To RAID or Not (to RAID)? – Mac Geek Gab 805

Do you close your Terminal sessions correctly? Does iStat Menus work after you migrate? Are you getting Notes to launch as fast as possible? You’ll be able to answer “yes” to all three of these things after just the first few minutes of this week’s show. Stick around and learn about taming CarPlay, sharing Calendars, using a VPN with your Apple TV and much more. You’ll definitely hit your quota of learning at least five new things with John and Dave this week.

SurfShark VPN 2-Year Subscription: $69

We have a deal on a 2-year subscription to SurfShark VPN. This service features unlimited data, military-grade AES-256-GCM encryption, and IKEv2 and OpenVPN protocols. The company also has a no logging policy. Two years with SurfShark is $69 through our deal.

https://www.youtube.com/watch?v=g_93KzDGmCI

 

Iran Hackers Put Backdoors in VPN Servers

A new report finds that hackers from Iran have been putting backdoors in VPN servers around the world in the “Fox Kitten Campaign.” It sounds like affected companies provide VPN for enterprise, rather than consumers. ZDNet suggests Pulse Secure, Palo Alto Networks, Fortinet, and Citrix.

Though [sic] the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world.

An Interview With the COO of the Recently Acquired Private Internet Access VPN

Popular VPN Private Internet Access (PIA) was recently acquired by a company called KAPE, now called Private Internet. PIA COO did an interview.

Private Internet is positioned to lead the movement for a private and secure online experience for all. The internet as we now know it is a place where data is harvested and identities do not belong to the users but are traded by privileged few. Private Internet changes that. The new name also reflects the fact that we will now be offering four new privacy products to our product suite.

I’m interested, and wary, of the future of PIA. I’ve seen accusations of KAPE that include malware, but Mr. Sagi does say the app will be open-sourced. Although this quote sounds odd to me: “We’re building an internal roadmap to create a transparent and verifiable infrastructure, in which no one, including ourselves, is permitted access to the servers through which VPN traffic flows.” They had shown in court they can’t produce information regarding user data, so they already shouldn’t be able to access server traffic.

Be Good and Don't Get Caught – Mac Geek Gab 793

macOS Catalina might finally be ready for prime-time with 10.15.2. Your two favorite geeks discuss. Then it’s on to your tips and questions. Listen as John and Dave talk through Keyboard Shortcuts, third-party display issues, full-page screenshots, watching TV in multiple locations, outbound VPN, Mail, Bluetooth, and more! We guarantee you’ll learn at least five new things before the band plays you out for the week.

This VPN App Sent User Data to China

According to a report of VPN apps for 2019, downloads of these apps has increased 54%. But people need to be careful which VPN app they use. The most popular app called VPN – Super Unlimited sent user data to China. But it’s privacy policy made no secret of this.

We regularly collect and use information that could identify an individual, in particular about your purchase or use of our products, services, mobile and software applications and websites… We use various technologies to determine [your] location, including IP addresses, GPS, and other sensors.

The VPN apps I wrote about are all safe (or at least I personally believe them to be safe).

NordVPN Falls Victim to Credential-Stuffing Attack

About 2,000 NordVPN users have fallen victim to credential-stuffing attacks that let third-parties access their accounts.

While it’s likely that some accounts are listed in multiple lists, the number of user accounts easily tops 2,000. What’s more, a large number of the email addresses in the list I received weren’t indexed at all by Have I Been Pwned, indicating that some compromised credentials are still leaking into public view. Most of the Web pages that host these credentials have been taken down, but at the time this post was going live, at least one remained available on Pastebin, despite the fact Ars brought it to NordVPN’s attention more than 17 hours earlier.

NordVPN emailed all the publishers that have reported on its hack. In my opinion the company has been trying to downplay it. We’ll see if its recent security measures will improve the service, or if it’s lip service.

Cloudflare Releases Warp VPN for Everyone

Cloudflare announced its Warp VPN earlier this year and created a waiting list for it to be rolled out. Although the company had technical difficulties, the list is gone and Warp VPN is available for everyone today.

Let me start with the apology. We are sorry making WARP available took far longer than we ever intended. As a way of hopefully making amends, for everyone who was on the waitlist before today, we’re giving 10 GB of WARP Plus — the even faster version of WARP that uses Cloudflare’s Argo network — to those of you who have been patiently waiting.

