Archive for the ‘Carriers’ Category

Understanding Open Source Agility – Watching revenue upside in SD-WAN, UCaaS services.

Thursday, July 13th, 2017
“A penny saved is a penny earned” –Wise Anonymous person’s words that I heard from my mother growing up.
R O I should be an initial checkpoint and a major focus of any technological investment.  What is the solution solving?  I can’t stop adding items to the list.  I found the article below rather interesting – The service and cloud scene is poppin right now.
–Aaron
business meeting

SatPhone Encrypted Calls Can be Cracked in Fractions of a Second

Thursday, July 13th, 2017

Decrypting-Satellite-Phone-Calls

Security researchers have discovered a new method to decrypt satellite phone communications encrypted with the GMR-2 cipher in “real time” — that too in mere fractions of a second in some cases.

The new attack method has been discovered by two Chinese security researchers and is based on previous research by German academicians in 2012, showing that the phone’s encryption can be cracked so quickly that attackers can listen in on calls in real time.

The research, disclosed in a paper published last week by the security researchers in the International Association for Cryptologic Research, focused on the GMR-2 encryption algorithm that is commonly being used in most modern satellite phones, including British satellite telecom Inmarsat, to encrypt voice calls in order to prevent eavesdropping.

Unlike previous 2012 research by German researchers who tried to recover the encryption key with the help of ‘plaintext’ attacks, the Chinese researchers attempted to “reverse the encryption procedure to deduce the encryption-key from the output keystream directly.”

The attack method requires hitting a 3.3GHz satellite stream thousands of times with an inversion attack, which eventually produces the 64-bit encryption key and makes it easier to hunt for the decryption key, allowing attackers to decrypt communications and listen in to a conversation.

“This indicates that the inversion attack is very efficient and practical which could lead to a real time crack on the GMR-2 cipher,” the research paper reads. “The experimental results on a 3.3GHz platform demonstrate that the 64-bit encryption-key can be completely retrieved in around 0.02s.”

According to the duo, the attack can eventually crack the satellite phone call encryption in a fraction of a second when carried out successfully, allowing the attacker to break into the communications in real time for live eavesdropping.

The new findings spark concerns surrounding the security of satellite phones, which are mostly used by field officers in war zones that protect our land, air, and water, as well as people in remote area precisely because of no other alternatives.

Such attacks could pose a significant threat to satellite phone users’ privacy.

“Given that the confidentiality is a very crucial aspect in satellite communications, the encryption algorithms in the satellite phones should be strong enough to withstand various eavesdropping risks,” researchers said.

“This again demonstrates that there exists serious security flaws in the GMR-2 cipher, and it is crucial for service providers to upgrade the cryptographic modules of the system in order to provide confidential communication,” researchers concluded.

The research was carried out by Jiao Hu, Ruilin Li and Chaojing Tang of National University of Defense Technology, Changsha, China. For more details, you can head on to their research paper [PDF], titled “A Real-time Inversion Attack on the GMR-2 Cipher Used in the Satellite Phones.”

Story Credit ::
Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst.
She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

Ting sets Sandpoint, Idaho as its next 1 Gbps broadband target

Tuesday, March 8th, 2016

If Ting sees enough interest in service after completing its “demand assessment” phase, Ting says that network construction will begin later this year.

Google Fiber (NASDAQ: GOOG) and other large telcos like AT&T (NYSE: T) have gained national attention for their 1 Gbps FTTH builds in major cities like Atlanta and Austin, Texas. But Ting said its goal is to bring similar capabilities to areas like Sandpoint where the population is less than 10,000 people.

“While it’s obviously very important to get major metros connected with fast fiber Internet, Ting Internet is proving that the fastest Internet access available isn’t just for city centers,” said Elliot Noss, CEO of Ting and its parent company Tucows. “Smaller cities and towns need faster, more reliable Internet too. Maybe even more so.”

Sandpoint will be the fourth area where Ting offers its FTTH service.

In early 2015, Ting launched FTTH service Charlottesville, Va. followed by Westminster, Md., later that year. In early 2016, Ting Internet began demand generation and assessment in Holly Springs, N.C.

Although network installation costs vary by location, Ting said they are not more than $200 for a home or $400 for an individual business. The Ting Internet Box, which doubles as a high speed wireless router, costs $199 up front or a user can pay $9 a month for the device.

