I briefly mentioned WireGuard when I wrote of Cloudflare’s WARP beta. I think it’s something to add to your technology watch lists. It’s just not any old VPN app, it’s a VPN protocol that could very well replace current protocols like IPsec and OpenVPN, or at least be offered as an alternative. You can read the technical whitepaper here [PDF], along with this write up from Ars Technica.
WireGuard will now operate as either a Loadable Kernel Module (LKM) or built statically into the kernel itself. But whether static or loadable, it will be “in-tree”—which means it’s provided ready to go with the vanilla kernel itself, with no need for repackaging by the various distros. This puts it on the same footing as other supported drivers.
Continuing its tradition of April product announcements, today Cloudflare announced that its WARP VPN is entering beta for macOS and Windows.
Dave Hamilton and Andrew Orr join host Kelly Guimont to discuss Security Friday news, and the new kernel extension alert popping up in the latest MacOS 10.15 update.
There’s a bug that’s been in iOS since version 13.3.1 that prevents VPNs from encrypting network traffic and could leak some of your data.
We have a deal on a 3-year subscription to KeepSolid VPN Unlimited. The subscription includes unlimited connection speeds and traffic bandwidth, access to more than 400 VPN servers in more than 70 locations globally, access to VPN protocols IKEv2, OpenVPN, and the company’s own technology KeepSolid Wise, and more. This subscription is $50 through our deal, but coupon code SPRINGSAVE15 brings the checkout price down to $42.50.
Charlotte Henry and Andrew Orr join host Kelly Guimont to discuss the new look for WWDC and Security Friday’s headlines and tips.
TechRadar Pro teamed up with NordVPN to give people an idea of what exactly goes on inside of a VPN server. It’s a fascinating glimpse into a technology ever-growing in popularity.
The session revealed that NordVPN’s Linux servers are configured with various tools that enhance security, privacy, and authentication. FreeRADIUS is used for authentication, while the squid proxy software is also used. SaltStack is used for correct server configuration, controlling the infrastructure.
Proton apps will get new alternative routing as a way to block attempts at censorship, whether it’s by governments, ISPs, or network admins.
Dave Hamilton joins Kelly to discuss tips and tricks for working in a location which isn’t your usual workspace. Apps, best practices, and more!
Tracking company Sensor Tower has been using its VPN apps on iOS and Android to collect data on its millions of users.
Do you close your Terminal sessions correctly? Does iStat Menus work after you migrate? Are you getting Notes to launch as fast as possible? You’ll be able to answer “yes” to all three of these things after just the first few minutes of this week’s show. Stick around and learn about taming CarPlay, sharing Calendars, using a VPN with your Apple TV and much more. You’ll definitely hit your quota of learning at least five new things with John and Dave this week.
Disney+ is the latest streaming service available on ProtonVPN, meaning content can be watched even in countries that block the service.
We have a deal on a 2-year subscription to SurfShark VPN. This service features unlimited data, military-grade AES-256-GCM encryption, and IKEv2 and OpenVPN protocols. The company also has a no logging policy. Two years with SurfShark is $69 through our deal.
A new report finds that hackers from Iran have been putting backdoors in VPN servers around the world in the “Fox Kitten Campaign.” It sounds like affected companies provide VPN for enterprise, rather than consumers. ZDNet suggests Pulse Secure, Palo Alto Networks, Fortinet, and Citrix.
Though [sic] the campaign, the attackers succeeded in gaining access and persistent foothold in the networks of numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world.
We have a deal on CasVPN, a VPN that unblocks your favorite movies and TV shows with buffer-free UHD video streaming and unrestricted P2P File Sharing, all with unlimited downloads. 1 year is $9.99 through our deal.
Popular VPN Private Internet Access (PIA) was recently acquired by a company called KAPE, now called Private Internet. PIA COO did an interview.
Private Internet is positioned to lead the movement for a private and secure online experience for all. The internet as we now know it is a place where data is harvested and identities do not belong to the users but are traded by privileged few. Private Internet changes that. The new name also reflects the fact that we will now be offering four new privacy products to our product suite.
I’m interested, and wary, of the future of PIA. I’ve seen accusations of KAPE that include malware, but Mr. Sagi does say the app will be open-sourced. Although this quote sounds odd to me: “We’re building an internal roadmap to create a transparent and verifiable infrastructure, in which no one, including ourselves, is permitted access to the servers through which VPN traffic flows.” They had shown in court they can’t produce information regarding user data, so they already shouldn’t be able to access server traffic.
macOS Catalina might finally be ready for prime-time with 10.15.2. Your two favorite geeks discuss. Then it’s on to your tips and questions. Listen as John and Dave talk through Keyboard Shortcuts, third-party display issues, full-page screenshots, watching TV in multiple locations, outbound VPN, Mail, Bluetooth, and more! We guarantee you’ll learn at least five new things before the band plays you out for the week.
We regularly collect and use information that could identify an individual, in particular about your purchase or use of our products, services, mobile and software applications and websites… We use various technologies to determine [your] location, including IP addresses, GPS, and other sensors.
The VPN apps I wrote about are all safe (or at least I personally believe them to be safe).
About 2,000 NordVPN users have fallen victim to credential-stuffing attacks that let third-parties access their accounts.
While it’s likely that some accounts are listed in multiple lists, the number of user accounts easily tops 2,000. What’s more, a large number of the email addresses in the list I received weren’t indexed at all by Have I Been Pwned, indicating that some compromised credentials are still leaking into public view. Most of the Web pages that host these credentials have been taken down, but at the time this post was going live, at least one remained available on Pastebin, despite the fact Ars brought it to NordVPN’s attention more than 17 hours earlier.
NordVPN emailed all the publishers that have reported on its hack. In my opinion the company has been trying to downplay it. We’ll see if its recent security measures will improve the service, or if it’s lip service.