Apple fixes wireless-based remote code execution flaw in iOS

Apple released an iOS update Monday to fix a serious vulnerability that could allow attackers to remotely execute malicious code on the Broadcom Wi-Fi chips used in iPhones, iPads, and iPods.The vulnerability is a stack buffer overflow in the feature that handles authentication responses for the fast BSS transition feature of the 802.11r protocol, also known as fast roaming. This feature allows devices to move easily and securely between different wireless base stations in the same domain.Hackers can exploit the flaw to execute code in the context of the Wi-Fi chip's firmware if they're within the wireless range of the targeted devices.The issue is one of several flaws found by Google Project Zero researcher Gal Beniamini in the firmware of Broadcom Wi-Fi chips. Some of these vulnerabilities also affect Android devices and have been patched as part of Android's April security bulletin.To read this article in full or to leave a comment, please click here

Open source routing project gets a vital technology infusion

Open source networking proponents have uncorked an updated routing protocol project designed to give white box, virtualized environments of all sizes fast and reliable communications.The project, now called the Free Range Routing (FRR) offers a full-on IP routing protocol suite for Linux/Unix platforms and includes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP. The FRR groupsays that the technology’s integration with the native Linux/Unix IP networking stacksmakes it applicable to a wide variety of applications from connectinghosts/virtual machines/containers to the network, advertising network services, LAN switching and routing, Internet access routers, and Internet peering.To read this article in full or to leave a comment, please click here

Clean up your desk space with cool MacBook Pro docking station

I use a MacBook Pro as my main notebook for work, and when I’m in my cubicle I like to connect things like an additional monitor, storage drives and peripherals like a larger keyboard and wireless mouse. The best way to do this is with a docking station, but the last one I used required that I also prop up some books to rest the notebook on to create the dual-display effect I was looking for.A much sleeker system comes from Henge Docks, which sent me its new automated docking station. The company makes two horizontal docks for MacBook Pro owners – one for MacBooks that have the Retina display ($399 introductory price, available for 13-inch and 15-inch models), and one for the new MacBook Pro (pre-order, coming soon). The dock features a metal chassis and 13 expansion ports (two audio ports, SD Card Reader, HDMI, six USB 3.0, power port, Ethernet, Thunderbolt 2 and mini display port). The slim profile of the dock makes for a much cleaner desktop look and feel.To read this article in full or to leave a comment, please click here

37% off LifeStraw Personal Water Filter – Deal Alert

Having a LifeStraw Personal Water Filter at hand provides access to clean, safe drinking water whenever needed.  Weighing only 2 oz. (54g), LifeStraw is the perfect water filter for hiking and camping. LifeStraw uses advanced 0.2 micron hollow fiber membrane technology.  This highly efficient method of filtration requires no chemicals, batteries, or moving parts and can be easily backflushed to clean the filter. Perfect for a vehicle or home emergency kit.  The LifeStraw averages 4.7 out of 5 stars from over 5,200 people (read reviews). Its typical list price of $20 has been reduced 37% to $12.50.To read this article in full or to leave a comment, please click here

On the ‘net: CAP and SDN

The CAP theorem essentially states that consistency, accessibility, and portioning are three sides of a tradeoff triangle. Much like quick, cheap, and quality; or state, optimization, and surface; CAP posits that you can choose “two out of three.” To illustrate, it is often helpful to consider a database in various stages of being partitioned, and consider the impact on consistency and accessibility, the other two sides of the triangle. The figure below will be used as a reference. —ECI

The post On the ‘net: CAP and SDN appeared first on 'net work.

Politicians’ web browsing history targeted after privacy vote

Two GoFundMe campaigns have raised more than US$290,000 in an effort to buy the web browsing histories of U.S. politicians after Congress voted to allow broadband providers to sell customers' personal information without their permission.It's unclear if those efforts will succeed, however. Even though Congress scrapped the FCC's ISP privacy rules last week, the Telecommunications Act still prohibits telecom providers from selling personally identifiable information in many cases. To read this article in full or to leave a comment, please click here

Politicians’ web browsing history targeted after privacy vote

Two GoFundMe campaigns have raised more than US$290,000 in an effort to buy the web browsing histories of U.S. politicians after Congress voted to allow broadband providers to sell customers' personal information without their permission.It's unclear if those efforts will succeed, however. Even though Congress scrapped the FCC's ISP privacy rules last week, the Telecommunications Act still prohibits telecom providers from selling personally identifiable information in many cases. To read this article in full or to leave a comment, please click here

