Articles about Vpn

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

A Wi-Fi hack experiment conducted at various locations at or near the Republican National Convention site in Cleveland, US, underlines how risky it can be to connect to public Wi-Fi without protection from a VPN. The exercise, carried out by security researchers at Avast, an anti-virus firm, revealed that more than 1,000 …
John Leyden, 21 Jul 2016
Woman holds up PBX phone in office. Pic by Shutterstock

Really Scary Telecoms Stuff? Nah – telephony's just an app

In 2009, I moved to Jersey to become the network and telecoms manager for a multinational company. It was tremendous fun, as I had a variety of kit to play with. I tended to favour the Mitel 3300 ICP range (still do, actually) that supported about half of our offices, and I did the various engineer courses and exams for the …
Dave Cartwright, 20 Jul 2016
Road Closed sign

VPN provider claims Russia seized its servers

VPN provider Private Internet Access (PIA) says its servers have been seized by the Russian government, so has quit the country in protest at its privacy laws. The company has sent an e-mail to users claiming some of its servers have been seized, even though the enforcement regime – in which all Internet traffic has to be …
Sun shines on the clouds. Photo by Shutterstock

Brexit, schmexit: BT and Oracle join hands for a cloudy tryst

BT has hopped into bed with Oracle in a deal that promises to provide the underlying network connectivity for Oracle’s hybrid cloud. BT Cloud Connect for OracleFastConnect is built on BT’s IP Connect virtual private network (VPN) and will link customers' on-premises IT to Oracle data centres in London or Amsterdam. The deal …
Kat Hall, 29 Jun 2016
band_aid_648

Cisco firmware patch lands

Cisco has pushed out firmware for its RV-series wireless routers to patch last week's vulnerability. The HTTP sanitization bug affected the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The flaw let a remote attacker run commands as root. The …

Pressure mounts against Rule 41 – the FBI's power to hack Tor, VPN users on sight

The campaign against Rule 41 – which will give cops and Feds in America the power to hack people's computers around the world – has kicked up a gear. Leaders of the US House of Representatives and Senate got a letter today urging them to block the rule change before it becomes permanent in December. The proposed legislative …
Iain Thomson, 21 Jun 2016

Docker taps unikernel brains to emit OS X, Windows public betas

DockerCon Docker will kick off its DockerCon 2016 conference in Seattle this morning with a bunch of announcements: its OS X and Windows Docker clients will be made publicly available as beta software for anyone to try out; out-of-the-box orchestration is coming to Docker 1.12; and integration with Amazon's AWS and Microsoft's Azure is in …
Chris Williams, 20 Jun 2016

SOHOpeless Cisco wireless kit needs critical patch

A range of SOHO-targeted network kit from Cisco, pitched as “highly secure”, isn't. Switchzilla has just issued a critical patch for three devices in its RV range: the RV110W 802.11N VPN/firewall; and the RV130 and RV125 802.11n VPN routers. The bug lets a remote attacker send crafted HTTP requests and execute code as root. …
Speedometer by Nathan E Photography, Flickr under CC2.0

Arista cuddles storage giants with leaf switch

Arista is touting interoperability with the likes of HP Enterprise, NetApp, EMC, Nutanix and PureStorage in its latest data centre release. Its 7280R Series is designed to sit alongside the 7500R spine platform, and the company says it packs deep buffering and “Internet-scale route tables” in a compact form factor, with the …

'UnaPhone' promises Android privacy by binning Google Play

A custom Android phone is being pitched to security and privacy pundits promising to deliver by goring Google services, preventing app installation, and deploying end-to-end encryption. The US$540(£374, A$745) UnaPhone sports a custom Android Marshmallow operating system that has been stripped of "invasive" Google services to …
Darren Pauli, 03 Jun 2016
Headshot of Trojan horse

Russia launches raids over Sberbank heist

Russia's FSB says it's tagged the gang that used the “Lurk” trojan to raid 1.7 billion roubles – about US$25 million – from financial institutions. Lurk was identified in 2012. At the time, Kaspersky Labs said it was a “fileless” Trojan that ran in RAM. Instead, it “uses its payload to inject an encrypted dll from the web …

KNOX knocked three times by Israeli infosec boffins

A pair of Israeli researchers has detailed their discovery of three Android / KNOX vulnerabilities in older Samsung phones, and it makes for depressing reading. In this paper at Arxiv, Tel Aviv University's Uri Kanonov and Avishai Wool dissect KNOX for your enjoyment. In particular, they write that in sharing KNOX services …

Telegram in Iran crackdown

Foreign messaging apps are the latest to feel the breath of the Iranian government on their neck: they've been told that user messages have to be held in onshore servers. The country's Supreme Council of Cyberspace announced the rule through state media over the weekend, according to Reuters. The statement said “foreign …

