Monthly Archives : January 2018

New way to match websites in RouterOS’s firewall

Since most of the internet now uses https, it has become much harder to filter specific web content. For this
reason, RouterOS 6.41 introduces a new firewall matcher which allows you to block https websites (TLS traffic)
based on the TLS SNI extension, called “TLS-HOST”. The new parameter supports glob-style patterns, which
should be enough for whatever you’re trying to match.
For example, to block example.com, you would use a rule like this:
/ip firewall filter add chain=forward dst-port=443 protocol=tcp tls-host=*.example.com action=reject

Author: 10 months ago

The latest update to Windows 10 has added transparency in terms of data collection by allowing its users to see what type of information and data is being sent to Microsoft for analysis. The new Windows Diagnostic Data Viewer makes it more convenient for users to see what data Microsoft is gathering, although it doesn’t do much in actually helping users completely stop Microsoft’s data collection in the first place.

To stop data collection completely you are going to need an Enterprise edition of Windows 10 which is readily only available if you’re activating it through Microsoft’s volume licensing program which is designed for businesses, not just regular privacy conscious users.

Author: 10 months ago

As google promised last year, they have release an update for Chrome that introduces a stronger pop-up blocker that protects against sneaky tactics that lead users to unwanted content through hidden redirects. These abusive experiences that users complained about where often used by shadier sections of the web where the ads or parts of the page included fake site warnings and error messages and “close” button that redirected that page.

Google has also stated that from Feburary 15, Chrome will remove ads that don’t comply with standards overseen by the coalition for better ads.

Chrome 64 also contains 53 various security fixes, and also bring some of Google’s fixes for the Spectre attack that can be used against browsers. Google has also detailed that they will be adding more mitigations in the future.

 

 

 

 

 

Author: 10 months ago

Preorders have opened up for Apple’s HomePod smart speaker, more than a year behind the Google Home, and over Three years after Amazon launched their Echo smart speaker.

The HomePod comes with Siri built into the speaker, users can create reminders, set timers, play music through Apple Music, stream podcasts and send messages.

Apple needs to be in the smart speaker market because these devices are becoming a key gateway to subscription services like music, can connect with smart home gadgets, and facilitate other activities like shopping and playing games. A lot of that used to be done through the smartphone, with one in three smart speaker purchasers reporting they were spending less time on their smartphone. HomePod will help Apple sell Apple Music and also keep Siri, its digital assistant, relevant: the smart speaker won’t replace the smartphone, but it’s still a category where Apple needs to perform well.

Launching late into a new market seems like a strange business decision, but Apple have done this various times before, allowing their competitors to establish the market and make mistake and then come in with a premium product that fixes the problems that its competitors were unable to resolve.

Apple faces a tough battle to break into a market with established companies offering cheaper products. But if it can convince enough people that it can do a better job of protecting privacy than its rivals, then it could still capture the premium and privacy-conscious segment of the smart home market.

 

Author: 10 months ago

It only took various different lawsuits and a lot of hate for Apple to finally give into the people and allow for users to disable the performance throttling that was slowing down older iPhones for increased battery life and stability.

This news was revealed in an interview between Apple CEO Tim Cook and ABC News, during which Cook said that in addition to being able to disable the throttling, Apple will also for the first time provide stats and info about the current health of a user’s iPhone battery.

While there wasn’t any specific release date announced for these features, they will be available for testing in the developer release iOS next month, going public some time after that.

It was mentioned that disabling the performance throttling is something that apple does not recommend, due to old degraded batteries having a chance of randomly forcing your phone to shutdown and shorter battery life. Although now the choice is up to the user.

Author: 10 months ago

FIBARO presented 13 integrations compatible with smart home solutions offered by leading global IoT companies including Google, Amazon, Apple, Philips, Yale, Bose, Sonos and Yamaha at its stand at this year’s CES trade show.

FIBARO, manufacturer of smart home solutions is becoming increasingly popular, with currently being available in over 100 countries across all six continents. FIBARO showcased the integration of its system with devices manufactured by the world’s leading IoT companies at this year’s CES trade show.

Talking to your smart home has become one of the most popular types on integrations though the use of virtual assistant like Alexa, Siri and Google Home. These assistants allow for the verbal control of FIBARO’s devices, including selected products offered by other manufacturers which have been connected to a FIBARO home system. Users can give voice commands that turn the lights on and off, adjust a room’s temperature, check which doors and windows are currently open, or instruct the FIBARO system to simultaneously perform several similar tasks by simply saying a pre-defined verbal command.

“Ever since FIBARO was founded, we’ve firmly believed that the most natural way of controlling all elements of the IoT is human speech. Currently, we’re integrating our products with the voice assistants of such companies as Apple, Google and Amazon.” – commented FIBARO CEO Maciej Fiedler.

