Tag Archives: Internet Privacy News

Best VPN & Privacy Articles of 2018: 2018 FlashRouters Recap

2018 was another monumental year for cyber-security. Here at the FlashRouters blog, we covered trends in privacy, security, and worldwide tech news. Curious how the world of routers developed over 2018? Here are the best FlashRouters posts of 2018.

Best FlashRouters Posts of 2018: Privacy

Privacy featured heavily in our stories this year. Accordingly, we’ve compiled a list of some of our best FlashRouters Privacy posts in 2018.

ISO vs. NSA

In May, we covered the International Standards Organization’s battle against the National Security Agency. Providing security for citizens against snooping government agencies is one of FlashRouters’ chief concerns. The NSA is no exception.

In 2013, whistleblower Edward Snowden revealed the corruption internal to the National Security Agency. Through his research, we learned the NSA sabotaged the National Institution for Standards and Technology’s cryptographic standards. This sabotaging of security standards has effectively nullified and discredited the institution.

This time around, the NSA would like their cryptographic algorithms “Simon” and “Speck” to serve as the standard for all IoT devices. While the NSA firmly maintains that these algorithms are secure, and are made to require little processing power, many ISO members did not believe these claims.

The International Standards Organization, to its credit, has rejected this request for three years. Further, as this action reveals, the ISO shows no signs of acquiescing to the NSA.

Firmware Vulnerabilities

In June, we wrote on a topic dear to our hearts: firmware vulnerabilities, specifically factory firmware vulnerabilities. FlashRouters “flashes” routers with Open Source firmware. This process removes the vulnerabilities found in factory firmware.

With this in mind, it is important to understand just how flawed factory firmware is. In June 2018, Insignary, a firm that runs binary-level code scanning, brought to light the fact that most wireless vendors have yet to patch old firmware vulnerabilities.

These vulnerabilities include the key re-installation attack known as KRACK, the Denial of Service attacks FFmpeg and OpenSSL, and a remote code execution attack called Samba. In other words, using a router with factory firmware opens the door to these attacks. An Open Source FlashRouter, on the other hand, like the Netgear R7800, voids these vulnerabilities.

Router manufacturers rarely support and update routers after the first two years. Conversely, the communities behind Open Source firmware are consistently repairing router flaws.

Amazon Alexa Privacy Concerns

In December, we expressed our concerns about Amazon Alexa.

Amazon Echo and its voice-controlled intelligent personal assistant service, Alexa, is presently the most highly-rated smart speaker system on the market.

Many Alexa users believe the device is recording every word it hears. This is not the case, as in fact Alexa is set to be on the lookout for a wake word. However, without the security of a Virtual Private Network from an Open Source router, the Amazon Echo is vulnerable to attacks from hackers.

Even if a hacker were to access only voice commands, this would still be a serious cause for concern. Thankfully, a FlashRouter is able to provide remedy for this issue.

Best FlashRouters Posts of 2018: Hacks and Attacks

Secure Your Routers From Rusian Malware VPNFIlter

Hacks and attacks also featured heavily in our stories this year. To that end, we’ve compiled a list of some of our best FlashRouters Hacks and Attacks posts in 2018.

VPNFilter Attack

In May, the Russian malware bug known as VPNFilter came to our attention. VPNFilter infected at least 500,000 devices in at least 54 countries.

This is a particularly dangerous bug. VPNFilter can delete itself and render infected routers inoperable. Additionally, VPNFilter may be used to incorporate infected routers into a botnet to be used in a Distributed-Denial-of-Service attack.

Thankfully, flashing your router with Open Source firmware can prevent this vulnerability.

Xfinity and Reddit Hacks and Bugs

In June, security researchers discovered the Xfinity router activation website was leaking sensitive information. This leak allows would-be hackers to easily obtain Comcast customers’ SSIDs and passwords. With this information, a hacker has unauthorized access to routers, exposing unencrypted traffic on customer’s wireless networks.

In August, we revealed how attackers hacked Reddit. By intercepting two-factor authentication from Reddit employees’ phones, hackers were able to access their accounts.  This enabled the attackers to gain read-only access to backup data, source code, and other logs. Some of these logs included all Reddit data prior to 2007, including user e-mails, private messages, and internal files.

In both of these cases, we recommended a number of security steps to take to ensure privacy against hackers. However, more than anything, we recommend taking advantage of a VPN service.

