Watching ICANN, denying hackers and controlling UAVs

Pritzker: The world is watching ICANN

The United States will oppose any efforts to nationalize control of the Internet that might be proposed at an upcoming meeting of the U.N.'s International Telecommunication Union, Commerce Secretary Penny Pritzker said in an Oct. 13 speech in Los Angeles.

Addressing a meeting of the Internet Corporation for Assigned Names and Numbers, Pritzker pledged to back the multi-stakeholder model for global Internet governance as the United States transitions out of a lead role in controlling the Internet Domain Name System – the address book of the Internet.

"We must continue to work hard to sustain multi-stakeholder governance, because it has enemies who want to reduce Internet governance to a meeting of governmental technocrats promoting narrow national interests," Pritzker said.

In March, the National Telecommunications and Information Administration, a Commerce Department component, announced it would cede control over the root file that maps Internet addresses to nodes on the network to a not-yet-determined non-governmental entity. The U.S. hopes that ICANN and other stakeholder groups have a plan in place by the time the current Internet Assigned Numbers Authority contract expires at the end of fiscal year 2015.

"The world is watching ICANN, and some are waiting for us to fail. But we cannot -- and must not -- let that happen. We have to get this transition right," Pritzker said.

Dropbox: 'Your stuff is safe'

The collaboration and information-sharing provider that federal IT users sometimes employ to work remotely is denying reports that hackers had stolen millions of user passwords and credentials.

News reports on Oct. 13 said anonymous posters on the Pastebin website revealed 400 names and passwords they claimed to have taken from Dropbox. They said they had compromised almost seven million Dropbox emails and passwords and asked for Bitcoin payments to release more of them.

"Recent news articles claiming that Dropbox was hacked aren't true," said a post from a member of Dropbox's security team in an Oct. 13 post on the company's blog site. The company did not deny the usernames and passwords were Dropbox users, but said they were obtained from other places. "Your stuff is safe," said the post by Anton Mityagin, a Dropbox security engineer.

"The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens," Mityagin wrote.

Dropbox suggested the attacks were a result of clients re-using their passwords at other sites.

"Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services," Mityagin wrote. "For an added layer of security, we always recommend enabling 2 step verification on your account."

In an Oct. 14 update, the company noted that an additional list of user names and passwords had been posted on the Pastebin site. "We've checked and these are not associated with Dropbox accounts," the update said.

Army gives Apache pilots control over UAVs

The Army's Program Executive Office for Aviation has successfully tested a system with a One System Remote Video Terminal that gave control of two accompanying UAS to the pilot of an Apache helicopter, Defense Systems reports.

The tests took place over the past two months at Redstone Arsenal, Ala., and El Mirage Flight Test Facility, Calif.