrypts a block of text rather than one bit at a time. AES has 3 different “versions”– AES-128, AES-192, AES-256– and the difference between each one is the length of the key used: AES 128 uses a 128 bit key, AES 192 uses a 192 bit key and so on. AES has never been cracked.

Another form of encryption is DES. Data Encryption Standard was created in the 1970s and was one of the first encryption methods ever introduced. It also uses a symmetric key algorithm (same key encodes and decodes). This method is not used so much anymore as it can easily be cracked, but it served as an important basis for modern developments of encryption methods. The key length is 56 bits, which is why it is insecure and outdated. A modernized version of DES is called 3DES and it is still very much used to day. It is much more secure than its parent method because it uses 3 56 bit keys to encode data. THe downside to this method is it takes a really long time to encrypt information.

 

-https://futureboy.us/stegano/encinput.html <— the very awesome website 🙂

At the very simplest, Binary is a computer/coding language. It works a little different than most languages, in that its alphabet is solely comprised of 1s and 0s. That’s actually where the prefix ‘bi’ in “binary” comes from, as in two, since the language is comprised of two characters. Binary can be used to represent images, letters, numbers, and even sound.

How does Binary represent music?

Music/audio can be represented by binary in that a microphone can convert soundwaves into voltage changes, whose values can be transcribed into binary. Soundwaves are analogue, but they have to be translated to a numerical value in order to be able to be computed. This is achieved through ADC, or Analogue-Digital-Converter. The ADC works like this: a sample of the soundwave is taken that records the location along the soundwave and the time that corresponds with the sample. Now that the soundwaves have been converted to numbers, they can easily be converted to binary. The bit rate and the sample rate determine the quality in addition to the size of the binary file. (Bit Rate= # of bits utilized to store every sample, Sample Rate: # of samples taken every second). Ideally, you transcribe music to binary with a high sample rate, taking data every fraction of a second, so the file will be more accurate, detailed, and simply of a higher caliber. The binary file then contains the song so it may be played by the computer.

Mac Demarco

Mac Demarco is a singer-songwriter from Canada, famous for his Alternative/Indie sound. He has released 6 studio albums, my personal favorite being his 3rd album: Salad Days. I recently had the pleasure of going to see him perform at a little music festival at the Napa Vineyard Gundlach-Bundschu, which my friend took me to for my birthday. He is spectacular in concert! His music evokes a relaxing, smooth feeling. He is a great performer, who is very interactive with the audience. He even played an unreleased song, called “I like her” which was a beautiful, soulful ballad that has made me very eager for the release of his next album. Here is a photo I took! Also, I’ve attached his most popular and one of his best songs below.

Here are some photos I’ve taken this december! I feel overjoyed to have academic weights be lifted off of my shoulders during this week and next week. It’s really good to be approaching the finish line of school! I hope december continues to be a great month!