Some notes on SuperFish

What's the big deal?

Lenovo, a huge maker of laptops, bundles software on laptops for the consumer market (it doesn't for business laptops). Much of this software is from vendors who pay Lenovo to be included. Such software is usually limited versions, hoping users will pay to upgrade. Other software is add supported. Some software, such as the notorious "Ask.com Toolbar", hijacks the browser to display advertisements.

Such software is usually bad, especially the ad-supported software, but the SuperFish software is particularly bad. It's designed to intercept all encrypted connections, things is shouldn't be able to see. It does this in a poor way that it leaves the system open to hackers or NSA-style spies.

Marc Rogers has a post where he points out that what the software does is hijack your connections, monitors them, collects personal information, injects advertising into legitimate pages, and causes popup advertisement.

What's the technical detail?

It does two things. The first is that SuperFish installs a transparent-proxy (MitM) service on the computer intercepting browser connections. I don't know the details of exactly how they do this, but Windows provides easy hooks for such interception.

But such interception still cannot decrypt SSL. Therefore, SuperFish Continue reading

MPLS VPN and DMVPN Design Challenge

MPLS VPN is used mostly as primary connectivity and DMVPN as a backup in the small medium business. You might see in some cases DMVPN is the only the circuit between remote offices and the datacenter/HQ, or for some applications MPLS VPN might be the primary,DMVPN for the others. As an example high throughput, high… Read More »

The post MPLS VPN and DMVPN Design Challenge appeared first on Network Design and Architecture.

Google worried US could use amended warrant rule to search computers abroad

Google has opposed moves by the U.S. Department of Justice to extend the warrant issuing authority of magistrate judges to searches of computers in districts other than their own.Innocuous as that may sound, Google is concerned that the proposed amendment would likely end up being used by U.S. law enforcement to directly search computers and devices anywhere in the world.There is nothing in the proposed change to the Federal Rule of Criminal Procedure 41 that would prevent access to computers and devices worldwide, wrote Richard Salgado, Google’s legal director for law enforcement and information security, in a blog post Wednesday.To read this article in full or to leave a comment, please click here

Swedish man pleads guilty to peddling Blackshades malware

A Swedish man pleaded guilty Wednesday to peddling one of the most prevalent spying programs called Blackshades that was widely used by the criminal underground.Alex Yucel, 24, pleaded guilty to one count of distributing malicious software. He could face a maximum of 10 years in prison, the U.S. Attorney’s Office for the Southern District of New York said. He is expected to be sentenced on May 22.BlackShades, a remote access trojan, was marketed by its developers as a program for legitimate computer monitoring but was mostly used for stealing payment card data, recording a computer’s keystrokes and secretly controlling webcams. It was sold for between US$40 to $100.To read this article in full or to leave a comment, please click here

Tens of thousands of home routers at risk with duplicate SSH keys

A setup mistake has apparently left hundreds of thousands of home routers running the SSH (Secure Shell) remote access tool with identical private and public keys.John Matherly used Shodan, a specialized search engine for querying Internet-connected devices, and found more than 250,000 devices that appear to be deployed by Telefónica de España sharing the same public SSH key.+ ON THE LIGHTER SIDE: Most Memorable Saturday Night Live Techie Skits & Bits +Matherly, who founded Shodan, performed the search after someone posted a shorter version of a public key—called a fingerprint—for their device.To read this article in full or to leave a comment, please click here

Mobile networks limber up for the Internet of Things

Changes starting to take place behind the scenes in mobile networks may eventually pay dividends to anyone with a smartphone, a connected refrigerator or an IT department.Carriers have done things pretty much the same way for years, with cellular base stations at the edge of their networks feeding into a series of specialized appliances at central facilities. Now they’re virtualizing those networks in several ways, seeking the same rewards that enterprises have reaped by virtualizing data centers: efficiency and flexibility. The trend will be in full swing at Mobile World Congress in Barcelona next month.It’s good news for mobile users that they may not hear much about. A more efficient network leaves more free capacity for the video or application you want to run, and a more flexible carrier could quickly launch services in the future that you don’t even know you’ll need yet. The new architectures may even change how some businesses pay for mobile services.To read this article in full or to leave a comment, please click here

Mobile networks limber up for the Internet of Things

Changes starting to take place behind the scenes in mobile networks may eventually pay dividends to anyone with a smartphone, a connected refrigerator or an IT department.Carriers have done things pretty much the same way for years, with cellular base stations at the edge of their networks feeding into a series of specialized appliances at central facilities. Now they’re virtualizing those networks in several ways, seeking the same rewards that enterprises have reaped by virtualizing data centers: efficiency and flexibility. The trend will be in full swing at Mobile World Congress in Barcelona next month.It’s good news for mobile users that they may not hear much about. A more efficient network leaves more free capacity for the video or application you want to run, and a more flexible carrier could quickly launch services in the future that you don’t even know you’ll need yet. The new architectures may even change how some businesses pay for mobile services.To read this article in full or to leave a comment, please click here

Liquid Telecom raises $150 million to extend broadband in Africa

Liquid Telecom has raised US$150 million to extend its fiber networks across Africa, a sign of the growing need for broadband services on the continent.The company, controlled by African telecom company Econet Wireless, has already invested heavily in East Africa, where it is laying thousands of kilometers of new fiber-optic cable to connect Burundi and the Democratic Republic of Congo.The company has also already completed its East Africa fiber ring, which connects Kenya, Uganda and Tanzania, in order to provide high speeds and continuous uptime across the region.Liquid will use the additional funds it raised to build fibre broadband networks in several other countries.To read this article in full or to leave a comment, please click here