This Friday I intend to publish a list of five VPN apps for iOS, and Warp will be included.

NordVPN 1-Year Subscription: $60

We have a deal on a 1-year subscription to NordVPN. All data sent through NordVPN’s private tunnels is double encrypted (double data SSL-based 2048-bit encryption). There are 3,521 servers in 61 countries, you can connect up to 6 devices, and you get unlimited data. The company has a no-log policy, too, and it will work with Mac, iOS, Windows, Linux, Chrome OS, and Android devices. One year of NordVPN is $60 through us, and there’s a 2-year option available in the deal listing, too.

Mozilla VPN Launches Under Test Pilot Program

Firefox Private Network is a Mozilla VPN launching under its old Test Pilot program. It’s available as a beta today for U.S. users with a Firefox account.

In a nutshell, the Firefox Private Network extension will provide a “secure, encrypted path to the web” to protect the user’s Wi-Fi connection and data contained within the Firefox browser. One of the scenarios Mozilla thinks Firefox Private Network will be useful for is when connecting to the internet through public Wi-Fi hotspots, as it will shield personal information and conceal what websites a user is visiting.

SurfShark VPN 2-Year Subscription: $69

We have a deal on SurfShark VPN. This service features unlimited data, military-grade AES-256-GCM encryption, IKEv2 and OpenVPN protocols, and more. The company also has a no logging policy. Two years with SurfShark is $69 through our deal.

https://www.youtube.com/watch?v=g_93KzDGmCI

Apple VPN as the Company's Latest Privacy Service

Michael Grothaus argues that an Apple VPN should be the company’s next privacy service.

The obvious existing bundle this VPN could slip into would be iCloud. Apple could offer an “iCloud VPN” service to all paid iCloud subscribers. And because Apple controls all the hardware and operating systems of the devices it makes, its VPN setup could be dead simple: if you’re signed into iCloud on your device, iCloud VPN is set up, running, and protecting your browsing activity from outsiders without you having to click a single button.

I’m not so sure I want an Apple VPN. Remember, this would mean that Apple could potentially know all of your network traffic unless they had a no logging policy.

News+: Bad Behavior in the VPN Industry

Max Eddy reviews VPNs for PCMag. Although he believes most vendors have good intentions, he highlights several examples of bad behavior in the VPN industry.

From my experience working with VPNs, I can say with certainty there is a culture of sabotage and paranoia among some vendors. Anonymous dumps of damning information about one VPN vendor get blamed on another VPN vendor. Tips come in suggesting that corporate ownership is tied to the Russian mafia or some other criminal operation. Commentators hold up one VPN review site as an example of rectitude; others say the same site is secretly run by a VPN vendor with an agenda. When there is this much disinformation and counter-disinformation (which may also be disinformation), it’s impossible to tell who is telling the truth.

Before I came to The Mac Observer, one of my freelancing gigs was writing for a VPN company. I saw some of the same things as Mr. Eddy. In both privacy and security circles, there is a tint of paranoia and conspiracy thinking, at least with some people.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

25% Discounts on Private Internet Access VPN Subscriptions - 1 Year, 2 Year, 3 Year

We have a 25% discount on 1, 2, and 3-year subscriptions to Private Internet Access VPN, a VPN service for Mac, iOS, Windows, Android, and Linux. Private Internet Access VPN uses Blowfish CBC encryption to keep your data under lock and key, and the company maintains a no-logging policy. I’m linking to a deal on a 1-year subscription, but you can also choose 2 and 3-year options. Coupon code WEEKEND25 will take another 25% off at checkout, meaning 1 year starts at $37.49.

Windscribe VPN 2-Year Pro Subscription: $44.25 with Coupon Code

We have a deal for you on a two year pro subscription to Windscribe VPN. It works with iOS, Mac, Windows, Linux, and Android. The Canadian company features a strict no-logging policy and anonymous sign-up that doesn’t even require an email address. The pro subscription comes with unlimited downloads, unlimited data, and unlimited connections. A two year subscription is $59 through our deal, but coupon code WEEKEND25 brings it to down to $44.25 at checkout.