Articles about Vpn

Opera VPN

Opera debuts free VPN built into desktop browser

Opera went live today with a VPN embedded into its desktop browser. Described as “free, no-log and easy to use,” the VPN uses 256-bit AES encryption to connect to one of Opera’s five data centres. With this move, Opera gives a fillip to those who need or want their online privacy. It is also a warning shot across the bows of …
Drew Cullen, 20 Sep 2016
A brick tunnel

Did you know iOS 10, macOS Sierra has a problem with crappy VPNs? You do now

With Apple's iOS 10 and macOS Sierra beta now out in the wild, one important non-feature of the OS is giving some network admins headaches. The latest version of the iPhone/iPad/Mac operating system, released ahead of the iPhone 7 launch, removes support for point-to-point tunneling protocol (PPTP) connections. This means that …
Shaun Nichols, 14 Sep 2016

Encrypted comms collective Riseup.net rattles tin

Encrypted communications collective Riseup.net has launched a funding drive, saying it has run so short of money that it might need to close next month. Demand for Riseup.net’s services has surged in the wake of the Snowden revelations without anything like a corresponding increase in donations, hence the financial problems, …
John Leyden, 06 Sep 2016
Sweet32 logo

Big data busts crypto: 'Sweet32' captures collisions in old ciphers

Researchers with France's INRIA are warning that 64-bit ciphers – which endure in TLS configurations and OpenVPN – need to go for the walk behind the shed. The research institute's Karthikeyan Bhargavan and Gaëtan Leurent have demonstrated that a man-in-the-middle on a long-lived encrypted session can gather enough data for a …

Hacked hookup site Ashley Madison's security was laughable

Ruby Corp, the rebranded parent company of illicit-affair-arranging outfit Ashley Madison, has had to enter into court-enforceable orders with privacy authorities in Canada and Australia, following the findings of a joint investigation in the two countries. After the company was hacked by Impact Team, it was pretty clear that …

NSA's Cisco PIX exploit leaks

Cisco PIX firewalls can be made to cough up their VPN configurations and RSA private keys, allowing network eavesdroppers to decrypt secure connections. The NSA's Equation Group exploit code – leaked online this week – includes a tool called BENIGNCERTAIN that crafts and sends a special Internet Key Exchange (IKE) packet to …
Iain Thomson, 20 Aug 2016
NSA

Snowden files confirm Shadow Brokers spilled NSA's Equation Group spy tools over the web

Documents from the Edward Snowden archive prove that the malware and exploits dumped on the public internet on Monday originated from the NSA. Among the files leaked by whistleblower Snowden in 2013 is a draft NSA manual on how to redirect people's web browsers using a man-in-the-middle tool called SECONDDATE. This piece of …
Iain Thomson, 19 Aug 2016
Man drinks Beer. Photo by shutterstock

Polish developer hacks Android rewards app for free beer

A cunning Polish developer has hacked an Android food and drink rewards app to grant himself unlimited free beer. Kuba Gretzky detailed his excellent exploits in a blog post on Breakdev – though, to deter copycats, he didn't name the rewards app or the precise location within Poland where it was operating. He did, however, …
Gareth Corfield, 19 Aug 2016
band_aid_patching_648

Oops, they did it again: Cisco finds new vulns in kit it patched in June

Some Cisco wireless routers patched in June have made it back onto sysadmins' sleepless night lists again. The RV110W, RV130W and RV215 (which had an HTTP parsing vuln previously) have turned up a command line interface parsing bug. While the CLI isn't a remote vuln, a local user can execute shell commands with full admin …
Xeon E3-1500 v5

Intel and pals toss coins at party in the cloud, business at the back startup

Startup Velostrata, which provides users with the ability to handle varying workloads on demand in the cloud while keeping data on premises in real time, has added data migration to the cloud, and gained additional funding cash from Xeon God Intel. With its software tech, full VMs can now be migrated to the cloud and yet still …
Chris Mellor, 03 Aug 2016
SMB sniffing

Reminder: IE, Edge, Outlook etc still cough up your Windows, VPN credentials to strangers

Updated Microsoft software still leaks usernames and password information to strangers' servers – thanks to an old design flaw in Windows that was never properly addressed. These details can be used to potentially unmask VPN users and commandeer Windows accounts. They can be obtained simply by tricking victims into visiting malicious …
Iain Thomson, 02 Aug 2016

Apple gets judge to hit ctrl-alt-delete on $625m FaceTime patent troll

A US District Court judge has thrown out an earlier $625m verdict against Apple in a long-running patent trial over FaceTime – and ordered a new trial. Judge Robert Schroeder of the Eastern Texas US District Court issued an order [PDF] granting Apple's motion for a retrial on the grounds that the jury was not properly …
Shaun Nichols, 02 Aug 2016
UAE

Don't use a VPN in United Arab Emirates – unless you wanna risk jail and a $545,000 fine

A royal edict from the president of the United Arab Emirates (UAE) may have effectively made it illegal for anyone in the country to use a VPN or secure proxy service. Those caught could face jail time and fines of between 500,000 and 2,000,000 UAE dirham (US$136,130 and $544,521). The change was announced this week by the UAE …
Iain Thomson, 28 Jul 2016

Hybrid Cloud: The new IT service platform?