Google’s Espresso networking tech takes SD-WAN to internet scale

Google is working to accelerate the performance of its applications over the internet by building out a software-defined network at broad scale. On Tuesday, the company announced Espresso, a system that provides increased network performance to users of the company’s applications.It works by applying software-defined networking to the edge of the tech titan’s network, where Google connects to the peer networks of other internet service providers. Rather than rely on individual routers to figure out the best way to direct internet traffic, Espresso hands that responsibility off to servers running in the data centers Google operates at the edge of its network.To read this article in full or to leave a comment, please click here

Google’s Espresso networking tech takes SD-WAN to internet scale

Google is working to accelerate the performance of its applications over the internet by building out a software-defined network at broad scale. On Tuesday, the company announced Espresso, a system that provides increased network performance to users of the company’s applications.It works by applying software-defined networking to the edge of the tech titan’s network, where Google connects to the peer networks of other internet service providers. Rather than rely on individual routers to figure out the best way to direct internet traffic, Espresso hands that responsibility off to servers running in the data centers Google operates at the edge of its network.To read this article in full or to leave a comment, please click here

A free decryption tool is now available for all Bart ransomware versions

Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.The Bart ransomware appeared back in June and stood out because it locked victims' files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.To read this article in full or to leave a comment, please click here

A free decryption tool is now available for all Bart ransomware versions

Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.The Bart ransomware appeared back in June and stood out because it locked victims' files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.To read this article in full or to leave a comment, please click here

Research: The Security Impact of HTTPS Interception

The use of TLS interception by outbound proxy servers is causing serious problems in updating the TLS standard to Version 1.3.

At the same time, middlebox and antivirus products increasingly intercept (i.e., terminate and re-initiate) HTTPS connections in an attempt to detect and block malicious content that uses the protocol to avoid inspection . Previous work has found that some specific HTTPS interception products dramatically reduce connection security ; however, the broader security impact of such interception remains unclear. In this paper, we conduct the first comprehensive study of HTTPS interception in the wild, quantifying both its prevalence in traffic to major services and its effects on real-world security.

This is the same problem that middleboxes cause anywhere on the Internet – Firewalls, NAT gateways, Inspection, QOS, DPI. Because these complex devices are rarely updated and hard to maintain, they create failures in new protocols. IPv6 rollout has been slowed by difficult upgrades. The same problem is happening with TLS. Its undesirable to fall back to insecure TLS standards that “work” but are insecure.

The EtherealMind View

The business need for proxy servers or protocol interception is for a small range of activities

  1. Scan Internet content for malware Continue reading

Privacy rollback can cause headaches for corporate security pros

Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company’s services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here

Privacy rollback can cause headaches for corporate security pros

Corporate security pros can add a new task to their busy days: handling panicky employees worried about privacy who are using the onion router (Tor) browser as a way to protect their online activity.That practice translates into additional security alerts that require time-consuming manual sorting to determine whether the persons behind Tor sessions are friend or foe, says George Gerchow, vice president of security and compliance at Sumo Logic.Ever since congressional action started a few weeks ago to roll back privacy regulations governing ISPs, Gerchow says has seen a dramatic increase in the use of Tor for accessing his company’s services, meaning security analysts have to check out whether the encrypted, anonymized traffic coming through Tor is from a legitimate user.To read this article in full or to leave a comment, please click here

Docker Gives Back at DockerCon

Docker is actively working to improve opportunities for women and underrepresented minorities throughout the global ecosystem and promote diversity and inclusion in the larger tech community.

For instance, at DockerCon 2016, attendees contributed to a scholarship program through the Bump Up Challenge unlocking funds towards full-tuition scholarships for three applicants to attend Hack Reactor. We selected two recipients in 2016 and are excited to announce our third recipient, Tabitha Hsia, who is already in her first week of the program.

In her own words:

“My naDocker Scholarshipme is Tabitha Hsia. I grew up in the East Bay. I come from an art-focused family with my sister being a professional cellist, my mother being a professional pianist, and my great grandfather being a famous Taiwanese painter. I chose Hack Reactor because of their impressive student outcomes and their weekly schedule. Already in my first week, I have learned a ton of information from lectures and their wealth of resources. I have enjoyed pair programming the most so far. While the lectures expose me to new topics, applying the topics to actual problems has deepened my understanding the most. After graduation, my long-term goal is to become a virtual reality developer. Seeing Continue reading

1 2,172 2,173 2,174 2,175 2,176 3,841