Articles about Vpn

A third of iThings open to VPN-hijacking, app-wrecking attacks

A trio of FireEye researchers have reported twin 'app-demolishing' iOS vulnerabilities Apple has partially fixed in its latest update that could wreck core apps such as the App Store and Settings. Researchers Zhaofeng Chen, Tao Wei, Hui Xue, and Yulong Zhang revealed the latest in five so-called Masque attacks that could wreck …
Darren Pauli, 01 Jul 2015

PureVPN calls pure BS on VPN insecurity study

Hong Kong virtual private network provider PureVPN has rejected claims in a study published this week that its service among many other popular providers are open to DNS hijacking and has pushed fixes to shore up security. Research revealed earlier this week ruffled privacy feathers after a five security bods identified that 14 …
Darren Pauli, 03 Jul 2015
Eiffel Tower Shenzhen day

China 'upgrades' Great Firewall. Oh SNAP! There goes VPN access

China's notorious "Great Firewall" is being blamed for widespread reports of virtual private network (VPN) outages in that country. China's Global Times – an English-language subsidiary of the state-run People's Daily – reports that customers of several prominent VPN services based outside the Middle Kingdom have complained that …
Shaun Nichols, 24 Jan 2015

Hackers now popping Cisco VPN portals

Crackers are popping customised Cisco virtual private networks, stealing credentials and spraying malware using a flaw reported by Aussie hacker Alec Stuart-Muirk, the company warns. Organisations running the Cisco Clientless SSL VPN portal in customised configurations risk attack if they do not update to versions released 8 …
Darren Pauli, 20 Feb 2015

Opera buys mobe friendly VPN app bods SurfEasy

Norway-based Opera Software has set sail across the North Atlantic to acquire Toronto-based VPN-men SurfEasy, for an undisclosed sum. Opera is now producing a suite of applications through which you can "securely" read The Reg on desktop and mobile, and is set to expand its product line to include privacy-management services …
Road closed

VPN users reckon Netflix is blocking them

Netflix is being accused of planning to enforce its terms and conditions by blocking connections from services that bypass geographic blocks. If the reported blocking proves effective, users in nations not served by the media streamer would find themselves stuck with the company's limited local catalogue, rather than continuing …
Glorious future of China

Chinese snoops try tracking VPN users with fiendish JSONP trickery

Snoops are exploiting vulnerabilities in China’s most frequented websites to target individuals accessing web content which state censors have deemed hostile. Even users who run VPN connections to access websites that are blocked by China’s censorship technology, often called the Great Firewall (GFW), are potentially being …
John Leyden, 16 Jun 2015
Google HQ logo. Pic: Bob Dormon

Cloud DNS, VPN, HTTPS load balancing ... Google looks at rivals, thinks: Yeah, we'll do all that

Google has expanded its portfolio of network services, with the aim of ensuring that customers of its cloud infrastructure have responsive, low-latency websites. On Monday, the online ad-slinger announced general availability of Cloud DNS, its managed DNS service. For a monthly fee, Google will handle DNS requests for as many as …
Neil McAllister, 13 Apr 2015

Want to beat Verizon's slow Netflix? Get a VPN

Video Yet another person has stepped forward to claim that Verizon is deliberately throttling Netflix traffic, this time with video evidence. Colin Nederkoorn, CEO of software firm Customer.io, alleged in a personal blog post that his Verizon Fios internet connection in New York slows Netflix traffic to a trickle, but runs at full …
Shaun Nichols, 18 Jul 2014

'Free' VPN Hola is LITERALLY flogging access to users' devices

The VPN service Hola, which claims to have more than 9.7 million users, is now selling its access to users' machines as exit-nodes under the Luminati brand. Described as "the world's largest VPN network", Hola's Luminati brand is advertised as being simple and effective to use: "Route your HTTP, HTTPS or TLS requests to any one …

Do you use Hola VPN? You could be part of a DDoS, content theft – or worse

Embattled "free" VPN provider Hola is facing criticism over its practice of turning its users into exit nodes in a paid-for anonymisation service which can easily be used for nefarious activities. Hola's software is also claimed to include "unpatchable" vulnerabilities allowing takeover of user machines. As the Register reported …
GCHQ as seen on Google Earth

Chrome OS leaks data to Google before switching on a VPN, says GCHQ

The sexy-named Communications Electronics Security Group (CESG) – the bit of GCHQ that helps Brits protect stuff from foreign spies (never mind Blighty's) – has issued fresh advice for securing BlackBerry OS 10, Android and Chrome OS 32. It also, handily, identifies "significant risks" in the operating systems. The guidelines …
Simon Rockman, 10 Jun 2014
Evil Android