The Windows Phone story: From hope to dusty abandonware

Special Report We stroll down Memory Lane and ask: was this The Ultimate Curse of Fry? Spring cleaning the other day, my wife found a Windows wristband. It was in a box where ten year old 4MB MMC cards went to die, along with paperclips, odd screws and a lot of dust. Keep or chuck? Chuck, I said, before looking closer, and realising that it …
Andrew Orlowski, 27 May 2016
stack of newspapers with a pair of ethernet cables next to them

CentOS Linux 6.8 lands

The CentOS Linux project has unleashed version 6.8 on the world. In line with the Red Hat code-base it's cut from, CentOS 6.8 gets 300 TB XFS filesystem support, and uses the Linux 2.6.32 kernel. There's a slew of security changes in the release: libreswan instead of openswan for VPN endpoint functionality; TLSv1.2 support in …

Citrix dodges death, returns with bigger XenServer and NetScaler

Citrix has unified its networking products and made big additions to its virtualisation stack. Last things first: XenServer is now in version 7, which means it gains support for Intel's Iris Pro graphics technology. In theory that makes XenServer a better platform for graphics-intensive desktop virtualisation (VDI) chores. …
Simon Sharwood, 25 May 2016
Laptop user, photo via Shutterstock

Hacked in a public space? Thanks, HTTPS

Have you ever bothered to look at who your browser trusts? The padlock of a HTTPS connection doesn't mean anything if you can't trust the other end of the connection and its upstream signatories. Do you trust CNNIC (China Internet Network Information Centre). What about Turkistan trust or many other “who are they” type …
Stuart Burns, 20 May 2016

Cisco patches security appliance bugs

It's Borg Bug Day, and this week Cisco's issued patches of interest to users of its Adaptive Security Appliances (ASAs). The two newly-announced bugs are CVE-2016-1379, a VPN block memory exhaustion vulnerability; and CVE-2016-1385, a problem with the ASA XML parser. The memory exhaustion vulnerability affects ASA software …
News room with blur motion effect

Opera unleashes ad blocker

Opera has released a new version of Opera Mini browser with a built-in ad-blocker. The blocker uses EasyList but is turned off by default, deputy CTO Bruce Lawson told us, because Opera didn’t want to skew consumer demand. The ad blocker will speed up page downloads by 40 per cent and use 14 per cent less traffic, on average, …
Andrew Orlowski, 06 May 2016
Man with head in the cloud

VMware hikes NSX price, adds cheaper versions

VMware has taken the scissors to its NSX product's feature list to offer versions that won't set back customers quite as much as the full product, at the same time hiking the price of the top version of the product. Pitched at companies that want to create software defined data centres, NSX slips networking and security into …
Gary Kovacs, CEO of AVG. Pic: World Economic Forum

Mobile antivirus sales offset declining search revenues for AVG

The scourge of Android malware is helping to bolster the bottom line of security software firm AVG but the firm still ended up recording a slight decrease in profits. For the first quarter ending 31 March 2016, AVG posted revenues of $107.9m, compared to $102.8m in Q1 2015, a rise of five per cent. Sales from AVG’s emerging …
John Leyden, 28 Apr 2016

Come get your free Opera VPN (and bring along something to read)

Opera has built a free virtual private network (VPN) service into the latest version of its browser for Windows and OS X. The other other other browser will allow users running the most recent developer build to knock their connections through the SurfEasy VPN free of charge. The VPN option can be enabled under the Privacy and …
Shaun Nichols, 21 Apr 2016

Google cloud TITSUP

Google's cloud has suffered an hour-long outage. The incident started as a connectivity problem with the Alphabet subsidiary's Cloud VPN at 18:51 Monday, Pacific time, in the asia-east1 region. 30 minutes later, Google reported “severe network connectivity issues in all regions.” 20 minutes later, services were restored. …
Simon Sharwood, 12 Apr 2016
Illustration of a man with a beard reading a tablet

Juniper kills weak crypto

ScreenOS has been cleansed of weak crypto components found last year. The December 2015 discovery of “unauthorised code” in the software, the operating system for the firewalls it acquired when it bought Netscreen, left the company red-faced and scrambling to work out what happened. Along the way, Juniper kicked off a code …

China's Great Firewall inventor forced to use VPN live on stage to dodge his own creation

The architect of China's Great Firewall was forced to use a VPN to bypass his own creation in a lecture this week on internet safety. Fang Binxing was speaking at his old university, the Harbin Institute of Technology in Heilongjiang, China, when he attempted to access webpages hosted in South Korea as a way to illustrate a …
Kieren McCarthy, 07 Apr 2016

