|
Sri Lanka First Country to Deploy Balloon
Based Internet, What Security Risks Does It Pose?

|
|
|
|
Project Loon
We think that most people are connected to the internet when in fact
two-thirds of the population do not have access to the internet. Google
started a project in 2013 called �Project Loon� with an aim to make the
whole world connected to the internet, concentrating on connecting
people in rural and remote areas, to help fill coverage gaps and bring
people back online after disasters using a network of balloons
travelling on the edge of space. The exciting thing about this is that
Sri Lanka will be the first country to deploy Googles balloon based
internet, giving 100% of Sri Lankans resident�s access to the internet.
How it works
The balloons travel 20km above the earth�s surface in the stratosphere.
The layers of winds in the stratosphere vary in speed and direction, so
Project Loon uses software algorithms to determine where the balloons
need to go, and moves each into a layer of wind blowing in that
direction. This can be arranged to form one giant communication network.
The inflated part of the balloon is called the balloon envelope and it
is designed to last around 100 days in the stratosphere and is powered
by solar panels and a small box hangs underneath the balloon envelope
which contains the electronics.
Each balloon can provide connectivity to a ground area about 40km using
wireless communications technology called LTE. Project Loon partners
with telecommunications companies to share cellular spectrum so people
will be able to access the Internet everywhere directly from their
phones and other LTE-enabled devices.
|
|
|

What is LTE technology?
LTE is also known as 4G. The technology covers a wider range of
frequencies and has the potential to be 100 times faster than 2G and 3G
networks. 4G was designed specifically for sending and receiving data.
The methods taken to achieve these speeds also make it more vulnerable.
What the industry has done with 4G/LTE technology is taken a
self-contained telephone network, secured primarily by virtue of being
separate from the internet, and then giving it internet capabilities. 3G
networks use a protocol called SS7 to send signals which is hard to
penetrate. LTE on the other hand uses systems such as Diameter, an open
protocol that sends signals based on IP addresses of networks which
makes it faster and can handle more traffic than SS7.
Security Issues
Main problem with LTE/4G is that user information can become easily
available to hackers via �man in the middle� attacks. These new security
risks are being exposed by the move to the IP-centric LTE architecture.
The deployment of LTE is a primary driver behind the security risks as
the LTE architecture is much flatter and more IP-centric than 3G,
meaning there are fewer steps to access the core network.
What to think about
Project Loon should be prepared to meet every threat. They need to
address security as a multi-level problem and ensure the highest levels
of device security and educate users to protect themselves. Only then
can they continue to build out their networks to reach more users while
also protecting them.
- Menuka De Silva
Menuka is working as Intern
- Information Security Engineer at Sri Lanka CERT|CC. |
|
| |
|
1.http://antivirus.about.com/od/securitytips/tp/ |
|
socialengineeringexcuses.htm | |
| | |
| | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | | |
|
|  | |
| |  |
|
 |
Europol takes down Italian Darknet
service used to share child porn | | |

Europol
has helped to close a Darknet hidden web service used by cybercriminals
to share material depicting the sexual abuse of children, in addition to
selling services used for fraud, computer hacking and drugs. | |  |
Is Windows 10 really 'the most secure
Windows ever', as Microsoft claims? |
| |

'....When Microsoft was playing internet-catchup in the 1990s, its rush
to make it easier for people to get.....' | |  |
HOW PHONE COMPANIES USED 'SUPERCOOKIES'
TO TRACK CUSTOMERS' WEB BROWSING |
| |

| |
| |
'...Tenacious "supercookies"
allowed mobile broadband providers to follow their customers' activity�both in
the U.S. and abroad�for over a decade, until the practice was discovered and
publicized late last year and companies began to roll back the cookies.....' | |  |
APPS TO TRAIN YOUR BRAIN |
| |
 | | |
'...Feeling forgetful or
mentally sluggish? Like you can't keep up at work? Help your mind out with
some brain-training apps. Your gray matter will be in tip-top shape in no
time.
You might already be familiar with the brain-training app, Lumosity, which
helps users work on multitasking and problem solving. As you improve, the
games become more challenging.....' | |  |
iPhone 6s release date confirmed by
carriers |
| |

| | | | |
| |
'...The iPhone 6s release date seems beyond doubt now. Apple is
confidently believed to be releasing the new models on September 18 in
tier-one countries. This will follow a launch date thought to be
September 9.
The reason for the near-certainty is a series of three,
apparently-unconnected, international leaks that all confirm the date.....� | |
|
| Month in Brief |
| Facebook Incidents
Reported to Sri Lanka CERT|CC in July 2015 | |
 | | | | | | | Statistics - Sri Lanka CERT|CC |
|
|  |
WHITE HOUSE AND INDIA CONSIDER COUNTERHACK
MEASURES IN FOGGY BOTTOM | |
| |

| |
'....Top Obama administration and Indian government leaders met at the
State Department this week to hash out issues concerning global
information security.
The 2015 U.S.-India Cyber Dialogue, which occurred Aug. 11-12, covered
matters including efforts to crack down on cyber criminals, ways to
enhance the sharing of threat alerts, and incident response..'
| |
|  |
Cyber security top CIO concern as Coats
re-lists on London Stock Exchange | |

| |
'...When manufacturing firm Coats floated on the London Stock Exchange
this summer - 125 years after the UK firm's first listing - global CIO
Richard Cammish had one topic at the front of his mind: security......' |  |
Agile Development Drives Enterprise DevOps
& Public Cloud Adoption | |

| |
'...In the past decade, many companies have moved towards the agile method
of development rather than the traditional waterfall methodology. Even
companies that do not strictly adhere to agile development will usually
use a blend of both agile and waterfall techniques. Agile development has
many characteristics that make it more suited to modern technology than
the waterfall method. Today, agile development is very closely related to
DevOps and the cloud....' |  |
Software Licensing got you down? Get your
SaaS in gear and go cloud | |

| |
'....Let's be absolutely clear -- figuring out software licensing,
regardless of which vendor you are dealing with, is never fun. I never
enjoyed it when I was an IT consultant in the financial sector, I hated it
when I worked as a systems architect at IBM, and I certainly don't enjoy
it today in my role at Microsoft....' |  |
Drop test failures appear to be culprit for
Google's Project Ara delay | |

| |
'"....One of the early, key innovations for Google's Project Ara modular
smartphone appear to have caused the recent delay of the product.
On Tuesday, it was announced that the first Project Ara handsets wouldn't
arrive this year as expected, but instead, would be pushed out into 2016.
A day later, the Project Ara team tweeted two informational bits that shed
more light on exactly what the issue is.....' |
|