Android VPN redirect vuln now spotted lurking in Kitkat 4.4

Israeli researchers who specialise in ferreting out Android vulns have discovered a new flaw in KitKat 4.4 that allows an attacker to redirect secure VPN traffic to a third-party server. Late in 2013, the Ben Gurion University security researchers first discovered ways to persuade Android to leak data sent using VPN software. …
Evil Android

Israeli Android researchers demo VPN vulnerability

The Ben Gurion University security researchers who tangled with Samsung over its KitKat security implementation have posted a follow-up, in which they demonstrate how a malicious app could bypass some VPN protections in Android. Back in December, the university's Cyber Security Labs stated that Samsung's Knox implementation was …
A boat full of Fail

BT finally admits its Home Hub router scuppers some VPN connections

BT has coughed to a crappy glitch with its Home Hub 3A router that is blocking some VPN connections. However, the one-time state monopoly appears to have taken a long time to acknowledge customer gripes, which have been piling up for weeks. BT said it had taken a while to respond to individual complaints because it was …
Kelly Fiveash, 27 Mar 2014

First Lavabit, now CryptoSeal pulls the plug: VPN service axed

VPN service CryptoSeal has followed Lavabit's example and shuttered its consumer service, saying its CryptoSeal Privacy service architecture would make it impossible to comply with a government order without handing over the crypto keys to its entire system. The company, which will continue offering business services, made the …

Apple pulls VPN app, helps censors' job in China

Apple has come under fire in China for kowtowing to Beijing, after withdrawing an app which allowed users to circumvent the Great Firewall. OpenDoor, which markets itself as a browser and helps users circumvent local internet restrictions like a VPN, was pulled from the Chinese version of iTunes without warning in July, …
Phil Muncaster, 04 Oct 2013
Cloud security

CloudBees straddles firewall with VPN connection

Cloud startup CloudBees has launched a technology that lets customers of the developer-oriented cloud connect their sensitive on-premises resources to the company's cloud via VPN. By building hosted OpenVPN into its infrastructure, the Java cloud has been able to launch the service which it says can assuage security concerns and …
Jack Clark, 23 Sep 2013
Great Wall of China

Japan's free public VPN project tunnels through Great Firewall

Chinese netizens finding it increasingly difficult to bypass the Great Firewall after a recent crackdown on virtual private network (VPN) services have found an unlikely ally in a new public relay VPN service from Japan. The VPN Gate Academic Experiment Project (h/t TechInAsia) was set up by researchers at the Graduate School of …
Phil Muncaster, 12 Mar 2013
The Register breaking news

Mastercard and Visa block payments to Swedish VPN firms

Mastercard and Visa have reportedly put a block on payment processing services for some anonymisation and virtual private network (VPN) services. However, the move appears to be restricted to payments made to five consumer-focused VPN and anonymisation services though a single payment processor in Sweden, rather than a more wide …
John Leyden, 04 Jul 2013
The Register breaking news

Deja vote: Iran blocks VPN use ahead of elections

Iranian authorities have blocked the use of most virtual private network (VPNs) to stop people in the country from circumventing the government's internet filter, three months before the country holds its presidential election. "Within the last few days illegal VPN ports in the country have been blocked," Ramezanali Sobhani-Fard …
BBC logo 2012

Heavy VPN users are probably pirates, says BBC

BBC Worldwide, the commercial arm of the BBC that markets its products around the world, has told Australia's government that heavy users of “IP obfuscation tools” are so suspicious that internet service providers (ISPs) should consider them as likely content pirates. The organisation states that case in a submission (PDF) to …
Simon Sharwood, 09 Sep 2014
Great Wall of China

VPN ban makes for nervy times behind Great Firewall

Multinationals and foreign web users based in China to get jittery on Wednesday after pictures began circling the internet which suggested a new clamp down on the use of virtual private networks (VPNs). While VPNs in the Western world are more commonly used to enhance security, for netizens-in-the-know living in the People’s …
Phil Muncaster, 28 Nov 2012

VPNs are so insecure you might as well wear a KICK ME sign

A team of five researchers from universities in London and Rome have identified that 14 of the top commercial virtual private networks in the world leak IP data. Vasile C. Perta, Marco V. Barbera, and Alessandro Mei of Sapienza University of Rome, together with Gareth Tyson, and Hamed Haddadi of the Queen Mary University of …
Darren Pauli, 30 Jun 2015
Android for cars

Disconnect app maker runs to EU to moan about Android

Privacy app maker Disconnect has filed a formal complaint against Google with the European Commission, adding to the Chocolate Factory’s EU competition woes. “Disconnect charges Google with abusing its dominant market position by banning Disconnect’s app, a revolutionary technology that protects users from invisible tracking and …
Jennifer Baker, 02 Jun 2015
Sorry we're closed