Long-awaited Blackphone tablet may emerge at MWC

Paranoid tablet users, rejoice. The first units of the secure Blackphone tablet will be demonstrated at the upcoming Mobile World Congress show in Barcelona early next month.The tablet will be the second product from SGP Technologies, which makes the privacy-centric Blackphone smartphone. A pre-release version of the tablet will be shown at the booth of Graphite Software, which has written a special interface for the device to run sensitive applications.SGP is planning a press conference at MWC where it will probably announce the tablet. A Blackphone spokesman declined to share details on the tablet launch or the press conference. However, a Graphite Software executive said the tablet would be announced at MWC and would be on display at Blackphone’s booth as well as Graphite’s.To read this article in full or to leave a comment, please click here

Long-awaited Blackphone tablet may emerge at MWC

Paranoid tablet users, rejoice. The first units of the secure Blackphone tablet will be demonstrated at the upcoming Mobile World Congress show in Barcelona early next month.The tablet will be the second product from SGP Technologies, which makes the privacy-centric Blackphone smartphone. A pre-release version of the tablet will be shown at the booth of Graphite Software, which has written a special interface for the device to run sensitive applications.SGP is planning a press conference at MWC where it will probably announce the tablet. A Blackphone spokesman declined to share details on the tablet launch or the press conference. However, a Graphite Software executive said the tablet would be announced at MWC and would be on display at Blackphone’s booth as well as Graphite’s.To read this article in full or to leave a comment, please click here

Former GM CEO warns Apple not to get into the car business

With all of the varying news reports claiming that Apple has plans to develop its own car, there has been a lot of debate regarding the wisdom behind such a strategy. While some Apple enthusiasts might understandably welcome an Apple-inspired car, there is certainly no shortage of arguments to make against Apple entering an entirely new industry.Falling in the latter category, former GM CEO Dan Akerson recently sat down for an interview with Bloomberg where he advised Apple that it has no idea what it's getting itself into.To read this article in full or to leave a comment, please click here

Sony looks to PlayStation to revive fortunes, could ditch smartphones

Sony will invest more money in the PlayStation as it fights to return to a profit, and could reportedly exit from selling smartphones and TVs.Sony will pump extra cash into its games and network services division in a bid to attract more users to the PlayStation and its PlayStation Network of online games. The company has sold 18.5 million PlayStation 4s since they went on sale in late 2013, of which 4.1 million were sold in the 2014 holiday season.Sony will also provide more funding for the division that makes image sensors for devices including the iPhone 6. That cash will go towards researching new technologies and increasing production.To read this article in full or to leave a comment, please click here

Apple Watch launch projected to be 7 times more successful than Android Wear

The Wall Street Journal reported yesterday that Apple placed its first Apple Watch orders with its manufacturing partner Quanta for 5 to 6 million watches. That's extremely bullish for Apple because only 720,000 Android Wear watches shipped in 2014 from such companies as Motorola, Samsung, and LG, while Pebble shipped 1 million smartwatches, according to market watcher Canalys. Apple's rosy forecast for its premium-priced watch appears aggressive when one considers that Canalys reported a total 4.6 million smart wearable bands shipped in 2014.To read this article in full or to leave a comment, please click here

Both sides make last-minute push on net neutrality

The clock is running down on the chance to lobby the U.S. Federal Communications Commission before it votes on putting stronger net neutrality rules in place, and both sides of the battle are making sure their voices are heard.Advocates of strong net neutrality rules have generated more than 1 million messages to the FCC or Congress since the beginning of 2015 via the Battleforthenet.com website. “You can’t buy public opinion,” Evan Greer, campaign director of digital rights group Fight for the Future, said during a press briefing Wednesday. “We very clearly have won in the sphere of public opinion.”The FCC is scheduled to vote on new rules that would reclassify broadband as a regulated utility on Feb. 26, and with agency rules mandating a week-long quiet period on lobbying before then, groups on both sides of the long-running debate were making last-minute pitches.To read this article in full or to leave a comment, please click here

Can Network Startups Stay Small and Survive ?

A client recently asked me about startups in the networking space and how to pick the one whose products be around for five years. After some research and reflection, I am beginning to realise that size doesn’t matter like it used to. While big companies selling hardware have big costs, small companies selling software can […]


The post Can Network Startups Stay Small and Survive ? appeared first on EtherealMind.

IBM’s Robert LeBlanc has his head in the cloud

IBM’s new man in charge of the cloud business is moving fast.“What I’m focusing on is speed,” said Robert LeBlanc, the new senior vice president for IBM Cloud. “Because the market continues to change, we have to get things to market quickly and then iterate.”LeBlanc is in a key spot at IBM: the company’s cloud-related technologies enjoyed a whopping 60 percent growth to $7 billion in 2014. The growth came much sooner than expected, and that’s critical in the midst of the company’s ongoing struggle to shift focus from low-margin hardware to the new paradigm of cloud computing.That struggle was evident in IBM’s financial results for 2014. The fourth quarter brought yet another decline in sales—it was the 11th consecutive quarter to do so—and profit targets for 2015 were down as well.To read this article in full or to leave a comment, please click here

1 3,575 3,576 3,577 3,578 3,579 3,793