As users browse the web, their browsing behavior may be observed and aggregated by third-party websites (“trackers”) that they don’t visit directly. These trackers are generally embedded by host websites in the form of advertisements, social media widgets (e.g., the Facebook “Like” button), or web analytics platforms (e.g., Google Analytics). Though web tracking and its […]
OK, so Adam Langley abandoned Pond — and is recommending https://whispersystems.org/ — but some of us don’t trust Android or iOS devices. We want apps on Linux. We want apps that use Tor securely. And undercomm spoke well of Pond. So anyway, I’m running a Pond server now. Feel free to use it. If you […]
I tested 29 Windows VPN clients for DNS, IPv4 and IPv6 Leaks. Six (AirVPN, FrootVPN, IVPN, Mullvad, Perfect Privacy and SlickVPN) performed perfectly. Three others (CyberGhost, oVPN.to and SecureVPN.to) hit VPN-specified nameservers directly while reconnecting after uplink interruption. But that’s not a huge issue, in that they didn’t hit other nameservers. The other 20 Windows […]
There are a lot of knobs to tweak when making a home router as secure as possible. I keep a pretty comprehensive checklist of router security features on my RouterSecurity.org website. But that list is targeted at techies. Non-techies need a simpler list with just the most important things to do/check/change.
WikiLeaks published more than 80 variants of malware in the second email dump from Turkey’s ruling political party (AKP), according to anti-virus security expert Vesselin Bontchev. Bontchev published his research on his GitHub page, which shows just how extensive the threats inside Wikileaks AKP email dump were. This is just the latest example of unethical […]
Due to the huge popularity of VeraCrypt, security researchers from OSTIF announced at the beginning of this month that it had agreed to audit VeraCrypt independently. Now, the most troubling part comes here: OSTIF announced Saturday that its confidential PGP-encrypted communications with QuarkLabs about the security audit of VeraCrypt were mysteriously intercepted.
When the Cyber Grand Challenge was first announced in 2014, 104 teams of security researchers and developers registered to take on the challenge of building systems that could compete in a Capture the Flag competition. Of them, 28 teams completed a “dry run”—demonstrating that they could find software flaws in new code and interact with […]
“Do you want to make money?” They’re currently advertising this proposition on a notorious malicious hacker forum on the dark web called Lampeduza. The person who posted the advertisement calls himself “Others” and the promoted crime kit is called Scylex. With a price tag of $7,500, Scylex packs multiple functionalities that make it sound like […]
Installing bug fixes is a big part of Defensive Computing. When I recently updated devices running five different operating systems, I took the opportunity to compare how they installed their latest patches. The tests were run on July 27th. Hardware-wise, all the devices were old, but their software was reasonably up to date, lacking only […]
Here’s an introduction guide to Docker on Windows, an operating system level virtualization and deployment platform using container technology, with native Hyper-V and Toolbox versions, covering installation and setup, brief overview and basic usage, manual service configuration and associated errors, other features and options, and more. Take a look.
The Transmission Control Protocol (TCP) implementation in all Linux systems deployed since 2012 (version 3.6 and above of the Linux kernel) poses a serious threat to Internet users, whether or not they use Linux directly. Researchers have uncovered a serious Internet flaw, which if exploited, could allow attackers to terminate or inject malware into unencrypted […]
Really. Get a grip. Of course they are. Everyone is. Why do you think that the “Promoted Stories” on a Houston [USA] news website are from the Sydney Morning Herald and news.com.au? While Facebook denies accessing phone camera’s secretly, Facebook and many other ‘apps’ do appear to have the technical ability to so it. Why […]