Kiwis to farewell 'global mode' browsing

New Zealand ISPs' experiment with bundled VPN services is over: CallPlus has settled a lawsuit by agreeing to axe its Global Mode service on September 1. The on-again, off-again, on-again service let CallPlus customers get around geoblocks by giving them a US IP address, and the country's TV broadcasters were outraged and …

Hola! TV geo-block botters open bug bounties

Smarting from a barrage of criticism for botting its customers, VPN service Hola is hoping a bug bounty program will restore its security credentials. The VPN service was caught turning its 9.7 million users into Luminati exit-nodes. It advertised this service as using customers who downloaded Luminati's TV geo-block smasher …
Darren Pauli, 02 Jun 2015
The Register breaking news

Consumer VPN service could be popular as regional paywalls go up

Consumer VPN firm AnchorFree is touting mobile data cost saving through compression as well as Wi-Fi security as means to gain more users for its software: buts it's likely that many of its users will be more interested in getting around regional media paywalls - or even national government firewalls. David Gorodyansky, chief …
John Leyden, 05 Nov 2012

OpenVPN plugs DoS hole

OpenVPN has patched a denial-of-service vulnerability which authenticated users could trigger by sending malicious packets. The flaw (CVE-2014-8104) is most hurtful to VPN service providers and was reported by researcher Dragana Damjanovic to OpenVPN last month. Maintainers said in an advisory issued this morning that the flaw …
Darren Pauli, 02 Dec 2014

The content business wants Netflix out of Australia

Debate about copyright and virtual private networks (VPNs) has reached such a pitch in Australia that at least one voice wants a policy that, taken literally, would have the effect of closing down Netflix in this country. I don't mean “stopping Australians from accessing Netflix US via VPNs”, I mean “bye-bye Netflix, go home to …
Great Wall of China

China cracks down further on VPNs as censorship intensifies

China's government is cracking down further on the use of virtual private networks to circumnavigate its Great Firewall, as part of the ongoing game of whack-a-mole between censors and an increasingly tech-savvy population. Charlie Smith, co-founder of the censorship in China monitoring site GreatFire.org, said there has been a …
Kat Hall, 03 Jun 2015
BlackBerry Classic QWERTY key smartphone

Have it all: BlackBerry to port crown jewels to iPhone, Android

MWC 2015 At Mobile World Congress, BlackBerry said it will port key client platform features – like its soft keyboard, Universal Search and Hub – to iPhone and Android, and also throw them into its enterprise software bundles. It marks a huge leap along BlackBerry’s transition to a software services company – but CEO John Chen denied the …
Andrew Orlowski, 02 Mar 2015
Compressed version of Log Jam

'Logjam' crypto bug could be how the NSA cracked VPNs

Updated A team led by Johns Hopkins crypto researcher Matthew Green* thinks they might have an explanation for how the NSA attacked VPN services: flaws in how TLS implements Diffie-Hellman crytography. In what's bound to be the next big branded bug, Green says servers that support 512-key “export-grade” Diffie-Hellman (DH) can be forced …
Suitcase bulging with cash

CloudFlare slurps CryptoSeal

CryptoSeal, which got itself out of the consumer VPN business last year to sidestep the fate of Lavabit, have been snapped up by CloudFlare. The Y Combinator-funded operation shuttered its consumer VPN service because it said complying with a government demand for an individual's data could only be met if it handed over the keys …

Court flushes VirnetX's $368m check from Apple down the toilet

A US court has dashed a $368m windfall for technology hoarder VirnetX, which successfully sued Apple for patent infringement. The Federal Circuit Court of Appeals in Washington today tore up [PDF] the infringement damages figure given by a jury in a lower court – and sent the case back for reconsideration. A jury in the Eastern …
Shaun Nichols, 16 Sep 2014
Picard Facepalm

Wind turbine blown away by control system vulnerability

It had to happen, we suppose: since even a utility-grade wind turbine might ship with a handy Webby control interface, someone was bound to do it badly. That's what's emerged in a new ICS-CERT advisory: CVE-2015-0985 details how turbines from US manufacturer XZERES allow the user name and password to be retrieved from the …

Tor de farce: NSA fails to decrypt anonymised network

A new round of NSA documents snatched by master blabbermouth Edward Snowden appeared online late on Sunday, revealing spooks' internet security pet hates. The latest dump of PDFs published by Der Spiegel appeared to show what the Five Eyes surveillance buddies – the USA, the UK, Australia, Canada and New Zealand – see as …
Kelly Fiveash, 29 Dec 2014

