Feeds

Articles about Vpn

Evil Android

Android VPN redirect vuln now spotted lurking in Kitkat 4.4

Israeli researchers who specialise in ferreting out Android vulns have discovered a new flaw in KitKat 4.4 that allows an attacker to redirect secure VPN traffic to a third-party server. Late in 2013, the Ben Gurion University security researchers first discovered ways to persuade Android to leak data sent using VPN software. …
Evil Android

Israeli Android researchers demo VPN vulnerability

The Ben Gurion University security researchers who tangled with Samsung over its KitKat security implementation have posted a follow-up, in which they demonstrate how a malicious app could bypass some VPN protections in Android. Back in December, the university's Cyber Security Labs stated that Samsung's Knox implementation was …
A boat full of Fail

BT finally admits its Home Hub router scuppers some VPN connections

BT has coughed to a crappy glitch with its Home Hub 3A router that is blocking some VPN connections. However, the one-time state monopoly appears to have taken a long time to acknowledge customer gripes, which have been piling up for weeks. BT said it had taken a while to respond to individual complaints because it was …
Kelly Fiveash, 27 Mar 2014

First Lavabit, now CryptoSeal pulls the plug: VPN service axed

VPN service CryptoSeal has followed Lavabit's example and shuttered its consumer service, saying its CryptoSeal Privacy service architecture would make it impossible to comply with a government order without handing over the crypto keys to its entire system. The company, which will continue offering business services, made the …

Apple pulls VPN app, helps censors' job in China

Apple has come under fire in China for kowtowing to Beijing, after withdrawing an app which allowed users to circumvent the Great Firewall. OpenDoor, which markets itself as a browser and helps users circumvent local internet restrictions like a VPN, was pulled from the Chinese version of iTunes without warning in July, …
Phil Muncaster, 04 Oct 2013
Cloud security

CloudBees straddles firewall with VPN connection

Cloud startup CloudBees has launched a technology that lets customers of the developer-oriented cloud connect their sensitive on-premises resources to the company's cloud via VPN. By building hosted OpenVPN into its infrastructure, the Java cloud has been able to launch the service which it says can assuage security concerns and …
Jack Clark, 23 Sep 2013
The Register breaking news

Mastercard and Visa block payments to Swedish VPN firms

Mastercard and Visa have reportedly put a block on payment processing services for some anonymisation and virtual private network (VPN) services. However, the move appears to be restricted to payments made to five consumer-focused VPN and anonymisation services though a single payment processor in Sweden, rather than a more wide …
John Leyden, 04 Jul 2013
Great Wall of China

Japan's free public VPN project tunnels through Great Firewall

Chinese netizens finding it increasingly difficult to bypass the Great Firewall after a recent crackdown on virtual private network (VPN) services have found an unlikely ally in a new public relay VPN service from Japan. The VPN Gate Academic Experiment Project (h/t TechInAsia) was set up by researchers at the Graduate School of …
Phil Muncaster, 12 Mar 2013
The Register breaking news

Deja vote: Iran blocks VPN use ahead of elections

Iranian authorities have blocked the use of most virtual private network (VPNs) to stop people in the country from circumventing the government's internet filter, three months before the country holds its presidential election. "Within the last few days illegal VPN ports in the country have been blocked," Ramezanali Sobhani-Fard …
Great Wall of China

VPN ban makes for nervy times behind Great Firewall

Multinationals and foreign web users based in China to get jittery on Wednesday after pictures began circling the internet which suggested a new clamp down on the use of virtual private networks (VPNs). While VPNs in the Western world are more commonly used to enhance security, for netizens-in-the-know living in the People’s …
Phil Muncaster, 28 Nov 2012
The Register breaking news

Consumer VPN service could be popular as regional paywalls go up

Consumer VPN firm AnchorFree is touting mobile data cost saving through compression as well as Wi-Fi security as means to gain more users for its software: buts it's likely that many of its users will be more interested in getting around regional media paywalls - or even national government firewalls. David Gorodyansky, chief …
John Leyden, 05 Nov 2012
Great Wall of China

Communist party boss blames Kunming knife attack on VPNs

The Communist Party’s chief official in western China’s Xinjiang region has blamed online videos and virtual private networks (VPNs) for the knife attack at Kunming station last week that left 29 dead and dozens injured. Speaking during a meeting at the annual National People’s Congress in Beijing last week, Zhang Chunxian …
Phil Muncaster, 10 Mar 2014
Cables

Microsoft's Azure cloud LASHED by BT's private cables

Microsoft's Azure cloud is being hooked into BT's private fibre cables giving security-focused organizations another way to access Microsoft's technology. Redmond announced the addition of BT to its "Azure ExpressRoute" service on Wednesday against a background of worry as panicked internet companies, including Azure-rival …
Jack Clark, 09 Apr 2014