 

Author: 10 months ago

WPA3 has been announced

Wi-Fi Alliance has announced the introduction new security-based features for its family of Wi-Fi Certified technologies at CES 2018. After more than a decade, the WiFi Alliance has released the next specification of the security protocol known as WPA3. As well as addressing the issues surrounding KRACK, WPA3 is claimed to offer four key new capabilities over its predecessor: the introduction of techniques for improving security even when users pick too-simple passphrases, simplified configuration for headless devices which lack display capabilities, per-client rather than per-network encryption, and a new 192-bit security cipher suite created to align with the US Committe on National Security Systems’ Commercial National Security Algorithm (CNSA) requirements.

WPA3 employs individualized data encryption, which scramble the connection between each device on the network and the router, ensuring secrets are kept safe and sites that you visit haven’t been manipulated. The most notable problem for WPA2 was the recent discovery of several key management vulnerabilities in the 4-way handshake of its security protocol (aka – KRACK or Key Reinstallation Attacks). “Finally, a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial”.

Apparently WPA3 will contain four new capabilities for personal and enterprise Wi-Fi networks. These are usually open and unencrypted, which means whoever uses them is quite vulnerable to snooping and data theft.

 

Author: 11 months ago

Adding Alexa to your car has never been so cheap.

The Muse looks like any number of car gadgets — it’s a disc about the size of an Oreo cookie that sticks to your dashboard and connects to a USB port or lighter socket. It contains a microphone and it connects to your phone via Bluetooth.

Speak Music is a company makes voice-recognition tech tailored for music accessories, enabling devices like headphones to better recognize very specific commands.
With Muse, the company is using its tech to bridge the gap between drivers and Amazon’s Alexa. Powered by a Qualcomm chip, the device combines Speak Music’s music-specific commands with everything you can already tell Alexa to do. In the car, that will probably mostly be playing podcasts and playlists from Amazon and its favored partners (like IHeartRadio and TuneIn … Spotify compatibility is “coming”), but you can also turn up your thermostat, start a to-do list, play voice-activated word games, or anything else you do with Alexa at home.

All of which is to say the Muse sounds like the ideal device for iPhone owners who want to bring Alexa to their cars cheaply and easily — especially if you use Alexa for music a lot. And since it has Bluetooth, USB, and Aux inputs, that means pretty much any car.

 

Author: 11 months ago

Australia is currently using these LTE bands (LTE bandmask in brackets):

  • 2100MHz (B1) FDD (0000000000000001) – Telstra (a handful of sites), Optus (Darwin, Tasmania)
  • 1800MHz (B3) FDD (0000000000000004) – Telstra, Optus, Vodafone
  • 850MHz (B5) FDD (0000000000000010) – Vodafone
  • 2600MHz (B7) FDD (0000000000000040) – Optus, Telstra (TPG have a license but have not announced plans for it.)
  • 900MHz (B8) FDD (0000000000000080) – Telstra (a handful of sites, utilises spectrum previously used by 2G)
  • 700MHz (B28) FDD (0000000008000000) – Telstra, Optus
  • 2300MHz (B40) TDD (0000008000000000) – Optus (Vivid wireless spectrum, metropolitan area), NBN (regional area including Gold Coast)
  • 3500MHz (B42) TDD (0000020000000000) – Optus, NBN
Author: 11 months ago

Meltdown and Spectre
vulnerabilities impacts a large number
of computing systems

As we are all aware the newer generations of Intel and AMD CPU are vulnerable for both of the latest exploits.

Below are the quick fixes for major OS:

MacOS High Sierra 10.13.2+, Sierra 2017-002 security update, and El Capitan 2017-005 security update mitigate meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208331

iOS 11.2+ mitigates meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208334

Windows 7, 8, 10 patches are out, mitigating meltdown:
https://support.microsoft.com/help/4073119

Android “January 2018” security patch level mitigates meltdown:
https://support.google.com/faqs/answer/7622138#android

Fx 57 patched, mitigating spectre
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

Chrome 64 (January 23) will mitigate spectre; can optionally mitigate now — “Strict Site Isolation” in chrome://flags
https://support.google.com/faqs/answer/7622138#chrome

Safari update “in the coming days” to mitigate spectre
https://support.apple.com/en-us/HT208394

Ubuntu kernel updates by Jan 9, for 17.10, 16.04 LTS, 14.04 LTS, mitigating meltdown:
https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

Debian stable has an updated kernel out, mitigating meltdown:
https://www.debian.org/security/2018/dsa-4078

AWS has patched the host hardware for EC2 boxes:
https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

Author: 11 months ago