TWINN #98 IPFS – the double-edged sword we don’t need
Let’s talk about IPFS. The interplanetary filesystem. Who knew that there’s a filing system between planets, right? In all seriousness, though, this is a complicated topic, mostly because it represents a layer on top of the current internet that has some very interesting properties that make it a double-edged sword. When using that analogy I always remember that I wouldn’t offer a weapon such as a sword to a son that is angry and may use it in a way that may cause irreparable harm.
By the same token, if that same son needs a powerful weapon for self-defence, it makes for a completely different scenario. Now I do want him equipped in a way that the enemy doesn’t stand a chance against him.
IPFS is a weapon like this. The question of needing it is two-fold. First question is *when* (or if) do we need such a weapon ourselves? Secondly, what if our enemy uses such a weapon against us?
To answer the first question in a simplified way, let’s consider the fundamental IPFS capability that it can publish details that nobody else can delete or modify. This is a very relevant question in areas with fewer freedoms and liberties. Generally speaking, though, we have free speech in the west, so I would argue that we do not have any need or benefit from using IPFS to share data.
But what happens when an enemy uses IPFS to publish malware that cannot be deleted? Now we have that entire ecosystem representing a threat, and that’s what is happening now:
Attackers Using IPFS for Distributed, Bulletproof Malware Hosting.
The security response to this is that all of IPFS is now treated as a threat and any IPFS participation on a network cannot be permitted by policy.
Australia Faces Consequences of Standing Up to Ransomware.
There’s a reason why so many organizations pay the ransom. Failure to do so, can lead to a worse state for such a victim.
LockBit ransomware suspect nabbed in Canada, faces charges in the US.
This high-value target is responsible for many large-scale attacks. Hopefully justice is served soon.
Mysterious company with government ties plays key internet role.
Fascinating reporting on TrustCor with a physical address of a UPS store, and yet we collectively trust them as a root Certification Authority. We often use the Hong Kong Post Office as an example of “Why do we need to trust them?” label, but is this any better?
New “Earth Longzhi” APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders.
This is highly relevant to what we do because the simple exercise of applying Don’t Talk To Strangers prevents the cobalt strike beacon from ever connecting directly to a Command & Control IP address.
Did you know?
macOS has a new version: Ventura. Wondering if you should upgrade? Read Home truths about macOS.