While Google claims that they are doing this to make the web faster and safer, which I believe is true, one cannot deny that Google, the world’s largest advertising firm, is doing this to get more information about you. This is yet another in a series of ways that Google will have to track your every move on the Internet.

Is this a victory for the end-user? Perhaps. This service will make DNS more visible in the public eye, and using it will most likely enhance end-user’s DNS performance and security.

But it is surely yet another defeat in the Google vs. Privacy battle.

• “Nobody is interested in our network.”
• “We don’t have anything that anyone would want.”
• “Our systems aren’t that important.”
• “No one would steal my account/password/login.”
• “Why would someone want to hack our computers?”

Recently, two things came to light that made me seriously question this attitude.

Tipped off by the Data Security Podcast, I read an interesting story about Ashton Lundeby, a sixteen year-old who is accused of making bomb threats via the Internet. He was subject to a raid by FBI agents, sanctioned by the USA PATRIOT Act, who stormed his house, seizing his computer and other personal property.

I am not going to go into the political issue of due process, and the constitutionality of the USA PATRIOT Act, because I am not a lawyer and frankly, I don’t know what can be done about this. However, there is another issue here which you can do something about. Lundeby’s mother claims that the boy was the victim of a “proxy attack.” In other words, he did not conduct any sort of attack, but someone else hijacked his network and did so. If this is the case, then it is quite likely that his home computer and/or network were hijacked by a malicious hacker, who then conducted his attack (in this case, bomb scares), from the boy’s network.

My guess would be that his computer either was infected with some sort of malware (virus, spyware, trojan, or similar) or that his family’s wireless network was open, allowing anyone to connect and use it for their own purposes.

To help make my point, here’s an extreme analogy: Imagine that a bunch of criminals set up shop in your basement, and used it as a base of operations for their illegal activities, but because you never noticed (hard to imagine, but just pretend you have a really big house and don’t go to the basement much), this was allowed to go on for a long time. Imagine that the only hint that anything was wrong was that your utility bill was a bit higher (or, for sake of comparison, your Internet usage was higher, or speeds were slower). Then suddenly the FBI knocks on your door one day and says “Hi. You’ve been harboring criminals in your basement. Please come with us.” This is essentially the same thing that Lundeby’s mother is claiming happened to him.

Also this week, I was at a client’s house, helping them set up their new satellite Internet connection. For years, they have had an open, unencrypted wireless system. Also for years, they have complained that their Internet connection is slow. This is no surprise, as satellite Internet is notoriously slow – the slowest of the “broadband” options that I’ve ever had to endure (and believe me, I endured it for years). However, this was really, really slow. Having had prior experience with their new provider, HughesNet, I had seen this before, when a brand new installation was super slow. I called HughesNet and they confirmed my suspicion – my client had “exceeded their fair access limit” by downloading too much stuff.

My client was bewildered, and claimed that this was impossible, as Hughes said that they had downloaded over 1GB of files between the hours of 3-6am, when no computers were even on!To give you an idea, 1GB of files is like downloading 20 different albums (not songs) from iTunes, several Windows service packs, or thousands of books in electronic format.

I immediately suspected that someone was leeching off their open wireless connection. Despite my client’s assurances that this was unlikely, as they have a very remote house, they agreed to let me lock their wireless network down with WPA2 encryption. The next day, my client called and, in a rarity in my line of work, expressed happiness with the fact that everything was working great! Coincidence? I think not. My conclusion is that someone was using her network, probably for a long time, and they never knew it.

While this is not exactly the same as Ashton Lundeby’s predicament, it very well could have been and both of these stories underscore why security should be everyone’s concern.

References:
WRAL News article on Ashton Lundeby’s case
Wikipedia article on Man in the Middle Attacks
USA PATRIOT Act highlights

If you have only one Internet address that you share with other servers and desktops, any one of these devices can damage your reputation if they are compromised.  For example, let’s say Jane’s PC contracts a virus that causes it to send out junk e-mail.  Since she uses the same gateway as the mail server, your mail server’s (public) Internet address will be blacklisted, which is to say, millions of computers across the Internet will refuse to accept email from it as long as it remains on the list.

How can you prevent this from happening?  There are several actions that can (and should) be taken:

1. Install and maintain an effective antivirus / anti-malware product, such as AVG, McAfee, Symantec, etc., across all of your servers and desktops, to help prevent their compromise.
2. Ensure that your Internet gateway is configured to block outbound email traffic (port 25) from your network, except the computers you know require it.
3. Consider allocating a separate public IP address dedicated to your e-mail server, so rogue machines on your network will not affect the production server.
4. Consider hosting your email with a commercial service provider.
5. Configure a reverse DNS and SPF record for your mail server’s IP address.  These are essential in preventing others from spoofing your mail server IP and using / damaging its reputation.