Indian internet tunnelers trump Chinese web deniers

Asia accounts for four of the world’s top five VPN-using countries, although Indian netizens are more likely to hide their location than those in China, according to new research. Out of 28 per cent of global users who tunnel through the internet, only one fifth do so because they don’t want to be spotted by government snoopers …
Phil Muncaster, 07 Feb 2014
Troll in cross hairs

Cisco asks court to bin Rockstar patents

Cisco has thrown on the armour and couched the lance to defend itself and its customers from the zombie Nortel patent lawsuits. The Nortel patent portfolio, bought by the Rockstar Consortium and since partly spun out to subsidiaries Bockstar and Constellation (yes, these are the real names), has been the basis for an ongoing …
Wi-Fi 802.11n

Euro cops on free Wi-Fi not-so-hotspots: For pity's sake, don't use them for email

Using free Wi-Fi hotspots poses a data risk to users, the boss of European police agency Europol warns. Troels Oerting, head of Europol's cybercrime centre, told BBC Click that growing number of attacks are being carried out via public Wi-Fi and that people should send personal data only across trusted networks. "We have seen …
John Leyden, 10 Mar 2014

No anon pr0n for you: BT's network-level 'smut' filters will catch proxy servers too

BT's new network-level nudie no-no filter system will block access to sites promoting proxies and anonymisers, The Register has learned. However, the one-time national telco has insisted that it won't choke VPN connections over its network now that its Parental Controls service, using DNS lookup technology, is in place. On …
Kelly Fiveash, 17 Dec 2013
The Blue Mosque in Istanbul

Rule of law: Turkish court nixes government Twitter ban ... for now

A court in Turkey's capital has ordered the lifting of the government ban on Twitter in the restless nation. The administrative court in Ankara overturned the week-long ban on Wednesday in response to complaints by journalists’ unions and the country's Bar Association, representing its lawyers, that blocking Twitter contravened …
John Leyden, 27 Mar 2014

Vodafone Germany looks to provide end-to-end encryption with SIM signatures

German SIM card manufacturer G&D has announced that it will be supplying Vodafone Germany with an end-to-end security system based on the phone SIM. Emails, documents and VPN connections are signed and encrypted by the SIM so that the user doesn’t have to enter a password or use a security token. The service will not be offered …
Simon Rockman, 11 Mar 2014
Monk piece of string

Microsoft taps up Level 3, Equinix, AT&T for direct Azure Cloud lines

Cloud computing is all well and good but it's hopeless if the network connection between the customer and the data center is useless, so Microsoft has followed in Amazon's footsteps by fixing this weakness. Redmond's new ExpressRoute service, announced in a blog post on Thursday, will offer dedicated connections to the Windows …
Jack Clark, 21 Feb 2014
The Raspberry Pi

Raspberry Pi puts holes in China's Great Firewall

A tech-savvy China-based Redditor has spotted a hassle-free way of ensuring he or she is always able to bypass the Great Firewall, even when out and about, using the Raspberry Pi to connect to a virtual private network (VPN). VPNs are a necessity for foreigners living in the People’s Republic who want to access sites prohibited …
Phil Muncaster, 29 May 2013
The Register breaking news

China 'enhances' Great Firewall, teaches it to choke off VPNs

China has tightened the screws on its infamous web-filtering system, according to virtual private network providers. The Great Firewall of China has been enhanced to "learn, discover and block" encrypted VPN protocols. Machine learning algorithms have been applied to carry out encrypted traffic analysis, something advocated by …
John Leyden, 21 Dec 2012
homeless man with sign

The Register primer on MPLS IP VPN

Multi-protocol Label Switching (MPLS) based virtual private networks (VPNs) have emerged as an affordable option for connecting medium-sized multi-site organisations. Very briefly, MPLS allows for much larger packets to be transferred with far less overhead than older standards such as Asynchronous Transfer Mode (ATM) and Frame …
Team Register, 22 Sep 2009
Smartphone user on Tube

Opera launches public beta of data-saving app

Norwegian browser-maker Opera Software has announced a limited public beta of Opera Max – a new app designed to let users get more out of limited data plans. Opera has offered "off-road mode" in its browser for a while now, with the feature promising to reduce the amount of data consumed by the application. Last year turned that …
Phil Muncaster, 19 Feb 2014
padlock

Java bug burns Borg

Cisco has asked users of its Secure Access Control System 5.5 or lower to implement an urgent patch, as it has spotted several problems with its RMI implementation. There are three independent bugs: one privilege escalation vuln (CVE ID CVE-2014-0649, here), an unauthenticated user access vulnerability (CVE 2014-0648 here), and …

