Opera Goes VPN
Opera Software has announced a crop of additional functionality for its desktop edition which graduates today to become Opera 32.
The Norwegian browser firm has a relatively small but very loyal market share of 1.27 percent. It has benefited in recent years from increased compatibility owing to a change to the open source Chromium base, making it the biggest Chromium browser apart from Chrome itself.
Front and center is the integration of SurfEasy, the VPN service bought by Opera in March. Customers can now run completely anonymous browsing sessions from within Opera 32.
Other browsers offer ‘anonymous browsing’, but this does not protect your browsing of robot sex doll sites from your ISP or your search engine. With a VPN you can be sure that whatever you get up to is secret.
Opera product manager Zhenis Beisekov said in the Opera Blog: “Your security online has always been our highest concern. We want to move it another step forward, because we believe that privacy online is a universal right.”
Other new features include the addition of password syncing between browsers, which joins the existing shared tabs, bookmarks and data.
Bookmarks get a new tree-view designed to make it easier to find stuff in your bookmarks, and maybe give them the tidy up they’ve needed all these years.
Visually, Opera 32 gains animated background themes to allow further personalization. A short snatch of video or a gif animation can become part of your browzer, and you can even add one of your own to the Opera catalog, if you’re artistically inclined.
Opera recently announced a major update to its Mini browser for smaller devices, which offers a data compression option that maintains the integrity of the page content for the first time, making it ideal for roaming and low bandwidth areas.
Source-http://www.thegurureview.net/computing-category/opera-browser-introduces-vpn-for-everyone.html
Criminals Remotely Erasing Smartphone Data
Comments Off on Criminals Remotely Erasing Smartphone Data
Smartphones taken as evidence by police in the UK are being wiped remotely by crooks in order to remove potentially incriminating data, an investigation has uncovered.
Dorset police told the BBC that six devices were wiped within the space of a year while they were being kept in police custody, and Cambridgeshire, Derbyshire, Nottingham and Durham police also confirmed similar incidents.
The technology being used was originally designed to allow device owners to remove sensitive data from phones or tablets if they are lost or stolen.
“We have cases where phones get seized, and they are not necessarily taken from an arrested person, but we don’t know the details of these cases as there is not a reason to keep records of this,” a spokeswoman for Dorset police told the BBC.
A spokeswoman for Derbyshire police also confirmed one incident of a device being remotely wiped while in police custody.
“We can’t share many details about it, but the case concerned romance fraud, and a phone involved with the investigation was remotely wiped,” she said. “It did not impact upon the investigation, and we went on to secure a conviction.”
Software that enables this remote wiping has been available from a variety of security firms for some time now.
For example, BitDefender announced a product a while back intended to track lost or stolen Android devices. Not only did it allow users to connect remotely and ‘wipe’ data from a web profile via the internet, but to activate commands with text messages.
Pen Test Partners’ digital forensics expert, Ken Munro, said it is common practice to immediately put devices that are seized as evidence into a radio-frequency shielded bag to prevent any signals getting through and stop remote wipes.
“If we can’t get to the scene within an hour, we tell the client to pop it in a microwave oven,” he said. “The microwave is reasonably effective as a shield against mobile or tablet signals – just don’t turn it on.”
Opera Mini Goes To Windows Phone
September 2, 2014 by admin
Filed under Around The Net
Comments Off on Opera Mini Goes To Windows Phone
Norwegian software maker Opera inked a deal to take over the browser building unit of Microsoft’s Nokia cellular phone unit and reported second-quarter earnings above expectations on Thursday, sending it shares sharply higher.
“We have signed a strategic licensing deal with Microsoft. We are basically taking over the browser building department in Nokia,” Opera Chief Executive Lars Boilsesen said. “This means that Opera Mini will become the default browser for Microsoft’s feature phone product lines and the Asha phones product lines.”
The deal will be profitable from the start, he added.
“All the current user base will be encouraged to upgrade to Opera Mini and all the new phones will come with Opera Mini pre-installed as a default browser. This is a great deal for us. We have dreamed of this for more than 10 years.”
In a separate statement, Opera said the licensing agreement applies to mobile phones based on the Series 30+, Series 40 and Asha software platforms.
“As part of the agreement, people who use the current browser for these phones, Xpress, will be encouraged to upgrade to the latest Opera Mini browser. Factory-new devices will have Opera Mini pre-installed.”
Chrome Climbs To Second
Google’s Chrome browser in July broke the 20% user share bar for the first time, according to recently published statistics by Web measurement vendor Net Applications.
But because the browser war is a zero-sum game, when Chrome won others had to lose. The biggest loser, as has been the case for the last year: Mozilla’s Firefox, which came dangerously close to another milestone, but on the way down.
Firefox accounted for 15.1% of the desktop and laptop personal computer browsers used in July, a low point not seen by the open-source application since October 2007, a year before Chrome debuted and when Microsoft’s Internet Explorer (IE) was only on version 7.