Best FlashRouters Posts of 2018: VPN Bans Around The World

best posts 2018

The use of VPNs once again came up as an important issue. Countries and businesses alike have banned or severely restricted VPNs.

Countries Taking Actions Against VPNs

2018 brought us VPN bans in Russia as well as in Turkey. As draconian governments continue to infringe on the privacy of individuals, it is more than likely that more countries will follow suit in 2019.

One way to get around VPN bans is to purchase a pre-configured FlashRouter. Supplying the FlashRouter Support Team with your VPN username and password will allow the device to show up at your door plug and play. Also, if the country you are in has blocked access to VPN sites, bringing a pre-configured FlashRouter over the border will allow unlimited Internet access.

Streaming Services Blocking VPNs

Draconian governments are not the only actors looking to stop VPN use. Streaming services, abiding by copyright law, are looking to do the same.

2018 saw an uptick in the list of streaming services blocking VPN traffic. Netflix, Hulu, Sling TV, HBO Now, Amazon Prime Video, YouTube TV, and Google Play all blocked traffic from VPN servers during the year.

This does not mean all hope is lost. In fact, some of our most trusted VPN providers, ExpressVPN and NordVPN, are working around the clock to provide working servers for these services.

Best FlashRouters Posts of 2018: The FlashRouters Privacy App

2018 also saw the introduction of the FlashRouters Privacy App.

The Privacy App expands VPN compatibility to all wireless and wired devices, including those without native VPN support. With the FlashRouters Privacy App sorting and managing devices is simple, even as more devices connect to the VPN network.

The FlashRouters Privacy App also includes simple server switching and a by-device VPN kill switch.

To view the full list of features, just visit our FlashRouters Privacy App Page.

Have questions about our App? Curious about router news in 2019? Send us a message.

The Roskomnadzor Strikes Back: Kremlin Online Crackdown

With China enacting stricter VPN regulations, Russia is following suit. Recently, China has banned the usage of many VPNs, forced app stores to remove VPN programs, and even jailed VPN multiple VPN sellers.

The Kremlin Online Crackdown

The law signed by President Vladimir Putin July imposing restrictions on Internet privacy tools has gone into effect November 1st. The Kremlin online crackdown limits the usage of virtual private networks, or VPNs, as well as anonymous proxy servers.

VPN providers must work closely with the Russian media, called the Roskomnadzor. This translates to the Federal Service for Supervision of Communications, Information Technology, and Mass media.

How Will Restrictions Work?

Despite what many think, this law does not completely ban the usage of VPNs and proxies. However, the law does restrict the access to a list of many websites.

VPN services that wish to continue operation must adhere to the Roskomnadzor’s blacklist of banned websites. According Banki.ru, to The Roskomnadzor will also be given access to their servers  “within the legal framework.”

According to Leonid Levin, the head of the Russian State Duma’s information policy committee, the law is meant to block access to “unlawful content”. Restrictions made by this law will not impose restrictions to law-abiding citizens.

Will The Restrictions Work?

Through the Kremlin online crackdown, the Roskomnadzor is working to identify and block suspicious websites, there are still some hoops to jump through.

For instance, only one registry of banned domain names exists. This past summer, one of Google.ru’s web pages redirected to a blocked online gambling domain. As a result, the entire search engine was blocked for several hours.

According to many IT experts, corporate VPNs will be exempt from the new regulations. Currently, it is unclear on how the Roskomndazor will differentiate between corporate and public VPNs.

As stated by Leonid Yevdokimov, an expert on the Tor Project, it is presently impossible to distinguish between the two.

Avoid Kremlin Restrictions with a VPN

While it is unclear what the difference between corporate and public VPNs is in the eyes of the Roskomnadzor, it is still imperative to look into VPN services to help prevent the Kremlin from spying on your activities.

Some recommended VPNs for Russia include ExpressVPN, NordVPN, and IPVanish.

Using a FlashRouter, you can integrate a VPN on the router level. Furthermore, any device that is connected to a FlashRouter network will be encrypted. This will work for all devices, regardless of whether or not the product has native VPN capability.

