Is there an unsecured wireless network near you?
Cisco can now sniff out malware inside encrypted traffic
Thursday, 11 January 2018 19:32

Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) - available to purchasers of its 4000 Series

Okay, Google: Why does Chromecast clobber Wi-Fi connections?
Monday, 15 January 2018 12:58

Wi-Fi router vendors have started issuing patches to defend their products against Google Chromecast devices.

TP-Link and Linksys were first out of the blocks with firmware fixes, and TP-Link has posted this explanation of the issue.

The bug is not in the routers, but in Google's "Cast" feature, used in Chromecast, Google Home, and other devices. Cast sends multicast DNS (MDNS) packets as a keep-alive for connections to products like Google Home, and it seems someone forgot to configure the feature to go quiet when Chromecast devices are sleeping.

That, at least, is how Vulture South reads the issue that

ITU aims to to keep the radio on with new satellite regulation fees
Monday, 15 January 2018 12:01

The International Telecommunications Union (ITU) will next week discuss changes to satellite constellation regulation and fees, an effort needed to keep space useful for communications

The ITU currently charges flat fees when called upon to consider how to accommodate a satellite's communications needs, a scheme developed a time when geostationary orbits dominated the satellite business. As a bird in such an orbit hovers over one spot on Earth, it's relatively easy to assess its requirements.

Today, however, governments and entrepreneurs have considered satellite fleets comprising dozens or even dozens or hundreds of birds, in all sorts of orbits. The work

Lenovo inherited a switch authentication bypass – from Nortel
Tuesday, 16 January 2018 08:58

Lenovo has patched an ancient vulnerability in switches that it acquired along with IBM's hardware businesses and which Big Blue itself acquired when it slurped parts of Nortel.

The bug, which Lenovo refers to as “HP backdoor”, for reasons it has not explained, has been in present in ENOS (Enterprise network operating system) since at least 2004 – when ENOS was still under the hand of Nortel.

Lenovo's advisory says the issue “was discovered during a Lenovo security audit in the Telnet and Serial Console management interfaces, as well as the SSH and Web management interfaces under certain limited and

Poison ping pong prompts patch from Cisco
Thursday, 18 January 2018 13:59

Cisco admins, it's your weekly patch notice.

The patch that gave us our headline is in NX-OS software, which is vulnerable to malicious pong (response to ping) packets.

If the pong packet tries to egress both a FabricPath port and a non-FabricPath port, the software tries to free the same area of memory twice. “An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload,” Cisco's advised .

Exploitation would need a relatively unlikely scenario, however, since Pong is disabled by default, as is FabricPath, and the FabricPath port has to be under

Google's 'QUIC' TCP alternative slow to excite anyone outside Google
Wednesday, 17 January 2018 18:03

Google's contribution to Internet standards, the fast-than-TCP thanks to multiplexing QUIC protocol, has yet to extend much beyond the Chocolate Factory, according to a German report into its adoption.

An experiment from 2012, Google's Quick UDP Internet Connections hit the internet standards track with this draft , and an IETF working group was established in 2016. It has yet to progress to an official standard, and remains proposed at this time .

Jan Rüth and Oliver Hohlfeld (RWTH Aachen University), Ingmar Poese (German analytics company Benocs), and Christoph Dietzel (Technical University, Berlin) probed the internet to count QUIC-enabled servers, and

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 2 of 79