Category: security

Best UK VPN Access for iPlayer

Which is the best UK VPN Access provider with British based servers for BBC iPlayer?  It’s a difficult question, simply down to the huge choice that is available now online.  Years ago, I was involved in a project to install a Virtual Private Network (VPN) client on thousands of laptops in a large multinational company.  The laptops consisted of wide variety of hardware, lots of different language builds and each had different software installed (even some VPN client software which needed to be removed first).   One thing I did learn throughout this project is that VPN client software can cause all sorts of problems mainly concerned with network connectivity if it doesn’t work properly.

best vpn for UK TV abroad

Reliable Software is Important

This is why, choosing a reliable VPN service is so important. For most of us, an internet connection is why we use our computers, using a poor service will at best slow down your connection and at worse completely break it. A VPN needs to be well configured, maintained and supported both at the client and the server side to work quickly, securely and seamlessly.

In fact seamlessly is an important point, because the better a service is, the less impact it will have on your connection.  If your internet speeds plummet to a slow crawl as soon as you enable the connection then it’s going to be fairly worthless.

Most people need a VPN for the following reasons:

  • Secure their connection and personal details.
  • Access blocked websites like Hulu, BBC iPlayer, ABC and others.
  • Privacy

There are other reasons, but it’s mainly to bypass blocks and ensure security, any well run VPN should be able to supply both of these.  If you’re interested in a accessing a particular service like British TV online then a fast UK connection is the priority.  This is an important point, the best VPN or Smart DNS service will actually allow you access to a network of VPN servers in different countries. However it is the speed of the specific servers that you connect to which will ultimately determine how it performs.

For example, many services offer a server in a few different countries, which is great if you are not concerned about which country you connect to.  However if you want to watch and access the BBC online then you will have to select a UK one to change your IP address, unfortunately so will many others.   Which is why for so many companies popular servers will be completely overloaded.

Identity Cloaker monitor their servers 24/7 and because they are one of the oldest and safest UK VPN Access providers on the internet they have a wealth of expertise in maintaining fast, accessible servers.  They also have deployed servers based on demand – their network has dozens of UK and US servers with huge, available bandwidth to be used for the popular media sites like the BBC and Hulu, but less servers based in other countries.

Which means their UK VPN servers are fast, very fast especially when used with the compression algorithm in the client software.

The reality is that the service is one of the best because it has been around for so long and been actively developed.  The software is sophisticated and robust, the servers have been optimized over the years to provide the fastest and most effective service.

Here’s a great example, although Identity Cloaker was originally available using the client software which redirected through a UK BBC proxy for British addresses but it was becoming apparent that demand was moving towards different devices.  For example many people were starting to stream video directly onto Smart TVs, tablets or media devices.  Making different versions of the VPN client software was almost impossible for many of these devices, how do you install software onto your Smart TV for example?

Which is why all the Identity Cloaker servers were modified to allow direct VPN connections from other devices.  Basically it was possible now to set up your VPN connection manually on tablets, ipads and phones.  You can even connect directly from your router to effectively switch every device to use the VPN even things like Smart TVs – watch this video.

This won’t be suitable for everyone of course, because by default it does effect every device connected to that router.  However it’s a marvelous fix for situations where you can’t get access to the network configuration settings and still need the a good VPN you can get access to.   Most modern routers will have this facility, although unfortunately in the UK there is a tendency for ISPs to supply heavily restricted devices.  BT have removed the majority of the connection settings in it’s Home Hub device including much of the VPN functionality.  The overriding advantage of this message though is that the IP address is classed as a residential one, a valuable asset that you’d normally pay for from a residential IP provider !

However for speed, security and reliability then I can thoroughly recommend Identity Cloaker which you can try out for 10 days using their . .

Snooper’s Charter – UK Passes Surveillance Law

This was always likely to happen given recent events, the ridiculous snooper’s charter which was originally tabled in 2012 by the then home secretary Theresa May has been approved and passed.

12-01-2009-anonsymoussurfingsoftware-anonymous_democracy-dictators

Over the years it’s been blocked and repealed with good cause, civil liberties groups have described it as the most extreme surveillance legislation ever passed in a democratic nation.   It’s a huge blow to personal privacy with the government basically having access to pretty  much everything we do online.

Here’s some stand out points:

Internet provider’s Forced to Log Web History for 12 Months

This is a great one, your ISP will be forced to record every single web site you visit for 12 months.  So just imagine this, Government departments will be able to generate a list of every single web site you have visited for the last year.   Sounds a bit Orwellian,  a bit intrusive?  We thinks so!  Further imagine sitting down for an interview or an application with some Government official sitting across the desk from you with that list in hand.