Chrome had flirted with the 20% mark before. More than two years ago, Chrome’s user share — a Net Applications’ measurement of the unique visitors running each browser — had come close: 19.6%. But Chrome then took a prolonged dip that only began reversing last fall.
Chrome’s July user share of 20.4% put the browser solidly in second place, but still far behind IE in Net Applications’ tallies. IE’s share last month was 58%, down slightly from the month before.
Firefox also lost user share in July, dropping half a percentage point to 15.1%. It was the ninth straight month that the desktop browser lost share. In the past three months alone, Firefox has fallen nearly two points.
The timing of the decline has been terrible, as Mozilla’s current contract with Google ends in November. That deal, which assigned Google’s search engine as the default for most Firefox customers, has generated the bulk of Mozilla’s revenue. In 2012, for example, the last year for which financial data was available, Google paid Mozilla an estimated $272 million, or 88% of all Mozilla income.
Going into this year’s contract renewal talks, Mozilla will be bargaining from a much weaker position, down 34% in total user share since July 2011.
Apple’s Safari remained in a distant fourth place behind Firefox, with a user share of 5.2%, down four-tenths of a percentage point in the last month. Meanwhile, Opera Software’s Opera browser brought up the rear with a small 1% user share.
Can Android Fight Cyber Threats With A.I.?
February 5, 2014 by admin
Filed under Smartphones
Comments Off on Can Android Fight Cyber Threats With A.I.?
A security firm called Zimperium has launched mobile software that learns from smartphones to fend off malicious cyber attacks.
Claiming to be the first security software to be powered by artificial intelligence (AI), the app is called zIPS, with the “IPS” standing for “intrusion prevention system”. The aim of the AI is to better spot malware before it causes harm or spreads to other devices.
The zIPS software works whether the smartphone is offline or online and can protect against malicious apps, such as those that can self-modify, and network attacks like a “man in the middle” attack where a hacker intercepts data being sent between one user and another.
“With zIPS, corporations will now have the opportunity to use [bring your own device] as an advantage to their security. zIPS is the first security solution that can combat modern cyber-attacks on mobile,” said Zimperium’s founder and CEO Zuk Avraham. “There is already evidence of attacks that are happening to infiltrate organisations, which only zIPS can prevent.”
Prior to working on the Android app, Avraham worked as a security researcher for the Israeli Defense Forces and Samsung electronics before setting up Zimperium in response to what he thinks is a poor selection of good mobile security software.
According to MIT Technology Review, Zimperium said that there have as yet been no programs that can detect, notify and protect against cyber attacks deployed through mobile devices.
The zIPS Android app has arrived in the Google Play store for all Android devices at a time when malware on Android is at an all time high.
Last year, Trend Micro warned that Google’s Android mobile operating system is so beset by cyber criminals creating malicious apps that the malware was on track to hit the million mark before the end of 2013.
The firm said that this was attributable to hackers seeking to exploit Android’s growing global user base.
Google Updates It’s SSL Certificate
Google has announced plans to upgrade its Secure Sockets Layer (SSL) certificates to 2048-bit keys by the end of 2013 to strengthen its SSL implementation.
Announcing the news on a blog post today, Google’s director of information security engineering Stephen McHenry said it will begin switching to the new 2048-bit certificates on 1 August to ensure adequate time for a careful rollout before the end of the year.
“We’re also going to change the root certificate that signs all of our SSL certificates because it has a 1024-bit key,” McHenry said.
“Most client software won’t have any problems with either of these changes, but we know that some configurations will require some extra steps to avoid complications. This is more often true of client software embedded in devices such as certain types of phones, printers, set-top boxes, gaming consoles, and cameras.”
McHenry advised that for a smooth upgrade, client software that makes SSL connections to Google, for example, HTTPS must: “perform normal validation of the certificate chain; include a properly extensive set of root certificates contained […]; and support Subject Alternative Names (SANs)”.
He also recommended that clients support the Server Name Indication (SNI) extension because they might need to make an extra API call to set the hostname on an SSL connection.
He pointed out some of the problems that the change might trigger, and pointed to a FAQ addressing certificate changes, as well as instructions for developers on how to adapt to certificate changes.
F-secure’s security researcher Sean Sullivan advised, “By updating its SSL standards, Google will make it easier to spot forged certificates.
“Certificate authorities have been abused and/or hacked in the past. I imagine it will be more difficult to forge one of these upgraded certs. Therefore, users can have more confidence.”
Mozilla Touts WebRTC
Mozilla has shown off WebRTC integration in its Firefox web browser, demonstrating real-time video conferencing and file transfer capabilities.
All major web browser developers have started to integrate the WebRTC protocol and now Mozilla has shown off how far its integration has come. The firm demonstrated working video conferencing, file transfer and sharing capabilities through the Firefox web browser.
