This is a little disconcerting. Basically the internet can be taken down through the border gateway protocol in about an hour (Its a protocol that tells internet traffic how to get to its destination). There is no security to verify that the BGP routes are legit (they auto update each other in order to know where everything is) so some one could put out some fake BGP packets and have routes go to the wrong place (where they usually just get dropped). This has happened a few times already, but more due to mistakes in setting up new routers then actual malicious intent, which took down certain parts of the internet for certain people. What is really odd is that this is a known issue since before 1995. The problem with a fix is that every one would have to be on board, and large company’s usually only act when its in their best financial interest. So to sum it up, until it is actually exploited in a large and devastating way, not much is going to be done about it.

You can read the article here.

This is actually a good way to think when your providing Internet related services.  Assume the worst has happened to your clients computers and create things that are still as secure as possible.

” “For years, security experts, analysts and even users have been lamenting the state of desktop security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the desktop security battle may be over. The less-than-good news, however, is that we may have lost it. Jeremiah Grossman, CTO of WhiteHat Security, said Thursday that many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers’ desktops are compromised. And moving forward from that assumption, things don’t get much prettier.”

“It goes on to speculate about home routers being targeted and infected.” “

It’s kind of scary to think of your router being infected though.  It would be very hard to detect unless you connected a machine in between the Internet and your router to analyze traffic (if at all possible with some ISP’s all in one gateways).  The hacker could redirect all or certain traffic to a computer that analyzes the data for passwords, user information, etc.