Blackhats exploiting MacKeeper hole to foist dangerous trojan

Last month's MacKeeper vulnerability is now being exploited in the wild to hijack Apple machines, according to BAE security researcher Sergei Shevchenko. The hacker says criminals are using social engineering to trick users into installing malware capable of exfiltrating data using a then zero-day vulnerability in the notorious …
Darren Pauli, 16 Jun 2015
China censorship

China demands real names online, bans parody accounts and news article comments

From March 1, people in China must reveal their real names before they can join social networks and use other websites – or face cyber-exile. The ban on pseudonyms, plus the removal of reader comments from web articles, is a further crackdown on privacy and freedom of speech in the Middle Kingdom. According to the Cyberspace …
Iain Thomson, 04 Feb 2015
snowden SXSW

Snowden tells tech bigwigs: It's up to you to thwart mass surveillance

SXSW 2015 In a quietly arranged Q&A session at South by Southwest (SXSW) on Sunday morning, Edward Snowden told about thirty influential people from the tech world that the onus for thwarting mass surveillance was falling to them. Snowden had previously spoken at SXSW with the American Civil Liberties Union, explaining to attendees the “ …

Insert 'Skeleton Key', unlock Microsoft Active Directory. Simples – hackers

Miscreants have forged a strain of malware which is capable of bypassing authentication on Microsoft Active Directory (AD) systems. Hackers can use arbitrary passwords to authenticate as any corporate user, Dell SecureWorks warns. The malware, dubbed Skeleton Key, is deployed as an in-memory patch on a victim’s AD domain …
John Leyden, 13 Jan 2015
Clouds in blue sky

Juniper, Amdocs show off vCPE

MWC 2015 Juniper Networks has placed both feet under the Network Function Virtualisation, using Mobile World Congress as the venue to demonstrate virtual customer premises equipment (vCPE). The solution it demonstrated in conjunction with Amdocs is based on the virtualised version of its MX router, first announced in November 2014, and a …

Google offers cheap and easy network hookups with Cloud Interconnect

Google has unveiled Google Cloud Interconnect, a new set of networking options designed to make cloud customers' connections to Google's data centers more reliable and secure. At the Google Cloud Platform Live event in San Francisco, Google cloud product director Greg DeMichille said the Chocolate Factory will offer three …
Neil McAllister, 05 Nov 2014
Google_Avere_Cloud_Chocolate

Avere cuddles Google, continues with Amazon. Label that under ‘It's complicated’

It's double your dates time: Avere has evolved its FXT front-end filer accelerator into a cloud storage gateway, first with Amazon and now with Google. On-premises workloads and data sets can be pumped out from an on-premises NAS array through the FXT Edge Filer to Google's Cloud Platform. The Chocolate Factory has been adding …
Chris Mellor, 15 Apr 2015
Doctor Nick Riviera

Surgery-bot can be hacked to HACK YOU TO PIECES

Surgical robot makers are just as good at security as the rest of the world - ie, hopeless - according to University of Washington infosec boffins. The researchers targeted a product of their own university's research, a telesurgery unit called the Raven II, and among other things found an exploitable safety mechanism in the …
Clouds in blue sky

OpenDaylight and friends spin up 'CloudRouter Project'

Another day, another waft at the software-defined networking (SDN) and/or network function virtualisation (NFV) market, this time in the form of the new “CloudRouter Project” backed by CloudBees, Cloudius Systems, IIX, NGINX and OpenDaylight. The latter you probably know – it's the Linux Foundation's effort to create a standard …
Simon Sharwood, 01 Apr 2015

Cisco okayed for UK government comms

Cisco has had a bunch of products certified as secure by the GCHQ's information security arm, the Communications & Electronics Security Group (CESG). The certification only covers the products to handle information up to the UK government's “Official” classification – that is, most government information. However, as the …
hacker

Penn State University network sacked by China malware blitz

Penn State University has had to take networks in its school of engineering offline after falling victim to a malware attack traced partially to China. Acting on an FBI tip, the school found that PCs on the network of its College of Engineering were infected with malware that appeared to be trying to harvest research data and …
Shaun Nichols, 15 May 2015
Microsoft_EOS

The Great Windows Server 2003 migration: Where do we go from here?

We all have to move away from Server 2003 before it turns into a pumpkin in July, but there are so many options out there that choosing the destination for our data and workloads can be a little overwhelming. What your workloads are will play a big part in determining which operating system you can upgrade to. The details of …
Trevor Pott, 30 Jun 2015
network_rail_hst_test_train_cropped

Industry infighting means mobile users face long delays on UK trains

Comment Mobile coverage on trains is rubbish, Wi-Fi isn’t much better and battles between companies offering the services are not going to make it much better. A plan to offer fibre running down the side of the tracks, which would have given great Wi-Fi coverage, has been abandoned, despite Network Rail’s 2013 technical strategy review …
Simon Rockman, 23 Apr 2015