Mozilla was keen to push its implementation of the Datachannels API that is part of WebRTC to allow instant messaging and file transfer. The firm’s impressive demonstration shows off seamless sharing between two clients that had initiated a video conversation, with tabs and files being sent and viewed with little user interaction.
Mozilla’s demonstration does highlight the need for tight sandboxing within the web browser, however as a peer-to-peer protocol that automatically encrypts communications between two hosts, WebRTC could challenge some existing closed communication protocols such as Skype.
Maire Reavy, product lead for Firefox Platform Media at Mozilla said, “WebRTC is a powerful new tool that enables web app developers to include real-time video calling and data sharing capabilities in their products. While many of us are excited about WebRTC because it will enable several cool gaming applications and improve the performance and availability of video conferencing apps, WebRTC is proving to be a great tool for social apps.”
Mozilla didn’t say when its WebRTC implementation will enter the stable release channel, however given the outfit’s rapid release schedule, it should be a matter of weeks rather than months.
Mozilla Fixes Major Security Issues
July 26, 2012 by admin
Filed under Around The Net
Comments Off on Mozilla Fixes Major Security Issues
Mozilla has fixed a number of security vulnerabilities in the latest versions of its internet applications, including Firefox 14, Thunderbird 14 and Seamonkey 2.11.
Following the release of its Firefox 14 browser for desktop operating systems on Tuesday, Mozilla said it has removed security holes in the Gecko rendering engine that all the applications run, some of which it rated as “critical”.
The bugs fixed included a code execution problem related to javascript URLs, a JSDependentString::undepend string conversion bug that can be exploited to cause a crash and a same-compartment Security Wrappers bypass issue.
Critical use-after-free problems, an out-of-bounds read bug, and a bad cast in the Gecko engine that could lead to memory corruption have also been addressed, Mozilla said.
These bugs were deemed “critical” due to their vulnerability to being exploited remotely by hackers that could execute arbitrary code on an unsuspecting victim’s system.
Apple Blasted For Not Blocking Stolen Certificates
Comments Off on Apple Blasted For Not Blocking Stolen Certificates
A security researcher blasted Apple for what he called “foot dragging” over the DigiNotar certificate fiasco, and urged the company to act fast to update Mac OS X to protect users.
“We’re looking at some very serious issues [about trust on the Web] and it doesn’t help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension.
Unlike Microsoft, which updated Windows Tuesday to block all SSL (secure socket layer) certificates issued by DigiNotar, Apple has not updated Mac OS X to do the same.
DigiNotar, one of hundreds of firms authorized to issue digital certificates that authenticate a website’s identity, admitted on Aug. 30 that its servers were compromised weeks earlier. A report made public Monday said that hackers had acquired 531 certificates, including many used by the Dutch government, and that DigiNotar was unaware of the intrusion for weeks.
Because almost all the people who were routed to a site secured with one of the stolen certificates were from Iran, many experts suspect that the DigiNotar hack was sponsored or encouraged by the Iranian government, which could use them to spy on its citizens.
Microsoft isn’t the only software maker to block all DigiNotar certificates: Google, Mozilla and Opera have also issued new versions of their browsers — Chrome, Firefox and Opera — to completely, or in Opera’s case, partially prevent users from reaching websites secured with a DigiNotar certificate.
Users of Safari on Mac OS X, however, remain at risk to possible “man-in-the-middle” attacks based on the fraudulently obtained certificates.
Because Safari relies on the underlying operating system to tell it which certificates have been revoked or banned entirely, Apple must update Mac OS X. The Windows edition of Safari, which has a negligible share of the browser market, taps Windows’ certificate list: That version is safe to use once Microsoft’s Tuesday patch is applied.
FTC Singles Out Google’s Chrome
Federal Trade Commission Chairman Jon Liebowitz this week singled out Google for not adopting “Do Not Track,” the privacy feature that allows consumers the ability to opt out of online tracking by Web sites and marketing entities.
In an interview Monday with Politico, Liebowitz called out Google for not supporting Do Not Track in its Chrome browser.
Noting that Do Not Track had gathered momentum, Liebowitz said, “Apple just announced they’re going to put it in their Safari browser. So that gives you Apple, Microsoft and Mozilla. Really the only holdout — the only company that hasn’t evolved as much as we would like on this — is Google.”
Do Not Track has been promoted by the FTC and by privacy advocates including the Electronic Frontier Foundation (EFF), as the best way to help consumers protect their privacy.
The technology requires sites and advertisers to recognize incoming requests from browsers as an opt-out demand by the user. The information is transmitted as part of the HTTP header.
As Liebowitz said, Microsoft and Mozilla have added Do Not Track header support to their Internet Explorer 9 (IE9) and Firefox 4 browsers. While Apple hasn’t confirmed that the next version of Safari will include Do Not Track, developers have reported finding the feature in early editions bundled with Mac OS X 10.7, aka “Lion,” the upgrade slated to ship this summer.