Decrypt Data on Demand

The government will have the power to force any company or individual to decrypt data on demand.  Obviously no one really has any idea how this will work or how it can be implemented, but this just means it can be made up to suit the situation.  Is your VPN a protection, who knows if the law demands you hand over the key perhaps not.

Intelligence Agencies can Hack into Our Devices and Computers

Great eh!  Not only do they get a list of every porn site you may have inadvertently clicked on over the last 12 months, but the Government can legitimately hack into your phone, TV or internet enabled toaster to pry just a little bit further.  The use of the word ‘devices’ means they have pretty much ‘carte blanche’ to break into every electronic device in your possession and create sinister, snoopy lists and databases.

government-snoop-information

There are many other provisions, and in the spirit of oppressive regimes everywhere lots  of them are kept suitably vague and unclear.  This is important because it allows the security agencies to do pretty much anything and claim it is covered under the legislation.  Places like Iran, Turkey and China have been doing this for decades.

Is privacy a basic human right?  Many people think so, yet this legislation completely erodes that concept.   It’s been criticized from all quarters – privacy groups, United Nations representatives, lots of IT companies and even the parliamentary committee that was tasked with looking through the bill.

Nothing seemed to matter and the UK has now established a legal right to spy on it’s citizens like some second rate, despotic regime.

The Big Business Hackers

When you imagine a team of highly skilled hackers attempting to make money, most people will probably think of some criminal exercise of exploitation, cyber crime or extortion.   You certainly wouldn’t think of the stock market or investment firms profiting directly from this sort of enterprise – yet it seems this is exactly what is happening.

Hacking is going mainstream and it looks likely that there will be a lot more profit going legitimate than through the standard ransom or blackmailing routes.   Others will perhaps argue that these new methods are pretty much the same as the criminals use.

The story arises from the tactics of a company called MedSec a cyber security firm which has recently started up.  They investigated a range of hospitals and medical hardware for potential security issues and identified one medical devices company to be at particular risk – St Jude Medical Incorporated, more specifically the pacemakers and defibrillators they make.

At this point MedSec faced a classic, traditional ‘hackers dilemma’ – you find a serious vulnerability – what do you do?   For the ethical hacker it often represented a difficult choice particularly if a little digital trespassing was involved.  Many individuals have found themselves behind bars after attempting to inform a company or organisation about a vulnerability in their software or network, while some have been praised and rewarded.   The MedSec guys though have a plan to inform and profit at the same time, although the ethics seem fairly dubious to many.

They approached an investment firm run by Carson Block called Muddy Waters Capital LLC with their money making initiative.   The idea was unusual, MedSec team would prepare all the evidence demonstrating the problems with the medical devices, however before making this public the investment company would take out a short position on the parent company of St Jude Medical.    Basically they would both make money if the share price fell in response to the negative news.

Sounds like insider dealing? Perhaps, although it is assumed legal advice was taken before this unusual tactic  – here’s a MedSec representative justifying their tactics.

Convinced? Nope me neither, I suspect they may be in trouble for using this tactic. Where will it end ? The false concern about patients using these medical devices to try and justify their money making scheme was particularly hard to believe. Currently the tactic seems to have paid off though with the share price falling significantly and presumably making the ‘short’ position profitable.

Do You Trust Your TV? It Could be Spying on You.

Well if you have a new Samsung TV then perhaps you should think twice before answering that question.  Their new generation of Smart TVs have a voice activation feature that allows you to switch on and off, change channels and stuff like that, but it’s possible that this comes at a significant cost.

 

An eagle eyed EFF activist called Parker Higgins, took the time to read the privacy policy of these TVs and discovered a rather alarming paragraph which stated –

Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

So let’s just have a think about this, if you enable the voice recognition function on your shiny new Samsung Smart TV, the bloody thing will not only listen to all your conversations it will also transmit them to a myriad of  third party companies.  Your TV would actually be sitting in the corner of your room spying on you!

Now putting aside my personal dislike of all voice enabled devices, I mean why is talking to an inanimate device preferable to pushing a button, this is a seriously worrying threat to people’s privacy.  For a start you’d have to be permanently on your guard, who knows where your conversations are going to – just some spotty Samsung technical geek  or more likely a selection of marketing companies?   Secondly, it’s not only spying on you the owner of the TV but anyone who happens to be in the room – have they given their permission ?  Should anyone entering your living room be given a disclaimer and need to sign a consent form !!

