The above picture is often used to illustrate how VPNs can protect your privacy. Because the VPN creates an encrypted tunnel between you and the Internet, your privacy is protected. However, the picture is missing a very important piece: the VPN service provider. As you can see, the encrypted tunnel ends at the VPN service […]Continue Reading... No Comments.
People don’t like to be tracked around everywhere they go on the web. So all major browsers give you the option to “block third party cookies”. And there’s a DNT header that your browser sends on your behalf to nicely tell the tracking parties that you don’t want to be tracked. However, the big question […]Continue Reading... 1 Comment.
And letting others spy on you? Smart TVs, security cameras, smart thermostats, smart plugs, smart doorbells, Alexa Echo, Google Home. All of these are capable of collecting data from your home (network traffic, connected devices, shared files, image, voice, video, etc.), and capable of sending data out to anywhere over the Internet, uninhibited. Earlier this […]Continue Reading... No Comments.
There’s a new trick to send spam: using legitimate business email services. Just a few days ago, I received an email from Honeywell. It was spam. I checked the sender address and the sending domain. It seemed to be sent from Honeywell indeed. So I wondered why Honeywell would spam me with something that’s completely […]Continue Reading... No Comments.
To mitigate the risks of IoT devices on your home network, Steve Gibson, the creator of ShieldsUP!, proposed a “Three Dumb Router” configuration to isolate the insecure IoT devices from your normal LAN, where the more valuable and more secure devices such as PCs and NAS storage reside. Since the devices stay in their own […]Continue Reading... No Comments.
Ars Technica reported today that the VPNFilter malware targets a much larger number of devices than previously thought (200,000 additional routers were added to the initial estimate of 500,000). And it is more powerful than revealed in original analysis. VPNFilter’s elaborate design involves three stages. Stage 1 acts as a backdoor that uses a sophisticated […]Continue Reading... No Comments.
On May 24, 2018, Portland, Oregon local TV station Kiro 7 reported that an Amazon Alexa device recorded a private conversation, then sent it out to a random contact. Amazon confirmed the incident, and attributed it to an “unlikely” string of events that caused Alexa to mistakingly interpret background sounds as commands. In other words, […]Continue Reading... No Comments.
IoT devices are known to be vulnerable to cyber attacks. The best known instance of such an attack is probably the Mirai botnet. The botnet infected numerous IoT devices (such as home routers and IP security cameras) and used them to perform a Distributed Denial of Service (DDoS) attack. It brought down major web sites […]Continue Reading... No Comments.
Free public WiFi hotspots are available in most public places, such as the airports, McDonald’s, Starbucks, or your local public library. A lot of security experts or self-claimed experts warn you against connecting to these WiFi networks. They warn you that some bad guy may be operating the WiFi hotspot, in that case they can […]Continue Reading... No Comments.
What you need: Download the firmware image from here. MD5 checksum: e2f1bb281dd9f78cd603faf515491548. A TFTP server. You can use PumpKIN if you don’t have a favorite one. Download the appropriate binary for your operating system. The steps (using Windows as example below). Configure your Ethernet address: open Windows network center, click “Change adapter settings”. Find […]Continue Reading... 9 Comments.