So. Hybrid cloud. Let's start with a quick definition, courtesy in this case of TechTarget which describes it as: “a cloud computing environment which uses a mixture of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms”. I like this particular definition as it sums it …
Dave Cartwright, 28 Jul 2016
Russian hacking

Did the Russians really hack the DNC or is this another Sony Pictures moment? You decide

Poll Security intelligence firm ThreatConnect thinks it has found a smoking gun that links the leaked US Democratic Party emails to Russian hackers. The biz has analyzed the communications methods used by Guccifer 2.0, which is thought to be a team of miscreants who obtained the somewhat embarrassing internal emails and gave them …
Iain Thomson, 27 Jul 2016

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

A Wi-Fi hack experiment conducted at various locations at or near the Republican National Convention site in Cleveland, US, underlines how risky it can be to connect to public Wi-Fi without protection from a VPN. The exercise, carried out by security researchers at Avast, an anti-virus firm, revealed that more than 1,000 …
John Leyden, 21 Jul 2016
Woman holds up PBX phone in office. Pic by Shutterstock

Really Scary Telecoms Stuff? Nah – telephony's just an app

In 2009, I moved to Jersey to become the network and telecoms manager for a multinational company. It was tremendous fun, as I had a variety of kit to play with. I tended to favour the Mitel 3300 ICP range (still do, actually) that supported about half of our offices, and I did the various engineer courses and exams for the …
Dave Cartwright, 20 Jul 2016
Road Closed sign

VPN provider claims Russia seized its servers

VPN provider Private Internet Access (PIA) says its servers have been seized by the Russian government, so has quit the country in protest at its privacy laws. The company has sent an e-mail to users claiming some of its servers have been seized, even though the enforcement regime – in which all Internet traffic has to be …
Sun shines on the clouds. Photo by Shutterstock

Brexit, schmexit: BT and Oracle join hands for a cloudy tryst

BT has hopped into bed with Oracle in a deal that promises to provide the underlying network connectivity for Oracle’s hybrid cloud. BT Cloud Connect for OracleFastConnect is built on BT’s IP Connect virtual private network (VPN) and will link customers' on-premises IT to Oracle data centres in London or Amsterdam. The deal …
Kat Hall, 29 Jun 2016
band_aid_648

Cisco firmware patch lands

Cisco has pushed out firmware for its RV-series wireless routers to patch last week's vulnerability. The HTTP sanitization bug affected the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The flaw let a remote attacker run commands as root. The …

Pressure mounts against Rule 41 – the FBI's power to hack Tor, VPN users on sight

The campaign against Rule 41 – which will give cops and Feds in America the power to hack people's computers around the world – has kicked up a gear. Leaders of the US House of Representatives and Senate got a letter today urging them to block the rule change before it becomes permanent in December. The proposed legislative …
Iain Thomson, 21 Jun 2016

Docker taps unikernel brains to emit OS X, Windows public betas

DockerCon Docker will kick off its DockerCon 2016 conference in Seattle this morning with a bunch of announcements: its OS X and Windows Docker clients will be made publicly available as beta software for anyone to try out; out-of-the-box orchestration is coming to Docker 1.12; and integration with Amazon's AWS and Microsoft's Azure is in …
Chris Williams, 20 Jun 2016

SOHOpeless Cisco wireless kit needs critical patch

A range of SOHO-targeted network kit from Cisco, pitched as “highly secure”, isn't. Switchzilla has just issued a critical patch for three devices in its RV range: the RV110W 802.11N VPN/firewall; and the RV130 and RV125 802.11n VPN routers. The bug lets a remote attacker send crafted HTTP requests and execute code as root. …
Speedometer by Nathan E Photography, Flickr under CC2.0

Arista cuddles storage giants with leaf switch

Arista is touting interoperability with the likes of HP Enterprise, NetApp, EMC, Nutanix and PureStorage in its latest data centre release. Its 7280R Series is designed to sit alongside the 7500R spine platform, and the company says it packs deep buffering and “Internet-scale route tables” in a compact form factor, with the …

'UnaPhone' promises Android privacy by binning Google Play

A custom Android phone is being pitched to security and privacy pundits promising to deliver by goring Google services, preventing app installation, and deploying end-to-end encryption. The US$540(£374, A$745) UnaPhone sports a custom Android Marshmallow operating system that has been stripped of "invasive" Google services to …
Darren Pauli, 03 Jun 2016
Headshot of Trojan horse