When should you bin that old mainframe? Infrastructure 101

It's very easy to forget that buying kit for your infrastructure is just the first step on a long, long road. It's also easy to forget that everyone keeps their infrastructure kit going for years longer than their accountants depreciate it: we've all got something in the comms room that's still clinging to life. And this is …
Dave Cartwright, 31 Mar 2016

OK, so the users want corporate apps on the move. Don't Panic

People want to be able to do their job from wherever they happen to be. It's understandable – if you don't need to be in an office chained to your desk then why not work somewhere more convenient? Let's look at five ways to make this achievable. Remote access to local apps At the most basic level you have the traditional …
Dave Cartwright, 30 Mar 2016
Amazon WorkSpaces on an Apple iPad

Amazon WorkSpaces two years on: Are we ready for cloud-hosted Windows desktops?

Amazon Web Services (AWS) released WorkSpaces, Windows desktop-as-a-service, towards the end of March 2014. We took an early look, but encountered several niggling problems. "Don't dive in: it will get better," was my conclusion. It is time for another hands-on, but first a quick recap. WorkSpaces provides a Windows desktop …
Tim Anderson, 28 Mar 2016
Doctors run to save patient. Photo by Shutterstock

Wait... who broke that? Things you need to do to make your world diagnosable

You only ever discover the inadequacy of your system management, monitoring and diagnosis tools when something goes wrong and there's a gulf between what you want to do and what you need to do. Here are 10 things you can do to maximise your chances of diagnosing the problem when the brown stuff hits the ventilator. Ladies and …
Dave Cartwright, 24 Mar 2016

Attackers packing malware into PowerShell

Microsoft's PowerShell has once again become an attack vector for malware, this time a file-less attack dubbed "Powersniff" by Palo Alto Networks. The attack arrives through e-mails containing Word documents bearing malicious macros, almost as if it isn't more than 15 years since the first macro viruses were let loose on the …
EU logo on rubber glove

European commish considers probing Android, again

The European Union has taken early steps towards opening an antitrust investigation into the Android operating system. According to Bloomberg, Google's opponents have been asked to prepare redacted versions of their complaints with business secrets removed, so the documents can be shown to Google. The spirits tell Bloomberg …

BlackEnergy malware activity spiked in runup to Ukraine power grid takedown

Fresh research has shed new light on the devious and unprecedented cyber-attack against Ukraine's power grid in December 2015. A former intelligence analyst has warned that launching similar attacks is within the capabilities of criminals, or perhaps even hacktivist groups, since most of the key components are readily …
John Leyden, 04 Mar 2016
An eraser

Google gives ringing endorsement to US VPN providers with 'right to be forgotten' expansion

If you use Google in Europe, your search results will be censored under the Continent's right-to-be-forgotten policy – even if you try to use one of the ad giant's non-European sites. Until now if you used Google.com rather than, say, Google.de, you could still find results that have been removed at someone's request: the …
Shaun Nichols, 04 Mar 2016

90% of SSL VPNs are ‘hopelessly insecure’, say researchers

Nine in 10 SSL VPNs use insecure or outdated encryption, putting corporate data at risk in the process, according to new research. High-Tech Bridge (HTB) conducted large-scale Internet research on live and publicly-accessible SSL VPN servers. The firm passively scanned 10,436 randomly selected publicly available SSL VPN …
John Leyden, 26 Feb 2016
stopwatch

Palo Alto reveals critical bugs and March 16th patch deadline

Palo Alto Networks has revealed four new nasties, one of which can allow remote code execution and DDOS attacks on its boxen, and given users until March 16th to patch them. The company's security advisory page lists the four bugs but doesn't mention the deadline. That date has, however, been shared in an email to customers …
Simon Sharwood, 25 Feb 2016
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

IT boss gets 30 months of porridge for trashing ex-employer's servers

A rogue IT manager has been sentenced to 30 months in prison after he changed jobs and decided to take revenge on his former employer. From 2007 to March 2012, Nikhil Nilesh Shah, 33, worked at mobile apps developer Smart Online in North Carolina, US. After moving on to another job, Shah accessed his old company's servers …
Iain Thomson, 24 Feb 2016

Interception clouds Deutsche Telekom's pan-Euro network utopia

MWC16 As Deutsche Telekom ramps up its virtualized all-IP pan-European network, dubbed Pan-Net, Europe’s fragmented set of privacy and legal interception laws could thwart the operator’s plans for a delivering cross-border services, according to a senior operator executive. “Legal interception and privacy are the most critical …

Let's talk over Wi-Fi, says Oracle to folks who don't know Skype exists

MWC16 Oracle's parked its yacht near Barcelona and fired off the usual broadsides of product announcements that accompanies a major conference like Mobile World Congress. Mobile operators in need of a Wi-Fi gateway can throw their hats into the air with the launch of the Oracle Communications Mobile Security Gateway. The gateway's …
Pirate in costume

Big Content picks first download-block target: THE SUN!