Eligible residential customers can get a 1 Gbps connection for $89, while business services are available for $139 a month. The service provider is also offer a symmetrical 5 Mbps service for $19 a month.

Ting is taking its 1 Gbps FTTH show to the Sandpoint, Idaho area with plans to offer the service to residents in the communities of Sandpoint, Dover, Ponderay and Kootenai.Similar to the way it launched services in Holly Springs, N.C. and in Virginia, interested residents and businesses that reside in these towns can pre-order service by going to the ting.com/sandpoint site.The service provider said that pre-orders will impact not just when Ting starts bringing service to a town, but also where it will begin its network buildout.

 

Source: Ting sets Sandpoint, Idaho as its next 1 Gbps broadband target – FierceTelecom

Record-breaking 1Tbps Speed achieved Over 5G Mobile Connection – Hacker News

Thursday, February 26th, 2015

New Generations usually bring new base technologies, more network capacity for more data per user, and high speed Internet service, for which Internet service providers usually advertise. However, it is believed that the fifth generation (5G Technology) of mobile network will be beyond our thoughts.1TBPS OVER 5GSecurity researchers from the University of Surrey have just achieved Record-Breaking data speeds during a recent test of 5G wireless data connections, achieving an incredible One Terabit per second (1Tbps) speed – many thousands of times faster than the existing 4G connections.After 4G, 5G is the next generation of mobile communication technology that aims at offering far greater capacity and be faster, more energy-efficient and more cost-effective than anything that has seen before. The boffins say 5G will be different – very different.The 5G test was conducted at the university’s 5G Innovation Centre (5GIC), which was founded by a host of telecoms industry partners including Huawei, Fujitsu, Samsung, Vodafone, EE, Aircom, BT, Telefonica, Aeroflex, BBC and Rohde & Schwarz.

via Record-breaking 1Tbps Speed achieved Over 5G Mobile Connection – Hacker News.

Thai Gov’t promises nationwide broadband | Bangkok Post: business

Thursday, February 26th, 2015

Mr Pridiyathorn Devakula

 

The government Thursday vowed to make cheap Internet service accessible to all villages in Thailand within two-and-a-half years as part of its digital-economy strategy.

Speaking at a seminar today, MR Pridiyathorn Devakula, deputy prime minister responsible for economic issues, said the government would try to make Internet access available to the largest numbers of Thai people at low cost.

He said the government aimed to set up a public-private venture to develop broadband infrastructure across the country. Government agencies should convert the value of fibre-optic cable under their ownership into capital for the new venture. The process is expected to take about 18 months.

Another year will be required to lay fibre to all almost 75,000 villages in the country, said MR Pridiyathorn.

He said there would data centres networking all government agencies will be developed within a year.

Please credit and share this article with others using this link:. via Gov’t promises nationwide broadband | Bangkok Post: business.

http://www2.bangkokpost.com/business/telecom/484274/gov-t-promises-nationwide-broadband

Lenovo, Google websites hijacked by a DNS attacks | PCWorld

Thursday, February 26th, 2015

The redirection of both Lenovo’s website and Google’s main search page for Vietnam this week highlights weaknesses with the Internet’s addressing system.

On Wednesday, visitors to lenovo.com were greeted with what appeared to be webcam images of a bored young man sitting in a bedroom, and the song “Breaking Free” from an old Disney movie. On Monday, Google’s site for Vietnam also briefly redirected people to another website.

Both Google and Lenovo were victims of “domain hijacking,” a type of attack against the Domain Name System (DNS), which translates domain names into IP addresses that can be called into a browser.

The domain name records for both companies were modified to redirect to different websites when people entered “lenovo.com” and “google.com.vn.”

The changes were apparently made through Web Commerce Communications, known as Webnic.cc, a Malaysian company that registers domains names.

The hacker group Lizard Squad has claimed credit for the defacements. Lenovo appeared to restore service at one point on Wednesday afternoon, but later was unavailable due to system maintenance, a notice said. Webnic.cc could not be immediately reached for comment.

In Lenovo’s case, the hackers changed Lenovo’s domain name registration details to redirect to nameservers at CloudFlare, a San Francisco-based company that specializes in bettering the performance of websites through extensive caching. Nameservers tell a computer which IP address to look up to view a website.

lenovo1

Lenovo’s home page appears to have been hacked

CloudFlare’s servers then redirected people trying to go to lenovo.com to two IP addresses hosted in the Netherlands by the company Digital Ocean, said Andrew Hay, senior security research lead for OpenDNS, a company that specializes in DNS-related security.