Russia launches raids over Sberbank heist

Russia's FSB says it's tagged the gang that used the “Lurk” trojan to raid 1.7 billion roubles – about US$25 million – from financial institutions. Lurk was identified in 2012. At the time, Kaspersky Labs said it was a “fileless” Trojan that ran in RAM. Instead, it “uses its payload to inject an encrypted dll from the web …

KNOX knocked three times by Israeli infosec boffins

A pair of Israeli researchers has detailed their discovery of three Android / KNOX vulnerabilities in older Samsung phones, and it makes for depressing reading. In this paper at Arxiv, Tel Aviv University's Uri Kanonov and Avishai Wool dissect KNOX for your enjoyment. In particular, they write that in sharing KNOX services …

Telegram in Iran crackdown

Foreign messaging apps are the latest to feel the breath of the Iranian government on their neck: they've been told that user messages have to be held in onshore servers. The country's Supreme Council of Cyberspace announced the rule through state media over the weekend, according to Reuters. The statement said “foreign …

The Windows Phone story: From hope to dusty abandonware

Special Report We stroll down Memory Lane and ask: was this The Ultimate Curse of Fry? Spring cleaning the other day, my wife found a Windows wristband. It was in a box where ten year old 4MB MMC cards went to die, along with paperclips, odd screws and a lot of dust. Keep or chuck? Chuck, I said, before looking closer, and realising that it …
Andrew Orlowski, 27 May 2016
stack of newspapers with a pair of ethernet cables next to them

CentOS Linux 6.8 lands

The CentOS Linux project has unleashed version 6.8 on the world. In line with the Red Hat code-base it's cut from, CentOS 6.8 gets 300 TB XFS filesystem support, and uses the Linux 2.6.32 kernel. There's a slew of security changes in the release: libreswan instead of openswan for VPN endpoint functionality; TLSv1.2 support in …

Citrix dodges death, returns with bigger XenServer and NetScaler

Citrix has unified its networking products and made big additions to its virtualisation stack. Last things first: XenServer is now in version 7, which means it gains support for Intel's Iris Pro graphics technology. In theory that makes XenServer a better platform for graphics-intensive desktop virtualisation (VDI) chores. …
Simon Sharwood, 25 May 2016
Laptop user, photo via Shutterstock

Hacked in a public space? Thanks, HTTPS

Have you ever bothered to look at who your browser trusts? The padlock of a HTTPS connection doesn't mean anything if you can't trust the other end of the connection and its upstream signatories. Do you trust CNNIC (China Internet Network Information Centre). What about Turkistan trust or many other “who are they” type …
Stuart Burns, 20 May 2016

Cisco patches security appliance bugs

It's Borg Bug Day, and this week Cisco's issued patches of interest to users of its Adaptive Security Appliances (ASAs). The two newly-announced bugs are CVE-2016-1379, a VPN block memory exhaustion vulnerability; and CVE-2016-1385, a problem with the ASA XML parser. The memory exhaustion vulnerability affects ASA software …
News room with blur motion effect

Opera unleashes ad blocker

Opera has released a new version of Opera Mini browser with a built-in ad-blocker. The blocker uses EasyList but is turned off by default, deputy CTO Bruce Lawson told us, because Opera didn’t want to skew consumer demand. The ad blocker will speed up page downloads by 40 per cent and use 14 per cent less traffic, on average, …
Andrew Orlowski, 06 May 2016
Man with head in the cloud

VMware hikes NSX price, adds cheaper versions

VMware has taken the scissors to its NSX product's feature list to offer versions that won't set back customers quite as much as the full product, at the same time hiking the price of the top version of the product. Pitched at companies that want to create software defined data centres, NSX slips networking and security into …
Gary Kovacs, CEO of AVG. Pic: World Economic Forum

Mobile antivirus sales offset declining search revenues for AVG

The scourge of Android malware is helping to bolster the bottom line of security software firm AVG but the firm still ended up recording a slight decrease in profits. For the first quarter ending 31 March 2016, AVG posted revenues of $107.9m, compared to $102.8m in Q1 2015, a rise of five per cent. Sales from AVG’s emerging …
John Leyden, 28 Apr 2016

Come get your free Opera VPN (and bring along something to read)

Opera has built a free virtual private network (VPN) service into the latest version of its browser for Windows and OS X. The other other other browser will allow users running the most recent developer build to knock their connections through the SurfEasy VPN free of charge. The VPN option can be enabled under the Privacy and …
Shaun Nichols, 21 Apr 2016