Australia might be set to join the UK and Singapore in bringing down the boom on an unlicensed Philippines-registered movie-streaming website. SolarMovie – here, for those who want to see how long it takes to get blocked from ordinary Australian web users – has attracted the ire of Hollywood for freely streaming movies and TV …
Ethernet cable rises up like a snake (artist's impression). Image via shutterstock

While we weren't looking, the WAN changed

Sysadmin Blog: Wide Area Networking (WAN) solutions are not discussed enough in the tech press. We babble incessantly about consumer broadband, or some new top end fibre speed achieved in a lab, but this is merely a fraction of the story. There is a very real revolution in WAN connectivity that is occurring right now, today. It goes largely …
Trevor Pott, 05 Feb 2016
Apple iPhone 6s

FaceTime, WhatsApp UDP streams AWOL on iOS 9 beta with T-Mo US

A problem with the handling of UDP network packets is leaving T‑Mobile US customers unable to make FaceTime or WhatsApp calls with the latest Apple iOS beta. Various netizens say they are unable to make video calls on their T‑Mo handsets when running the latest iOS beta build. WhatsApp calls are also reportedly dropped. Other …
Shaun Nichols, 04 Feb 2016

BT broadband is down: Former state monopoly goes TITSUP UK-wide

Updated UK telco BT is suffering a major broadband outage: it appears the comms giant is caught up in a near-nationwide blackout, with more than 12,000 reports of service problems on Down Detector. The web connectivity monitor has been flooded with complaints from vast parts of the UK, from London and Birmingham to Manchester and …
Kat Hall, 02 Feb 2016
blackberry_slider_tease_648

Post-nuptial BlackBerry gives birth to Good-looking offspring

BlackBerry completed the $425m acquisition of former bitter rival Good and announced the fruit of their loins today. With plenty of overlap between the two, what's been culled? It's hard to know at this stage, but BlackBerry says the new products reflect BlackBerry's strengths in MDM (mobile device management) and Good's …
Andrew Orlowski, 26 Jan 2016

NASA, Dept of Defense, Commerce etc probed over use of backdoored Juniper kit

A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. The House of Representatives' Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen …
Chris Williams, 26 Jan 2016
Banned

Net neutrality-lovin' Sweden mulls law to censor the internet

The Swedish government is considering overturning its long-held opposition to internet filtering – so says one of the country's most high-profile ISPs. According to Bahnhof and its CEO Jon Karlung, the ISP received an email from an investigator who said he had been appointed by the government to look into regulating the …
Kieren McCarthy, 22 Jan 2016
Road closed

The Day Netflix Blocked My VPN is the world's new most-hated show

Netflix has announced it will clamp down on users who access it through virtual private networks (VPNs). Or as the company puts it, in a masterpiece of Orwellian PR-talk, “Evolving Proxy Detection as a Global Service”. David Fullagar, Netflix's veep of Content Delivery Architecture, explains that the company can't yet secure …
Simon Sharwood, 15 Jan 2016
cable

Juniper Networks planned upgrade kicks down some services

Juniper Networks' partners have complained about a planned systems upgrade at the company which created a number of difficulties over the last week. A number of sources contacted The Register to report the problem, which is understood to be related to an internal upgrade of its Customer Relationship Management system. "It's a …
Kat Hall, 08 Jan 2016

Look what Gbps fiber brings: Competition, then new router chips

It's not often that a couple of services create a market segment on their own, but that's what Google Fiber and Comcast's 2Gbps home broadband rivalry seem to have done. To cope with such high speeds, Broadcom has baked up silicon that once would have been at home in an enterprise-grade router: a 1.8GHz, 64-bit quad-core ARM- …
Joanna Rutkowska of Invisible Things Labs gives talk "Towards (reasonably) trustworthy x86 laptops" at ccc - still from youtube

Trustworthy x86 laptops? There is a way, says system-level security ace

32c3 Security concerns around Intel's x86 processors – such as the company's decision to force the secretive Management Engine microcontroller onto its silicon – have raised fundamental questions about trust in personal computers, whatever architectures they may be based upon. Youtube Video The founder of Invisible Things Labs, …

Researcher criticises 'weak' crypto in Internet of Things alarm system

Security shortcomings in an internet-connected burglar alarm system from UK firm Texecom leave it open to hack attacks, an engineer turned security researcher warns. Luca Lo Castro said he had come across shortcomings in the encryption of communication after buying Texecom’s Premier Elite Control Panel and ComIP module and …
John Leyden, 31 Dec 2015