Microsoft hooks up with AT&T, gazes into YOUR data center

Microsoft and AT&T have announced a strategic alliance that should let punters shift workloads from their data center into AT&T's cloud and then into Windows Azure. The unnamed service is due to launch in 2014, and was announced by Microsoft in a fluffy blog post on Wednesday. The technology lets people "access Windows Azure as …
Jack Clark, 20 Sep 2013
channel

Cisco rolls out mobile VPN trifecta

It was back in October that Cisco first revealed its latest corporate vision to mush a whole bunch of enterprise Web 2.0-ish concepts into what it calls the new "borderless networks" architecture. It's something to do with combining in-house network kit and cloud-based technology to deliver services and applications to anyone, …
Austin Modine, 02 Mar 2010
DNS? It's a real bind

DNS poisoning slams web traffic from millions in China into the wrong hole

A widespread DNS outage hit China on Tuesday‪, leaving millions of surfers adrift.‬ DNS issues in China between 7am and 9am GMT left millions of domains inaccessible. Two-thirds of China’s DNS (Domain Name System) infrastructure was blighted by the incident, which stemmed from a cache poisoning attack. Chinese netizens were …
John Leyden, 21 Jan 2014

Reports: NSA has compromised most internet encryption

The NSA and the GCHQ have compromised much encryption used on the internet through a potent mix of technological theft, spycraft, and collaboration with major technology companies, according to new reports. In a series of news articles that highlight how the code-breaking crypto-fiddling agencies NSA and GCHQ are doing their job …
Jack Clark, 05 Sep 2013
Murchison Widefield Array telescope installation

Juniper bags AARNet fatter pipes and SDN

Juniper has given an elbow to Cisco's ribs down under, nabbing a key AARNet upgrade contract in the long-time Borg-friendly network. The research network, whose history stretches back to the very beginnings of the Internet in Australia, is currently planning its AARNet 4 upgrade, which will deliver a 30-fold expansion in …

Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed

All over the world, systems administrators are scrambling to fix the OpenSSL “Heartbleed” bug. At the same time, certificate sellers are preparing rub currency all over their bodies as Web admins virtually swipe the corporate Amex to revoke and renew their certs. OpenSSL's history reaches back to Eric Young's SSLeay. While it …

Infosec bod reports ONGOING ATTACK at RSA securo-confab

Problems logging into VPN networks left delegates even more twitchy than normal at the RSA Conference Europe this week. The conference, staged in London, for the previous six years, has moved to Amsterdam and the massive RAI Conference venue this year. The venue also stages the Cropworld conference, which attracted a group of …
John Leyden, 31 Oct 2013

BlackBerry BES: Hey, biz bod, fancy an upgrade on that RIM job... for FREE?

BlackBerry’s Annus horribilis, which has seen the company bombed out of the consumer market has an upside for enterprise users. So keen is the company formerly known as RIM to get its installed BES 5 base onto its new, BYOD-friendly BES 10, it has waived the upgrade fees. Customers who already have a BlackBerry support contract …
Andrew Orlowski, 12 Dec 2013
The new Twitter logo. Pic: Twitter

Turkey's farcical Twitter ban leads to SPIKE in tweets

The volume of messages sent Turkish Twitter users may have grown by over 130 per cent as users turn to a range of workarounds to circumvent a government banimposed late last week The ban initially appeared to come in the form of a DNS redirect from the country’s ISPs. This took users to a statement explaining that Twitter is …
Phil Muncaster, 24 Mar 2014

Big Content wants Aussies blocked from Netflix

Australia's television rights-holders are increasingly agitating against locals accessing Netflix by presenting apparently-US IP addresses to the streaming service. In short order, Quickflix (which has been working for some time to sign up local ISPs to carry its content) and TV broadcasters have been taking their case to …
The Register breaking news

OpenDNS plots expansion with new funding

OpenDNS is plotting an expansion both to its global presence and to the services it offers, with the appointment of former Juniper EVP Stefan Dyckerhoff joins as a member of the OpenDNS board, bringing with him an unspecified slab of funding under his Sutter Hill Ventures fund. OpenDNS says the funding and management expertise …
Nathan Corum, David de Rothschild and Jo Royle

Prepare your data centre to face the future

When you are trying to persuade your company to spend a pile of cash on a new installation, you can be certain it will want to be sure the installation can support the business for the coming years. Given that the average technology crystal ball is cloudy at best, how do you evolve your data centre while protecting against a …
Dave Cartwright, 18 Mar 2014
The Register breaking news

Security audit finds dev OUTSOURCED his JOB to China to goof off at work

A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet. The firm's telecommunications supplier Verizon was called in after the company set up a basic VPN system with …
Iain Thomson, 16 Jan 2013

IT bods: How long does it take YOU to train up on new tech?