Those redirected to the other sites saw the webcam images of the bored young man. The source code for the Web page included the line: “The new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey,” referring to persons who have reportedly been connected to the hacker group Lizard Squad.

The Lizard Squad’s access to Lenovo’s registrant account also allowed it to capture some of Lenovo’s email, which the group posted excerpts of on Twitter.

Lenovo has already been under pressure in the last week for pre-installing a secretive application called Superfish on its laptops, which substitutes some ads on encrypted websites but also created a major security vulnerability.

CloudFlare offers free services that are sometimes abused by miscreants, but the company said it moved fast to help fix Lenovo’s problem.

“As soon as we saw the unauthorized transfer, we took control of the account, notified Lenovo and worked with them to restore service while they worked on getting their domain back,” said Marc Rogers, principal security researcher at CloudFlare.

On Monday, Google’s site for Vietnam briefly redirected people to another website. Like Lenovo, Google also had its google.com.vn domain name registered with Webnic.

It is possible that Webnic.cc has a vulnerability in its network that was discovered by the Lizard Squad and allowed changes to be made to domain name registrations. Another possibility is that the Lizard Squad obtained the authentication credentials used by those companies to modify domain name records.

It’s considered a low-brow style of attack, but changes to domain name records can be dangerous for Web users since there’s little they can do to protect themselves.

Such attacks—especially against websites that receive a lot of traffic—are powerful because attackers could redirect them to websites that try to automatically install malicious software. But that doesn’t appear to be the case with either the Lenovo or Google redirects.

via Lenovo, Google websites hijacked by a DNS attacks | PCWorld.

Information Regarding Server Issues for VyprVPN Customers in China | Golden Frog

Friday, January 23rd, 2015

We are aware of recent network issues affecting our VyprVPN customers in China. If you are in China and are having trouble connecting to several different VPN server locations, including US and Australia servers, please use the following locations:

Netherlands

Hong Kong

Connections to these locations have been successful, but may not have a 100% success rate. In the event one of those locations fails, please try another.

Thank you for your patience in this matter. We are investigating the issue and will provide you with an update once we have additional information.

via Information Regarding Server Issues for VyprVPN Customers in China | Golden Frog.

Reports: Google to Invest $1B in SpaceX | PCMag.com

Tuesday, January 20th, 2015

Google is on a mission to deliver Internet access to underserved areas, and it’s now reportedly looking to Elon Musk and his SpaceX team for help.

The Web giant is gearing up to make a huge investment in the rocket maker as part of an effort to develop satellites that could beam low-cost Internet to areas of the world that currently don’t have it, according to a new report from The Information, citing several unnamed people “familiar with the talks.”

“The price and terms Google and SpaceX are discussing couldn’t be learned although one person familiar with them said Google has agreed to value SpaceX north of $10 billion and that the size of the total round, which includes other investors, is very large,” the report notes.

The Wall Street Journal corroborated the rumor, and added that the investment could total roughly $1 billion. At this point, it’s still unclear what exact stake Google will wind up with in the rocket maker.

And the World Your Balloon

Google Drones

Satellite Strung From the Moon

Internet.org

Facebook Drones

The Space In Between

VIEW ALL PHOTOS IN GALLERY

If the deal goes through, it wouldn’t be Google’s first effort to spread Internet access to unconnected areas of the world. The Silicon Valley giant over the past several years has been experimenting with using high-flying balloons and drones to help establish Internet access in areas that are very difficult to wire up, like jungles, archipelagos, and mountains.

With its Project Loon effort, Google is deploying large helium balloons equipped with antennas that offer 4G-like signals to homes and phones some 12 miles down below. Rival Facebook has similar ambitions, and is also looking at looking at drones, satellites, and lasers to assist in providing Internet access worldwide.

via Reports: Google to Invest $1B in SpaceX | News & Opinion | PCMag.com.

Google and Microsoft step in to oppose Marriott Hotels’ Wi-Fi blocking petition | The Verge

Wednesday, December 24th, 2014

Marriot Hotels
A petition to grant hoteliers the right to block personal Wi-Fi on their premises is being met with staunch opposition from the biggest technology companies. Google and Microsoft are among those who have filed objections, noting the illegality of any devices capable of interfering with radio signals.