Here are some of our most popular models:

   
Netgear R7800 DD-WRT FlashRouter 1.7 GHz Broadcom Processor
4 External Antennas
AC2600 Wireless
Linksys WRT3200ACM DD-WRT FlashRouter1.8 GHz Marvell Processor
4 External Antennas
AC3200 Wireless
Linksys WRT1900ACS/AC v2 AC1900 DD-WRT FlashRouter
1.6 GHz Marvell Processor
4 Internal Antennas
AC1900 Wireless

China VPN News Round Up

Another Man Jailed For Selling VPN Software

Earlier this summer. 26-year-old Deng Jiewei was convicted for selling VPN software. This caused quite the commotion in the Chinese VPN community. Citizens wondered what other punishments would be in store for merely using the software. However, it does not seem likely that the Chinese government will individually target VPN users. Regardless, China still remains adamant in tightening its internet censorship blockade.

Just last month, another man was revealed to have been detained by Chinese authorities. A man by the name of Zhao was arrested last month for selling VPN services. Police report that

he sold VPNs for 10 yuan a month, 50 yuan for six months, 90 yuan for a year and 120 yuan for two years. In total, police say that he managed to make 1,080 yuan before being caught. Officers confiscated all of his illegal income and kept him in custody for three days.

Compared to Jiewei, who was sentenced to nine months in prison for the charges of “providing software and tools for invading and illegally controlling the computer information system,” Zhao got off extremely easy with only three days of detainment. It is not clear why Jiewei’s sentence was so much longer.

Shadowsocks, A Way Around The Great Firewall

With Chinese authorities cracking down on VPN use, citizens are looking for ways to skirt the new censorship laws. One of these new techniques is called Shadowsocks, an open-source proxy built for getting around The Great Firewall.

Shadowsocks uses the protocol SOCKS5. SOCKS5 essentially routes your Shadowsocks client on your local computer to the one running your proxy server. Ultimately, SOCKS5 changes your IP address and protects you from prying eyes.

For Chinese citizens, Shadowsocks works better than a VPN because it allows greater customization which makes it harder for authorities to identify a masked connection. A VPN user would typically rely on a few select providers and protocols, making it far easier to identify traffic being routed through VPNs.

Hong Kong privacy advocate Leo Weese refers to VPNs as:

a professional freight forwarder, and Shadowsocks to having a package shipped to a friend who then re-addresses the item to the real intended recipient before putting it back in the mail. The former method is more lucrative as a business, but easier for authorities to detect and shut down. The latter is makeshift, but way more discreet.

Shadowsocks originated as a for-coders, by-coders tool, making it somewhat hard to set up for the average person. This was remedied by developers building third-party apps that are able to run on devices such as Apple’s iPhone.

Some of these apps include but are not limited to Potatso and Surge. Furthermore, these apps are no longer available on the app store due to Apple succumbing to China’s new privacy regulations.

Tim Cook Wanted to Rescind Free Speech Award

The Newseum, a movement dedicated to promoting, explaining, and defending free expression and the five freedoms of the First Amendment, had given Tim Cook, CEO of Apple, the Free Speech Award. The National Legal and Policy Center (NLPC) has publicly asked for the Newseum to rescind Tim Cook’s Free Expression Award.

The NLPC stated that this is attempt “to preserve the integrity of Newseum mission, as well as the integrity of the Award itself.” A few months after Cook’s acceptance of the award in April, he quickly backtracked and had Apple’s App Store remove any and all VPN app.

Although this action was carried out to comply with China’s demands, company’s like ExpressVPN are

disappointed in this development, as it represents the most drastic measure the Chinese government has taken to block the use of VPNs to date, and we are troubled to see Apple aiding China’s censorship efforts. ExpressVPN strongly condemns these measures, which threaten free speech and civil liberties.

While Apple stands by its decision to remove the VPN apps from the App Store, the NLPC is pushing back, saying that “it could have done the right thing and refused.”

Changes To App Privacy

American companies are not the only ones taking fire from the new Chinese regulations. WeChat, the Chinese messaging app has confirmed that they give away private user’s information to their government. With over 662 million users worldwide, this change is nothing to scoff at.

When updating the app, users are now prompted to accept the new privacy policy. This new policy now states that user’s data will now be shared with the Chinese government according to new laws and regulations. Some data that could be shared will be user’s personal contacts and web searches that they make within the application.

The Future of VPN Use in China

While the future of VPN use in China is shaky, a VPN FlashRouter can still help you get around the Great Firewall. Using a FlashRouter, any connected device will be encrypted by the VPN. This is for any device, whether it has native VPN support or not.

