A malicious worm has been detected on roughly 1,000 different Linksys branded routers, according to a statement from SANS ISC
. According to the report, "TheMoon" worm takes advantage of a CGI script within the administration interface of multiple Linksys’ E-Series router models. An exploit writer has published a proof of concept exploit
, also noting that some older Wireless-N access points and routers may also be impacted. "The exploit to bypass the admin authentication used by the worm only works when the Remote Management Access feature is enabled," Linksys says. "Linksys ships these products with the Remote Management Access feature turned off by default."
Google today announced that they're embedding data compression by default in their latest mobile Chrome update. According to a company blog post
, the compression is disabled by default, but when enabled promises bandwidth consumption savings of up to 50%.
We recently noted how the UK's effort to force ISPs to filter porn by default wasn't working very well, with simple chrome proxy extensions
allowing porn hunters to easily bypass the filters. Worse perhaps is the fact that the filters aren't even really working, not only failing to filter a significant number of major porn sites, but accidentally filtering sexual education and rape support websites
Blogger Peter Hansteen has since put the filters through their paces, and found they're filtering a number of technology and civil liberty websites as well
...checking a semi-random collection of mainly fairly mainstream and some rather obscure tech URLs shows that far from focusing on its stated main objective, keeping innocent children away from online porn, the UK Internet filter shuts the UK's children out of a number of valuable IT resources, was well as several important civil liberties resources...if this is the true face of Parental Controls, I for one would take using controls like these as a sufficient indicator that the parents in question are in fact not qualified to do their parenting without proper supervision.
The filtered websites aren't exactly obscure, either, including Slashdot, Ars Technica, and the EFF. The broken filters come at the cost of higher rates for UK broadband users, as ISPs pass on the filter costs to users. The UK government continues to be rather tone deaf to the entire pile of dysfunction, suggesting they'd like to take things further by censoring websites that promote "extremist" views.
dropped a bit of a bombshell on Friday with a report claiming that security firm RSA was paid $10 million by the NSA to incorporate a deliberately flawed encryption algorithm into products, then promote those products knowing they weren't truly secure. RSA, now a subsidiary of computer storage giant EMC Corp, only started warning their customers about the weakened encryption after the Snowden revelations.
"RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products," the company claimed in a statement. "Decisions about the features and functionality of RSA products are our own."Update
: RSA has posted another non-denial denial of sorts, here
As noted yesterday
, the British government is moving forward with its effort to impose Internet filters, willfully-oblivious to the facts that such filters usually don't work, often filter legit content, are usually easily bypassed by those looking for porn, and lead down a slippery slope toward greater filters. Not too surprisingly then, the BBC reports
that UK ISP filters have been failing to filter many major porn websites, but have been filtering user access to sex ed websites, rape support websites, and porn addiction websites. That doesn't seem much of a concern for British Prime Minister David Cameron, who is also interested in forcing ISPs to filter out government-determined "extremism"-linked websites and content
Broadband Reports readers are already familiar with ICSI Netalyzr
, a free network measurement and diagnostic tool developed at the International Computer Science Institute
at Berkeley. Netalyzr's a "two-mouse click" network tester that runs in your web browser as a Java applet.
by whamel 02:33PM Thursday Sep 26 2013
Broadband delivers everything at the touch of a key or click of a mouse. Broadband delivers healthcare, security, education, entertainment. story continues..
RIAA boss Cary Sherman yesterday spoke before a House Judiciary Subcommittee to push for additional anti-piracy countermeasures, including requiring that Google implement filters into their Chrome browser. Sherman's testimony
(pdf) starts off by praising the new ISP copyright alert system, though noting it's a work in progress with no evidence it's doing much of anything:
The CAS is still in the initial implementation stages and proper metrics are being determined.
If you've got something you'd like to write about or review that is suitable for the home page, please contact us story continues..
When I first heard about Chromecast, I was skeptical on whether I would end up buying one. I have always been annoyed and aggravating by streaming solutions for TVs.
