Little bit of history
Apart from operating .CZ top level domain, CZ.NIC does a lot of other interesting things contributing to the common good. Part of it is running Czech national CSIRT team, doing security research and raising awareness about potential security issues. As part of our security research, we started wondering a long time ago how much are the average Joes and Janes attacked, by who and how. People that are just connected to the internet, run no public service and are just consumers. If only there was some kind of probe that would allow us to see what is going on there…
In September this year, the Czech Safer Internet Centre (CZ.NIC), in cooperation with the National Cyber and Information Security Authority, presented an online course called Digital Footprint, intended primarily for children aged 10-13. This interactive game focuses on Internet privacy and associated socio-pathological phenomena such as personal data abuse, sexting, digital privacy or cyberbullying.
During the development of the DNS Knot Resolver, CZ.NIC Labs have managed to reveal a security flaw that makes it possible to bypass DNSSEC security on F5 load balancers and cause denial of service. These products are being used, for example, in some internet banking applications, including those of Czech banks and public authorities. From the perspective of a user attempting to access an internet banking service, a successful attack exploiting this error would manifest in the browser suddenly reporting an “address not found” error and the service becoming unavailable.
The CZ.NIC Association joined the campaign – Family Offline Week with the subtitle “We are not afraid to be offline together“, which will be held this year from May 11 to May 19, 2019. The purpose of the 4th year of the campaign is not only to celebrate the International Family Day, on May 15, but above all to think about the excessive use of digital technology. The uncontrolled use of mobile phones, tablets and computers not only causes health problems but also worsens interpersonal relationships. Children from early age play with tablets and mobiles, often losing social contact with their peers.
In March, a delegation of experts from five different organizations focused on child safety on the Internet and personal data protection from Bosnia and Herzegovina visited our Association.
The CZ.NIC Association used the Safer Internet Day to introduce its new project, aimed at children´s safety online. The CZ.NIC Association acts as a coordinator of the project that started on 1 January 2019, another partner is the Safety Line, ensuring the operation of a helpline. CZ.NIC will continue operating the Czech national hot-line STOPonline.cz, which received a record number of reports last year.
Today, I would like to go back to the topic I brought up in my earlier blog post. At that time, I was horribly angry at the administrators of photo sharing servers. I was angry at the absence of better mechanisms to check the photos people upload. Why don’t they have a person who would take a look at them? Why don’t the make the albums private by default? I could go on, but after almost two years of what seemed like fighting windmills, I have realized one thing. It’s not the administrators’ or providers’ fault — everyone is responsible for their own actions.
Vulnerability of SOHO routers becomes a topic of analyses by various security organizations almost every week. The 2017 Symantec report shows a year-on-year increase in the number of attacks on IoT devices by 600%. The most vulnerable are unsecured routers, which often make it possible to gain easy access to each connected device. The April’s alert from the official US-CERT also tells us of the growing number of these attacks and their severity.
There is no doubt that high school students use information and communication technology just as commonly as a toothbrush. Unfortunately, when it comes to security, there is really room for improvement. This was confirmed by the National Final of the second Czech Cyber Security Competition among high schools.
We launched the campaign for Turris MOX – modular and open source router. As modularity is something new in this field, some users are quite confused and don’t know what should they pick. This article is here to help you a little bit decide which combination is the right one for you and help you understand why would you actually want modularity.