blog.varonis.com/ssl-and-tls-1-0-no-longer-acceptable-for-pci-compliance/, posted 21 Feb by peter in communication networking security
The PCI Council says you must remove completely support for SSL 3.0 and TLS 1.0. In short: servers and clients should disable SSL and then preferably transition everything to TLS 1.2.
However, TLS 1.1 can be acceptable if configured properly. The Council points to a NISTpublication that tells you how to do this configuration.
Wifatch’s code does not ship any payloads used for malicious activities, such as carrying out DDoS attacks, in fact all the hardcoded routines seem to have been implemented in order to harden compromised devices. We’ve been monitoring Wifatch’s peer-to-peer network for a number of months and have yet to observe any malicious actions being carried out through it.
www.japantimes.co.jp/news/2015/07/17/business/tech/narita-airport-get-sim-card-vending-machines/, posted Jul '15 by peter in communication japan mobile travel
The cards, aptly named Prepaid SIM for Japan, can be purchased along with smartphones, mobile routers and smartphone accessories at the vending machines, the Tokyo-based telecommunications firm said.
The airport will have two such machines, for Terminal 1 and Terminal 2, with only credit cards accepted for added ease.
NTT Communications said the SIM cards are priced at ¥3,450 for one week and ¥4,950 for two weeks. Both types offer a maximum download speed of 150 megabytes per second and 50 Mbps as an upload speed. If the data amount exceeds 100 MB a day, the network speed will slow down.
Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN.
Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key (both provided by the user). If the target machine recognizes the root CA as trusted, then HTTPs traffic can be succesfully intercepted and recorded.
You may have heard that the NSA can decrypt SSH at least some of the time. If you have not, then read the latest batch of Snowden documents now. All of it. This post will still be here when you finish. My goal with this post here is to make NSA analysts sad.
TL;DR: Scan this post for fixed width fonts, these will be the config file snippets and commands you have to use.
Although there are a few different public-key encryption algorithms, the most popular — and fortunately, the easiest to understand — is the RSA algorithm, named after its three inventors Rivest, Shamir and Adelman. To apply the RSA algorithm, you must find three numbers e, d and n related such that ((m^e)^d) % n = m. Here, e and n comprise the public key and d is the private key. When one party wishes to send a message in confidence to the holder of the private key, he computes and transmits c = (m^e) % n. The recipient then recovers the original message m using m = (c^d) % n.
OpenDaylight is an open platform for network programmability to enable SDN and NFV for networks at any size and scale. The community’s second release “Helium” comes with a new user interface and a much simpler and customizable installation process thanks to the use of the Apache Karaf container.
OpenDaylight software is a combination of components including a fully pluggable controller, interfaces, protocol plug-ins and applications. With this common platform both customers and vendors can innovate and collaborate in order to commercialize SDN- and NFV-based solutions.
Open Platform for NFV (OPNFV) is a new open source project focused on accelerating the evolution of Network Functions Virtualization (NFV). OPNFV will establish a carrier-grade, integrated, open source reference platform that industry peers will build together to advance the evolution of NFV and to ensure consistency, performance and interoperability among multiple open source components. Because multiple open source NFV building blocks already exist, OPNFV will work with upstream projects to coordinate continuous integration and testing while filling development gaps.
https://www.techinasia.com/holaa-app-identifies-callers-and-blocks-spam/, posted Nov '14 by peter in asia business communication mobile
The problem in a predominantly pre-paid phone connection market like India is that caller identities are often a mystery. So people end up taking a lot of unwanted calls and spam. That’s why an app like TrueCaller, developed in Sweden, is more popular in India than in the West.
Now there’s a new app called Holaa!, just launched today, which claims to help smartphone users manage their calls better. It’s a product of Nimbuzz, which shifted its base from the Netherlands to India in 2012 to serve a growing Indian user base for voice over IP (VoIP), messaging, and mobile advertising services.
To those of us who were accustomed to thinking of the internet as a glorious, distributed, anarchic, many-to-many communication network in which anyone could become a global publisher, corporate gatekeepers had lost their power and peer-to-peer sharing was becoming the liberating norm, Labovitz’s brusque summary comes as a rude shock. Why? Because what he was really saying is that the internet is well on its way to being captured by giant corporations – just as the Columbia law professor Tim Wu speculated it might be in The Master Switch, his magisterial history of 20th-century communications technologies.