However, as VPNs are in an uncertain position in regards to China, it may be best to send us a message first.

FlashRouters Cyber Security News Roundup – June 2016

The Latest Networking Security Flaws Roundup

As sure as the world keeps turning, so too do cyber security and hacking news stories and issues crop up regularly. Some days, it seems like the worldwide efforts to stem the tide of the nefarious forces attendant in advancing technology are fighting a losing battle.

But we’re doing what we can to help. With our open source, VPN-friendly, and highly secure DD-WRT and Tomato FlashRouters, we’re at least able to offer international users the best firmware and best hardware available for a strong and versatile wireless network. Lord knows our VPN affiliates are putting up an incredibly effective and valiant fight against those who would use the Internet to threaten your privacy and security.

So aside from building your wireless network around some of the best routers and VPNs out there, the next most important thing you can do is increase awareness of these issues. That’s why we frequently roundup some of the most vital and urgent stories about hacking and cyber security, so that our users can respond to these new developments as quickly and wisely as possible. So without further ado…

FlashRouters Cyber Security News Roundup – June 2016

You Won’t Believe How Easy It Was To Hack Bangladesh’s Central Bank – So remember when the central bank of Bangladesh was hacked a few months ago? The crooks who made off with $81 million instead of the billions of dollars they would have secured if not for a typo? Anyway, turns out the network computers for Bangladesh’s central bank were protected by $10 switches and no firewall. Seems… insufficient, don’t you think?

Are Quanta LTE Routers The Least Secure Available? – And while we’re on the subject of grossly lacking online security, let’s all take a moment to gape in awe at Quantas LTE routers and their twenty (20!) major security flaws, which run the gamut from backdoors to denial of service problems. Some are ready to call these the least secure routers currently available.

Google’s New Messaging Service “Allo” Will Offer End-to-End Encryption – Google recently announced the advent of a new messaging service called “Allo”. It’s primary innovation is the addition of a bot that will offer help based on your conversation, but we’re excited about the “incognito” mode, which turns on end-to-end encryption, booting nosy government agents and hackers out of your business. That said, Edward Snowden doesn’t think the encryption should merely be an option.

The FBI Is Just Getting Started on Encryption Cases – That prolonged battle between Apple and the FBI over the phone belonging to the San Bernardino shooter may have been just a taste of what’s to come. Director James Comey told a crowd of reporters that he expects that the FBI will have to take a lot more legal action over encryption issues in the future. Fortunately, there is at least some semblance of a resistance…

A Few Senators Who Want to Reign In the FBI’s Hacking Capabilities – A recent Supreme Court ruling expanded the hacking powers of the FBI. So how do the few senators who oppose this ruling propose counter-acting it? By adding a 10-line amendment to the rule change, basically saying that the rule will not take effect. Kind of beautiful in its simplicity.

Pornhub Now Harnessing the Bug Hunting Powers of Their Users – Tech companies are increasingly discovering the wisdom of “bug bounty” programs, which essentially pay users to sniff out security vulnerabilities on their sites and report them back for immediate correction in exchange for a reward. And now you can earn as much as $25,000 if you can find one on the popular website Pornhub, which is a hub, of sorts, for porn.

You’re Even Vulnerable on the Website for Mr. Robot – Of course, a site like Pornhub gets enough traffic to warrant a bug bounty program. Sometime more ephemeral like a hype-building website for the second season of a popular USA network show probably has no use for such intense cyber security measures. And it’s that type of thinking that got the makers of “Who Is Mr. Robot?” in trouble, when two hackers found two separate security flaws that could have exposed the Facebook data of those who took the site’s quiz.

And Now the Air Force Is Getting Serious About Shutting Down Hackers – Perhaps it was naive to hope that the Air Force had their cyber security system fully in place by now, but better late than never, we suppose. The Air Force is planning to partner with private tech companies to develop a secure messaging system that will allow flight crews to be in touch without unwanted third parties nosing their way in.

Europe’s Police Agency Now Has More Leeway in Fighting Cyber CrimeThe phrase “Europe’s police agency Europol has been given enhanced cyber powers to track down terrorists and other criminals” may sound like the log line to a European-friendly Robocop remake, but nope, that’s just the world we live in now. In any case, the new measures supposedly come equipped with data protection and public oversight, but we’ll believe it when we see it.

