Skip navigation
Help

ISP

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

darthcamaro writes "Last week, Rain Forrest Puppy (aka Jeff Forristal) first disclosed the initial public report about an Android Master Key flaw. Code was released earlier this week for attackers to exploit the flaw — but what about users? Google has claimed that it has patched the issue but how do you know if your phone/carrier is safe? Forristal's company now has an app for that. But even if your phone is not patched, don't be too worried that risks are limited if you still to a 'safe' app store like Google Play. 'The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

"It all comes down to where you get your applications from," Forristal said.'"

0
Your rating: None

msm1267 writes "Attackers are using route injection attacks against BGP-speaking routers to insert additional hops in the traffic stream, redirecting traffic to third-party locations where it can be inspected before it's sent to its destination. Internet intelligence company Renesys has detected close to 1,500 IP address blocks that have been hijacked on more than 60 days this year, a disturbing trend that indicates attackers could finally have an increased interest in weaknesses inherent in core Internet infrastructure."

0
Your rating: None
Original author: 
samzenpus

Rick Zeman writes "Hot on the heels of Verizon's massive data dump to NSA comes news of 'PRISM' where The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio, video, photographs, e-mails, documents and connection logs that enable analysts to track a person's movements and contacts over time. This program, established in 2007, includes major companies such as Apple, Microsoft, Yahoo, Google, Facebook...and more."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None
Original author: 
Nate Anderson


The ghost of Steve Jobs will not be pleased to see this.

Zack Henkel

Robert Silvie returned to his parents' home for a Mardi Gras visit this year and immediately noticed something strange: common websites like those belonging to Apple, Walmart, Target, Bing, and eBay were displaying unusual ads. Silvie knew that Bing, for instance, didn't run commodity banner ads along the bottom of its pristine home page—and yet, there they were. Somewhere between Silvie's computer and the Bing servers, something was injecting ads into the data passing through the tubes. Were his parents suffering from some kind of ad-serving malware infection? And if so, what else might the malware be watching—or stealing?

Around the same time, computer science PhD student Zack Henkel also returned to his parents' home for a spring break visit. After several hours of traveling, Henkel settled in with his computer to look up the specs for a Mac mini before bedtime. And then he saw the ads. On his personal blog, Henkel described the moment:

But as Apple.com rendered in my browser, I realized I was in for a long night. What I saw was something that would make both designers and computer programmers wince with great displeasure. At the bottom of the carefully designed white and grey webpage, appeared a bright neon green banner advertisement proclaiming: “File For Free Online, H&R Block.” I quickly deduced that either Apple had entered in to the worst cross-promotional deal ever, or my computer was infected with some type of malware. Unfortunately, I would soon discover there was a third possibility, something much worse.

The ads unnerved both Silvie and Henkel, though neither set of parents had really noticed the issue. Silvie's parents "mostly use Facebook and their employers' e-mail," Silvie told me, and both those services use encrypted HTTPS connections—which are much harder to interfere with in transit. His parents probably saw no ads, therefore, and Silvie didn't bring it up because "I didn't want [them] to worry about it or ask me a lot of questions."

Read 30 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Peter Bright


Sven Olaf Kamphuis waving the Pirate Party flag in front of CyberBunker's nuclear bunker.

Sven Olaf Kamphuis

Over the last ten days, a series of massive denial-of-service attacks has been aimed at Spamhaus, a not-for-profit organization that describes its purpose as "track[ing] the Internet's spam operations and sources, to provide dependable realtime anti-spam protection for Internet networks." These attacks have grown so large—up to 300Gb/s—that the volume of traffic is threatening to bring down core Internet infrastructure.

The New York Times reported recently that the attacks came from a Dutch hosting company called CyberBunker (also known as cb3rob), which owns and operates a real military bunker and which has been targeted in the past by Spamhaus. The spokesman who the NYT interviewed, Sven Olaf Kamphuis, has since posted on his Facebook page that CyberBunker is not orchestrating the attacks. Kamphuis also claimed that NYT was plumping for sensationalism over accuracy.

Sven Olaf Kamphuis is, however, affiliated with the newly organized group "STOPhaus." STOPhaus claims that Spamhaus is "an offshore criminal network of tax circumventing self declared internet terrorists pretending to be 'spam' fighters" that is "attempt[ing] to control the internet through underhanded extortion tactics."

Read 40 remaining paragraphs | Comments

0
Your rating: None

Today, a large collection of Web hosting and service companies announced that they will support Railgun, a compression protocol for dynamic Web content. The list includes the content delivery network and Web security provider CloudFlare, cloud providers Amazon Web Services and Rackspace, and thirty of the world’s biggest Web hosting companies.

Railgun is said to make it possible to double the performance of websites served up through Cloudflare’s global network of data centers. The technology was largely developed in the open-source Go programming language launched by Google; it could significantly change the economics of hosting high-volume websites on Amazon Web Services and other cloud platforms because of the bandwidth savings it provides. It has already cut the bandwidth used by 4Chan and Imgur by half. “We've seen a ~50% reduction in backend transfer for our HTML pages (transfer between our servers and CloudFlare's),” said 4Chan’s Chris Poole in an e-mail exchange with Ars. “And pages definitely load a fair bit snappier when Railgun is enabled, since the roundtrip time for CloudFlare to fetch the page is dramatically reduced. We serve over half a billion pages per month (and billions of API hits), so that all adds up fairly quickly.”

Rapid cache updates

Like most CDNs, CloudFlare uses caching of static content at its data centers to help overcome the speed of light. But prepositioning content on a forward server typically hasn’t helped performance much for dynamic webpages and Web traffic such as AJAX requests and mobile app API calls, which have relatively little in the way of what’s considered static content. That has created a problem for Internet services because of the rise in traffic for mobile devices and dynamic websites.

Read 13 remaining paragraphs | Comments

0
Your rating: None


The Freebox acts as DSL modem, router, Wi-Fi router, NAS, DVR, and DECT base—all in one single device.

weweje

France's darling indie ISP, Free, has shaken up the French Internet landscape yet again: in a quiet firmware update released Wednesday evening, the company added an ad blocking option to its Freebox router and activated it by default.

On its developer blog, the company simply wrote (in French) that the Freebox's firmware update 1.1.9 included the “[a]ddition of an ad blocker that allows ad blocking (beta)”

The new move means that any user who has the new firmware will have ad blocking on any device connecting to the Internet via the Freebox.

Read 8 remaining paragraphs | Comments

0
Your rating: None