In response to the growing number of countries that have forced ISPs to ban access to The Pirate Bay, the website has launched their own Pirate Browser
, which uses the Tor network to skirt government censorship. "It's a simple one-click browser that circumvents censorship and blockades and makes the site instantly available and accessible," the Pirate Bay explains in a blog post
. "No bundled ad-ware, toolbars or other crap, just a Pre-configured Firefox browser." The browser is currently Windows only, though the folks behind the website say that Mac and Linux versions will be offered soon.
Yesterday secure e-mail operator Lavabit announced they were closing up shop
, strongly hinting they'd been forced via Patriot Act to not only spy on customers, but were gagged from talking about. Instead of offering a compromised service that didn't really provide what it claimed, they chose to shut down.
CNET is the latest out of the gate with tales of government surveillance run amok, Declan McCullagh reporting
that the FBI has developed a custom "port reader" software installed at ISPs that can intercept metadata in real time. The report notes that the FBI has been happily threatening ISPs with legal action if they don't install the new "harvesting program," which they say is their right under the Patriot Act.
A rather amazing story has bubbled up over the last week after half of the onion sites in the TOR
network were compromised, revealing the supposedly anonymous identities of Tor users. Malware popped up last Sunday morning on numerous sites hosted by anonymous hosting operation Freedom Hosting, the code exploiting a critical memory management vulnerability in Firefox (see the Tor security advisory
by JNhome 08:35AM Thursday Jul 25 2013 The following is part of our effort to solicit front page content from the Broadband Reports community. If you've got something you'd like to write about, please contact us. story continues..
I have a plethora of phone numbers. For my job I use a Google Voice virtual phone number on my business cards. The number forwards to my business cell phone – or any other phone I wish. I have also been experimenting with Comcast’s virtual phone service, Xfinity Voice 2go.
Security researcher Martin Herfurt recently bought himself a new "connected TV" (sometimes called "smart TVs" to test out the device's security, and the results aren't particularly impressive: in a blog post
), Herfurt notes that TV makers have little to no security understanding, because the devices are wide open to a wide variety of malicious attacks. Not only that, some of the data collected by the devices are wide open to monitoring by either your TV provider, or anybody else with the know how to access it.
According to Claire Perry, David Cameron's "special advisor on preventing the sexualisation and commercialisation of childhood," all UK ISPs will offer porn filters by default before the end of the year. According to Wired UK
, Internet users in the UK will soon find their broadband connections with filters enabled, though users will be able to opt-out of the setting by request. Participation by ISPs is "voluntary;" though some ISPs like TalkTalk already require that users make their preferences known when they sign up for service. Ignored by UK government is the fact that said filters are usually absurdly easy to bypass, wind up raising rates for consumers, quite often wind up censoring legitimate content, and once started -- tend to encourage government to censor other nasty bits of the Internet they might not agree with.
It is very quickly becoming clear that if you want the FCC to avoid enforcing their network neutrality rules, all you have to do is throw some half-assed, vague-sounding technical jargon at the agency to bog them down in inactivity indefinitely. With yesterday's news that AT&T is blocking yet another video chat application
in order to drive users to more expensive data plans, it's rather clear that the FCC lacks the stomach to actually enforce the rules they designed.
BitTorrent has been absurdly sensitive about how people might confuse the protocol Cohen created and the business he's trying to create, with the fact that it has been used for years for piracy. Yesterday I noted how the company won't even let BitTorrent proxy and VPN services like TorGuard
advertise within the BitTorrent client, fearing it might be seen as supporting piracy.
A post over at the Skype blog
proudly proclaims that Skype users are collectively using the communications platform for more than 2 billion minutes each day. "That’s enough time to travel to the moon and back over 225 thousand times, walk around Earth more than 845 times or travel to Mars more than 5,400 times," proudly proclaims the company. The total of course includes voice, video, and people staring at the screen using instant messaging, so it's likely a very generous number. Skype has certainly had help on numerous fronts, from the death of the PSTN to Microsoft's announcement that they'll be closing Windows Live Messenger.
·more stories, story search, most popular ..
Recent news contributors
, Karl Bode