Marriott has been fined for blocking wi-fi connections before

Recode writes that hotel company Marriott International and the American Hospitality & Lodging Association had petitioned the FCC to allow hotel operators to utilize equipment to manage their networks, regardless of whether it may result “in interference with or cause interference to” devices used by guests. This followed a $600,000 settlement case in October, when it was discovered that the employees of Marriott’s Gaylord Opryland Hotel & Convention Center were using a jammer to block off internet access.

Microsoft laid out its arguments against the petition in the filing, stating that a Wi-Fi hotspot set up by a hotel guest is authorized to operate in the unlicensed spectrum, and pointing out that “wilfully excluding these other authorized devices from using that unlicensed spectrum, under the guise of mitigating so-called threats to the reliability (performance) of an operator’s own network, violates Section 333,” which bars “wilful or malicious interference” to radio signals.” The company also pointed out that by restricting the ability to set up their own connections, Marriott would be forcing the customer to pay to access the hotel’s own Wi-Fi, having already paid their mobile operator for the ability to set up a hotspot anywhere.

The hotel chain had argued that it wasn’t breaking the law, but was protecting its guests from “rogue wireless hotspots that can cause degraded service, insidious cyber attacks and identity theft.” But Marriott’s arguments are weak, as there are several examples that show guests are far safer jumping onto their own personal Wi-Fi hotspots than they are connecting to a potentially compromised hotel Wi-Fi network. In November, for example, Kaspersky Labs discovered a group of hackers targeting high-profile business executives who were working from luxury hotels.

via Google and Microsoft step in to oppose Marriott Hotels’ Wi-Fi blocking petition | The Verge.

Stealthy Regin malware is a ‘top-tier espionage tool’ – CNET

Monday, November 24th, 2014

An advanced piece of malware, newly uncovered, has been in use since as early as 2008 to spy on governments, companies and individuals, Symantec said in a report released Sunday.The Regin cyberespionage tool uses several stealth features to avoid detection, a characteristic that required a significant investment of time and resources and that suggests it’s the product of a nation-state, Symantec warned, without hazarding a guess about which country might be behind it. The malware’s design makes it highly suited for long-term mass surveillance, according to the maker of antivirus software.”Regin’s developers put considerable effort into making it highly inconspicuous. Its low key nature means it can potentially be used in espionage campaigns lasting several years,” the company said in a statement. “Even when its presence is detected, it is very difficult to ascertain what it is doing.”The highly customizable nature of Regin, which Symantec labeled a “top-tier espionage tool,” allows for a wide range of remote access Trojan capabilities, including password and data theft, hijacking the mouse’s point-and-click functions, and capturing screenshots from infected computers. Other infections were identified monitoring network traffic and analyzing email from Exchange databases.Cyberespionage is a sensitive subject, often straining diplomatic relations between countries. The US and China have tussled for years over accusations of electronic spying. The US has accused China’s government and military of engaging in widespread cyberespionage targeting US government and business computer networks. China has denied the charges and accused the US of similar behavior targeting its own infrastructure.Related stories Russian government gathers intelligence with malware: report Former NSA director speaks out on spying, Stuxnet, defense China cyberspies hit US national security think tanks Behind US-China cyberspy tensions: The view from Beijing Q&ASome of Regin’s main targets include Internet service providers and telecommunications companies, where it appears the complex software is used to monitor calls and communications routed through the companies’ infrastructure. Other targets include companies in the airline, energy, hospitality and research sectors, Symantec said.The malware’s targets are geographically diverse, Symantec said, observing more than half of the infections in Russia and Saudi Arabia. Among the other countries targeted are Ireland, Mexico and India.Regin is composed of five attack stages that are hidden and encrypted, with the exception of the first stage, which begins a domino chain of decrypting and executing the next stage. Each individual stage contains little information about malware’s structure. All five stages had to be acquired to analyze the threat posed by the malware.The multistage architecture of Regin, Symantec said, is reminiscent of Stuxnet, a sophisticated computer virus discovered attacking a nuclear enrichment facility in Iran in 2010, and Duqu, which has identical code to Stuxnet but which appeared designed for cyber espionage instead of sabotage.Symantec said it believes that many components of Regin remain undiscovered and that additional functionality and versions may exist.”Regin uses a modular approach,” Symantec said, “giving flexibility to the threat operators as they can load custom features tailored to individual targets when required.”

via Stealthy Regin malware is a ‘top-tier espionage tool’ – CNET.