Samsung have now modified the wording in their policy insisting that the TV doesn’t in fact listen to ordinary conversations.  This is however rather difficult to believe after the initial policy wording,  I mean you’d never put that down in writing if it wasn’t in some way true.  There is obviously little thought being put into the design of these devices, as far as privacy goes – relying on stuffing a few sentences deep in the TVs documentation (which it probably thought nobody would read).

There are other aspects to the technology which makes it even more unlikely that conversations can’t be monitored by the device.  For start the TV is capable apparently of recognising complex requests like –

‘recommend a good Sci-Fi Movie’ or ‘open BBC iPlayer

I mean a TV would have to listen to pretty much everything to pick up and filter requests like that, this is beyond someone like me shouting OFF  in his stupid accent.

What is more that the TV doesn’t have a single microphone, you can’t just huddle in the corner away from the TV whispering – there’s another in the damn remote control.   Cunning move, the TV remote in my house for example it is the singlest most difficult to find device by far.  It routinely turns up in all sorts of obscure locations and I’m sure my children are on some sort of retainer to hide it every time they’ve finished watching.

Well I for one, will not be purchasing one of these things, however unfortunately it will also involve me upgrading my general level of paranoia.  I foresee a future of creeping around electronic stores or checking the backs of friends TV sets when I enter their house  (and of course enquiring about the location of the remote).

Does anyone really need this rubbish !!

Lessons from the Internet of Things – Do you Trust Your Fridge?

The ‘Internet of Things‘ is one of the most discussed topics on technical forums at the moment. The idea that you can enable all sorts of devices with a network card and a bit of memory to attach it online obviously has many benefits. It reminds me of the excitement of the ‘Trojan Room Coffee Machine which was a live video stream of a coffee machine hooked up in Cambridge University, via MPLS and an Acorn Archimedes (remember them!) in 1993. Sure it was just a coffee machine, certainly the picture rarely changed – it was either full, empty or half empty – but the realisation that you could check on it in real time without leaving your chair was kind of exciting at the time. The web cam was switched off in 2001, but many of us can still recall checking that the geeks in Cambridge had enough coffee.

isyourfridge-spamming

Nowadays of course, our devices are increasingly network aware, printers were of course, the logical first piece of equipment to stick online, it saved having them hooked up to computers and people could use them remotely. However it didn’t take long for hackers to target the first network enabled printers to infiltrate networks, distribute malware or just muck about by sending huge print jobs to them.

A story has broken this week in the security press which adds a strange twist with the first reported Spam attack by a fridge. The report released by the security firm, Proofpoint claims that a fridge took part in sending 750,000 email messages in a wide bot enabled Spam attack. It’s actually a little late as there have been similar reports as early as 2013 of this new vocation of our kitchen appliances, however it’s still rather disturbing.

Many of us, will perhaps question the need for kitchen appliances to have access to the internet. I for one can happily live without my fridge tweeting me that I’m out of milk, in fact being nagged by my fridge doesn’t appeal at all!! Manufacturers will point to the fact that internet access will provide a host of other benefits like fault finding and notifying manufacturer of potential problems. Again, the old school method of the fridge simply stopping working seems more than adequate. Imagine getting a call from a Samsung customer representative who has just been notified that your fridge light is not working by your erm fridge. It’s an internet horror story and the benefits negligible at best and in reality pretty much pointless.

Enabling these devices means there’s another headache you are responsible for, you’ll need to configure your fridge to connect, ensure it’s got a strong password and it’s behaving itself online.  How do you connect to your fridge, could you compromise other logins, should you use a VPN to connect?  Coming down in the morning and finding your fridge cornered by the FBI might seem far fetched but it’s not as ridiculous as it might seem.   Using these devices in botnets to attack other machines, send out spam or as proxies to attack other machines is perfectly feasible and it’s actually happening now.

Network security on these enabled devices is normally an after thought, it’s often much easier to hack into a network enabled device than a laptop or computer.   For example how many people would log onto their fridge after purchase to change the default password – but if you’ve bought  a fancy internet enabled smart fridge it’s something you really should do.   Already hackers have demonstrated how to to steal your google login from a Samsung fridge, at this years DefCon conference.  The fridge ran a flawed implementation of  SSL which failed to check false certificates making it vulnerable to MiTM attacks.

This ‘internet of things’ basically sounds like a huge pain, introducing fairly pointless benefits at the cost of loads of hassle and vulnerabilities.  Of course for things like printers and using my Smart TV to access online entertainment then it makes sense.  However I for one will not be upgrading my fridge anytime soon.