Google cloud TITSUP

Google's cloud has suffered an hour-long outage. The incident started as a connectivity problem with the Alphabet subsidiary's Cloud VPN at 18:51 Monday, Pacific time, in the asia-east1 region. 30 minutes later, Google reported “severe network connectivity issues in all regions.” 20 minutes later, services were restored. …
Simon Sharwood, 12 Apr 2016
Illustration of a man with a beard reading a tablet

Juniper kills weak crypto

ScreenOS has been cleansed of weak crypto components found last year. The December 2015 discovery of “unauthorised code” in the software, the operating system for the firewalls it acquired when it bought Netscreen, left the company red-faced and scrambling to work out what happened. Along the way, Juniper kicked off a code …

China's Great Firewall inventor forced to use VPN live on stage to dodge his own creation

The architect of China's Great Firewall was forced to use a VPN to bypass his own creation in a lecture this week on internet safety. Fang Binxing was speaking at his old university, the Harbin Institute of Technology in Heilongjiang, China, when he attempted to access webpages hosted in South Korea as a way to illustrate a …
Kieren McCarthy, 07 Apr 2016

When should you bin that old mainframe? Infrastructure 101

It's very easy to forget that buying kit for your infrastructure is just the first step on a long, long road. It's also easy to forget that everyone keeps their infrastructure kit going for years longer than their accountants depreciate it: we've all got something in the comms room that's still clinging to life. And this is …
Dave Cartwright, 31 Mar 2016

OK, so the users want corporate apps on the move. Don't Panic

People want to be able to do their job from wherever they happen to be. It's understandable – if you don't need to be in an office chained to your desk then why not work somewhere more convenient? Let's look at five ways to make this achievable. Remote access to local apps At the most basic level you have the traditional …
Dave Cartwright, 30 Mar 2016
Amazon WorkSpaces on an Apple iPad

Amazon WorkSpaces two years on: Are we ready for cloud-hosted Windows desktops?

Amazon Web Services (AWS) released WorkSpaces, Windows desktop-as-a-service, towards the end of March 2014. We took an early look, but encountered several niggling problems. "Don't dive in: it will get better," was my conclusion. It is time for another hands-on, but first a quick recap. WorkSpaces provides a Windows desktop …
Tim Anderson, 28 Mar 2016
Doctors run to save patient. Photo by Shutterstock

Wait... who broke that? Things you need to do to make your world diagnosable

You only ever discover the inadequacy of your system management, monitoring and diagnosis tools when something goes wrong and there's a gulf between what you want to do and what you need to do. Here are 10 things you can do to maximise your chances of diagnosing the problem when the brown stuff hits the ventilator. Ladies and …
Dave Cartwright, 24 Mar 2016

Attackers packing malware into PowerShell

Microsoft's PowerShell has once again become an attack vector for malware, this time a file-less attack dubbed "Powersniff" by Palo Alto Networks. The attack arrives through e-mails containing Word documents bearing malicious macros, almost as if it isn't more than 15 years since the first macro viruses were let loose on the …
EU logo on rubber glove

European commish considers probing Android, again

The European Union has taken early steps towards opening an antitrust investigation into the Android operating system. According to Bloomberg, Google's opponents have been asked to prepare redacted versions of their complaints with business secrets removed, so the documents can be shown to Google. The spirits tell Bloomberg …

BlackEnergy malware activity spiked in runup to Ukraine power grid takedown

Fresh research has shed new light on the devious and unprecedented cyber-attack against Ukraine's power grid in December 2015. A former intelligence analyst has warned that launching similar attacks is within the capabilities of criminals, or perhaps even hacktivist groups, since most of the key components are readily …
John Leyden, 04 Mar 2016
An eraser

Google gives ringing endorsement to US VPN providers with 'right to be forgotten' expansion

If you use Google in Europe, your search results will be censored under the Continent's right-to-be-forgotten policy – even if you try to use one of the ad giant's non-European sites. Until now if you used Google.com rather than, say, Google.de, you could still find results that have been removed at someone's request: the …
Shaun Nichols, 04 Mar 2016

90% of SSL VPNs are ‘hopelessly insecure’, say researchers

Nine in 10 SSL VPNs use insecure or outdated encryption, putting corporate data at risk in the process, according to new research. High-Tech Bridge (HTB) conducted large-scale Internet research on live and publicly-accessible SSL VPN servers. The firm passively scanned 10,436 randomly selected publicly available SSL VPN …
John Leyden, 26 Feb 2016
stopwatch

Palo Alto reveals critical bugs and March 16th patch deadline

Palo Alto Networks has revealed four new nasties, one of which can allow remote code execution and DDOS attacks on its boxen, and given users until March 16th to patch them. The company's security advisory page lists the four bugs but doesn't mention the deadline. That date has, however, been shared in an email to customers …
Simon Sharwood, 25 Feb 2016