I’m a big fan of data networking blogger Greg Ferro, who writes under the moniker Etherealmind. Greg and I are really on the same page with regards to work/life balance but his latest thoughts on that topic struck a chord with me. Drawn from his latest blog post, the key part says: Why am I focused on work life ? After 25 or so …
Chris Mellor, 09 Apr 2014
Angry woman on mobile

PGP wiz Phil Zimmermann and pals tout anti-snoop mobe – the Blackphone

A smartphone that tries to thwart eavesdroppers will be launched this summer by Spanish smartphone maker Geeksphone and Silent Circle – the secure chat firm started by the inventors of PGP encryption. Dubbed Blackphone, and featured in the video above, the handset runs a hardened version of Android called PrivatOS that has …
Iain Thomson, 15 Jan 2014
For Sale sign detail

Cisco ships Mexican drug runner music on VPN CD

A sysadmin looking to set up a VPN network was surprised to discover that a Cisco installation CD contained Mexican music instead of security software. Cisco has acknowledged the issue and said that affected customers will be offered replacement CDs. Instead of the intended software, some CDs shipped to Cisco customers featured …
John Leyden, 09 Oct 2008

Forget ski-jumping – Russians setting records in Sochi visitor hacking

It isn't just athletes that have been training hard for the Winter Olympics in Sochi; Russian hackers have also been sharpening their skills to harvest a wealth of valuable data from visitors to the event. But they're not as fast as some of the more excitable reports from the troubled event are telling it. "The State Department …
Iain Thomson, 05 Feb 2014

BT-owned ISP Plusnet fails to plug security hole on its customer signup page

Sheffield-based telco Plusnet isn't doing any of its new customers "proud" right now, after an anonymous source told The Register that the company was currently transmitting personal details over an unencrypted web page. The firm, which is owned by telecom giant BT, is asking interested subscribers to fill in a form online that …
Kelly Fiveash, 22 Jan 2014
The Register breaking news

Military-industrial patent troll demands BEEELLIONS from Cisco

Emboldened by a win against Apple that was upheld last February, VirnetX – inventor of key VPN technologies or a patent troll, depending on your point of view and understanding of its patents – has now taken up cudgels against Cisco. In a hearing in front of a Federal jury over a complaint first filed in 2010, VirnetX has said …
Azure Index

Get your mitts greasy with FREE hands-on Windows Azure training

On 10 October at 11am BST, The Register is broadcasting a live, hands-on training session on Windows Azure that you can enjoy for free from the comfort of your own chair. The session will introduce and demonstrate how to get started with Windows Azure, giving an overview of its key features – particularly its recently released …
David Gordon, 02 Oct 2013

Live Reg TV: Windows Azure on your terms

On October 10 at 11:00 BST,we’re broadcasting a live, hands-on training session on Windows Azure that you can enjoy for free from the comfort of your own chair. The session will show how to get started with Windows Azure, and gives an overview of its key features – particularly the recently released Infrastructure-as-a-Service …
David Gordon, 18 Sep 2013

Not just websites hit by OpenSSL's Heartbleed – PCs, phones and more under threat

While most of the buzz surrounding OpenSSL's Heartbleed vulnerability has focussed on websites and other servers, the SANS Institute reminds us that software running on PCs, tablets and more is just as potentially vulnerable. Institute analyst Jake Williams said the data-leaking bug “is much scarier” than the gotofail in Apple's …
The Register breaking news

The Pirate Bay's new censorship-dodging browser 'not secure'

The Pirate Bay has released a bundle of add-ons to help people search for and access bits of the internet that governments and ISPs have locked away. The only hitch is: despite the fact that it contains a Tor client, security experts have said that it doesn't completely anonymise internet traffic. This has raised concerns about …
Jasper Hamill, 12 Aug 2013
Design for the  Orp 1 secure router

NSA-busting secure, open, router seeks cash and code from crowd

Australian embedded systems designer Redfish is hoping to attract funding from the crowd to market a secure routing platform that open-sources both the hardware and software to protect users from unwanted snooping. Speaking to The Register ahead of the launch, Redfish managing director Justin Clacherty said the project is …
photo by phylevn/ licensed under http://creativecommons.org/licenses/by/2.0/

Crack our 'military-grade' email encryption and we'll give you 5% of our firm

Vulnerability testing is commonplace these days, and a lucrative business for some, but a Hungarian biz is offering an unusual prize for anyone who manages to crack its email encryption system – a five per cent stake in the company. The upstart, MySecureZone, has spent the last 22 months potting together a browser-based …
Iain Thomson, 05 Nov 2013