Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

EU taunts US: Net neutrality’s better here

While the debate on Net neutrality begins to heat up in the US, with sides trying to decide on definitions before moving forward, the EU Commissioner in charge of Information Society and Media says Europe’s regulated approach to fostering competition will fair better than the deregulated approach argued by some in the US. This comment takes aim at the republican efforts to allow the Net to operate according to market demands.

Click here for more information.

What will talking power meters say about you?

Power companies are making the move towards installing intelligent devices at each home to make more efficient use of power distribution. Greater amounts of power will be provided when needed and power will be cut back by the power companies when power demand is at risk of outage. From the initial outlook the prospect of a “smart grid” is promising through the deployment of smart meters at each household.

The following story brings about what might happen with data collected on your power consumption habits. Might law enforcement utilize the information to determine the correctness of an alibi? Might credit bureaus or insurance companies penalize you because your power consumption patters match those of “troublesome” customers?

Obtaining information? California’s Pacific Power and Electric says it projects storing 170 megabytes of date per smart meter per year. What will be done with the data? What if the data is cross referenced by other organizations who have access to the information, whether through legal means or through purchase? Speculation at this point, however Europe has adopted a “data minimalization” approach to data collected by its utility companies. “Data minimalization” means utility companies are legally bound to collect only that information which is necessary to complete a transaction. As soon as the information is no longer needed the information is deleted.

Click here for more information.

Hackers Exploit Year’s fourth PDF Zero-Day

A bug has been determined through Adobe’s reader that allows hackers to gain control of a user’s computer through a user opening up a PDF document. While the vulnerability include the Mac and Linux platforms, the only reports Adobe has heard of are those dealing with the PC platform. Attacks thus far appear to be targeted towards executives, with the goal of obtaining confidential information from their computers.

Click here for more information.

Botnets Behind Most Modern Malware Infections

Botnets have traditionally been used for the distribution of spam. While still used for the distribution of spam a growing trend is how cyber criminals are utilizing botnets for the distribution and activation of malware.

The common aspect of all botnets is all bots need to receive instruction from a command and control server. In this case cyber criminals are finding botnets provide an extra layer of anonymity they didn’t have before. If officials are wishing to trace back a malicious attack via IP address they will now be met with the IP address of a computer which has been turned into a bot.

Click here for more information.

Bitbucket’s Amazon DDoS – what went wrong

News Bits recently reported on Bitbucket’s 19 hour outage due to a DDoS attack. Utilizing Amazon’s Elastic Compute Cloud to provide Bitbucket’s scalable processing resources, the following story looks at the aftermath of how the attack was able to occur and for how long. The story discusses several exposures that allowed the attack to last for such a long period of time.

Some of the problems dealt with where, on the network, Bitbucket’s storage was located. It was also discovered where the cloud’s QoS implementation did not work as expected.

Click here for more information.

Time Off

Please note News Bits will not be published next week due to a week off. Enjoy your week!