* Posts by paulnick2

16 posts • joined 1 Dec 2016

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

paulnick2

OS Updated Details list against KRACK

Here is the updated list of fixes along with company's names and details:

Apple: Apple has ALREADY released a patch update in macOS 10.13.1 (beta only). Apple will likely release the KRACK Wi-Fi patch in iOS 11.1 this week. The company will widely roll out an update for iOS and Mac users in a few days.

Windows: Windows reacted promptly and sent out an automatic update for Windows 7, 8, 8.1 & 10 users.

Linux: Linux worked swiftly and released KRACK Wi-Fi Patches updates for Ubuntu 14.04+, Arch, OpenBSD, Debian, Gentoo, and Linux upstream.

Intel chipsets: Intel released firmware updates for its various chipsets.

Raspberry Pi: Jessian, Stretch has been fixed. Wheezy and others will receive updates by October 17.

Android: Android will fix at patch level by November 6, 2017.

Lineage OS: Fixes have been merged and will be rolled out in next weekly release.

Samsung: Samsung’s flagship devices have received Google security patches, but older models have still not received KRACK Wi-Fi patches.

iOS: Apple will likely release the KRACK Wi-Fi patch in iOS 11.1 this week.

Google Wi-Fi: Google will release a patch soon.

Apple Airport: No news on the Apple Airport.

Netgear: No updates have been released. Expect updates soon.

UniFi: Firmware 3.9.3 solves the concern.

Mikrotik: RouterOS v6.39.3, v6.40.4, v6.41rc and up.

LEDE: Fixes available in night by night updates.

Eero: eerOS 3.5 and up is secure.

AVM: AVM is somewhat aware of the vulnerability but doesn’t feel an update is necessary.

DD-WRT: Fixed in core, waiting for an update.

Meraki: Fixed with Meraki 24.11 and 25.7.

Aruba: Updates are available across Aruba hardware.

FortiNet: FortiAP 5.6.1 and up are secure.

Cisco: Updates are now available on Cisco hardware.

TP-Link: The company, doesn't know much about the vulnerability.

Synology: KRACK Wi-Fi security fix is now available.

KPN (NL): No information on the fix.

Nest: Nest claims that their devices aren't affected.

Sonos: No information on Sonos.

Amazon: Amazon is still in the process of reviewing devices while there is no fix issued for Echo etc.

Belkin: Belkin is aware of the issue, yet there is no fix for Wemo/Linksys devices.

Source: https://www.purevpn.com/blog/krack-wifi-security-fixes/

Is this a solution to Trump signing away your digital privacy? We give Invizbox Go a go

paulnick2

Re: VPN providers

Trust only those companies who are based outside 14 eyes countries. For example! if you are in UK, you should start using this uk vpn https://www.purevpn.com/uk-vpn-services.php

paulnick2

Re: Congress shot itself in the foot

While choosing a VPN you have to make sure that the service you are trusting with your data is not be based in any of the 14 eyes countries, especially the US, because VPN providers based in the US could be pressured to share or hand over users’ data to ISPs or government agencies.

source: http://www.geektime.com/2017/03/28/how-to-protect-your-data-from-being-sold-by-your-isp/

Data retention: It seems BORING ... until your TV SPIES ON YOU

paulnick2

The most irritating thing is Australian Govt. wants sensitive information of internet users. Being an internet user, why i should give my data to companies and agencies?

VPN is the only way to fight off this government-imposed threat and protect your online privacy for good as explained here https://www.purevpn.com/blog/why-data-retention-in-australia-is-worse-and-how-vpn-can-protect-you/

So my ISP can now sell my browsing history – what can I do?

paulnick2

Re: VPN

infact you can't use 14 eyes countries as explained here http://www.geektime.com/2017/03/28/how-to-protect-your-data-from-being-sold-by-your-isp/

I don't care what your eyeballs tell you. Alternative fact is, we've locked up your files

paulnick2

sadly we can expect hundreds of ransomware attacks in the future too!

Did your UK biz just pay £1,500 to stop a DDoS? You've been had

paulnick2

I dont know the reason why most of the BIZ spend too much on DDoS protection? Why wouldn't they start using anti-DDoS VPN which hides your real IP from the attackers and filters the incoming traffic to your connection through its anti-DDoS mitigation servers. You just need to search "PureVPN ddos protection" & check the first result on Google.

VPN on Android means 'Voyeuristic Peeper Network' in many cases

paulnick2

Re: Another log on the fire.

"82 per cent of the VPN apps requested permission to access sensitive data on the device, such as SMS history."

Really ? I dont think my vpn provider purevpn is accessing my sensitive data. They have mentioned in their official policy page that they dont keep logs of user's data.

China's Great Firewall to crack down on unofficial VPNs – state-approved net connections only

paulnick2

Re: SSL

My brother is in China & he is using PureVPN .... Is he doing anything illegal ? Doesn't he has the right to access restricted channels in China?

ProtonMail launches Tor hidden service to dodge totalitarian censorship

paulnick2

Re: How long...

to stay safe from the investigatory! people should start using encryption tool like VPNs because it change your location & keep you anonymous. After this law, i also started using purevpn

BBC shuts off iPlayer to UK VPNs, cutting access to overseas fans

paulnick2

I'm concerned that you seem to ignore the very possibility that the BBC work in reverse from their list of unlicensed properties towards ISP/IP and then search logs for evidence... The problem is much much more tractable that way and hence judicious use of a VPN is an absolute must rather than just a good idea. P.S, i am using purevpn & i am quite happy with their service because it has a no log policy mentioned in their official website.

Come get your free Opera VPN (and bring along something to read)

paulnick2

Re: Raising more red flags than a Soviet military parade

The only concern i have with Opera is it doesnt have a bunch of features like PureVPN.

Did EU ruling invalidate the UK's bonkers Snoopers' Charter?

paulnick2

Re: Get yourself an early Xmas present...

tunnel has minimum number or servers as well as it doesnt have multiple multi logins. Comparatively purevpn has 5 logins with 550+ servers. Do you still think about the tunnel?

Small ISPs 'probably' won't receive data retention order following IP Bill

paulnick2

The IPBill was already passed by the House of Commons by a clear majority in June of this year. The MPs voted overwhelmingly in its favor, with final result being 444 to 69.

Pro-privacy groups and advocates have campaigned against the legislation since then, dubbing it Snooper's Charter 2.0 in reference to the original attempt to pass the law that was thwarted by the Conservative government's former coalition partners, the Liberal Democrats.

The only way Brits can save themselves from mass-surveillance is to change their IP addresses to another location. Since the internet companies can only track you via your IP addresses, once you change them, you'll appear anonymous not only to the ISPs but to the whole world.

Brits can easily change their IP addresses to another location and appear anonymous by subscribing to any premium VPN like PureVPN, exoress, air etc. By using VPN, users can connect to its range of servers from around the world and browse the internet anonymously.

Santa says you've been nice kids: OpenVPN to get security audit

paulnick2

PIA have done a great job but if we talk about the vpn service then purevpn at its best.

Somethings Wrong at El Reg

paulnick2

I registered twice. On the First time registration i didnt get any activation email.... I think its a bug!

Biting the hand that feeds IT © 1998–2019