The Average Age At Which Your Child Will Have a Smartphone – Admittedly, this one has little to do with cyber security, except maybe in the sense that it’s never too early to impress upon your children the importance of wise online behaviors. Anyway, you may be stunned to find out that if your child is 10-and-a-half years old and they don’t have a smartphone, they’re ever so slightly behind the curve.

Keep updated on the latest cyber security news by following us on Twitter and liking us on Facebook.

Router Hacking & CyberSecurity News Roundup

 Cybersecurity News

FlashRouters Cybersecurity and Router Hacking News Roundup.

There were few things we take more seriously at FlashRouters than cybersecurity. Part of our mission as a business that provides top-of-the-line routers is to give our customers devices that will help insulate them from the many threats that face your average Internet denizen.

It’s why we flash our routers with DD-WRT and Tomato firmware. These open source replacement firmwares correct so many of the issues we see affecting the stock firmware found in many of the most popular routers on the market today. It’s a rare day that we don’t read news stories about some new hack or some new firmware vulnerability with the potential to affect millions.

So we’ve gathered up some of the most recent news stories about cybersecurity and router hacking in the interest of making users more aware of the sort of attacks that can undermine the network security of any Internet dweller.

And while seeing these stories all collected together can be startling, we hope you’ll take solace in the fact that our VPN partners and our expertly tested-and-re-tested routers can provide you the online security that you need and deserve. Check out our recent VPN and VPN FlashRouters best-seller list to see some of our customer’s favorite ways of vastly improving their wireless networks, and find out what you can do to give yourself that same level of security.

Router Hacking and Cybersecurity News

Major Bug Could Affect Software, Thousands of Apps – Let’s start with the most technical one that also happens to have the biggest potential repercussions: a severe bug in one of the core building blocks of the Internet has been discovered. As Ars Technica reports:

A function known as getaddrinfo() that performs domain-name lookups contains a buffer overflow bug that allows attackers to remotely execute malicious code.

This function is found in GNU C Library, which is a collection of open source code that can be found in most distributions of Lynux, not to mention many apps. A patch has already been issued by glibc, who maintain the open source library, but the damage could be major.

Hackers Hold Hollywood Hospital Hostage – That alliteration isn’t meant to be glib about what is a seriously troubling story. Hackers have taken down the computer system at the Hollywood Presbyterian Medical Center with a ransomware attack and are threatening to keep it down until they receive $3.6 million. The hospital hasn’t responded to the demands yet, and this is an ongoing situation, so we’ll be sure to cover updates as they develop.

Do Not Set Your iPhone Back to 1970 – That’s easy; you weren’t planning on doing that anyway, right? Well, some mischievous character on 4Chan posted a phony iPhone easter egg, claiming that if you set your iPhone’s time back to 1970, a retro Apple logo would appear in your display. Not true (and not just because Apple didn’t exist until 1976), mainly because setting your phone back to 1970 bricks it. Irrevocably.

Hackers Want Our Tax Returns Too – Not too much you can do about this, unless you work in the cybersecurity industry and are in charge of protecting the IRS’s network, but hackers have apparently been attempting to file fake tax returns in order to steal people’s refunds. It’s easy enough to see why, as your tax returns would give your SSN #, address, birthdate, much of which would lead to your bank account and credit card numbers. Fortunately, the IRS noticed the attack in time and shut it down.

Sony Hackers Still Hacking – Hey, remember that massive hack of Sony that exposed lots and lots of stolen data and emails? Of course you do. We all thought the hackers when silent after that incredibly high-profile attack, and it turns out, that’s not the case at all…

On Defense

President Obama Asks Congress for $19 Billion for Cybersecurity – In one of the biggest signs that the US government takes the myriad cybersecurity threats our nation (and the global community) faces on a daily basis seriously, President Obama has submitted a huge budget proposal to Congress, asking for $19 billion to cover a broad range of initiatives to stop hacks and promote cybersecurity. What can we say but Bravo!

Catch and Immortalize Your Would-Be Hacker with Mugshot – Worried someone’s going to try and access your various accounts? Not at all creeped out by the idea of seeing a picture of the once-anonymous would-be hacker in the act? Then LogMeOnce’s new feature titled Mugshot, which will track the location of the person hacking your phone and even take a picture of him or her, is just for you.

Stay updated on all of the latest cybersecurity new by following us on Twitter and liking us on Facebook