MakeUseOf: How to Access Region Blocked Videos Without a VPN. “Wherever you are in the world there is always a reason to want to bypass region blocking. For example, internet users outside the US might want to access Netflix or Hulu; those in the US might want the UK version of BBC iPlayer. To combat this, VPNs are popular—but they’re not the best solution. Here’s how to watch geo-blocked videos without VPN software.”
CNET: Firefox enables network privacy feature for users in US. “Mozilla has begun enabling a Firefox privacy feature for everyone in the US that should make it harder for ISPs or others to track you online. The technology, called DNS over HTTPS — DOH for short — protects a crucial internet addressing technology with encryption.” DOH? OMG.
Ars Technica: ISPs lied to Congress to spread confusion about encrypted DNS, Mozilla says. “Mozilla is urging Congress to reject the broadband industry’s lobbying campaign against encrypted DNS in Firefox and Chrome. The Internet providers’ fight against this privacy feature raises questions about how they use broadband customers’ Web-browsing data, Mozilla wrote in a letter sent [yesterday] to the chairs and ranking members of three House of Representatives committees.”
Ars Technica: The wave of domain hijackings besetting the Internet is worse than we thought. “The wave of domain hijacking attacks besetting the Internet over the past few months is worse than previously thought, according to a new report that says state-sponsored actors have continued to brazenly target key infrastructure despite growing awareness of the operation.”
Cyberscoop: DHS releases emergency order to prevent DNS hijacking . “he Department of Homeland Security has issued a rare ’emergency’ directive ordering federal civilian agencies to secure the login credentials for their internet domain records. DHS issued the order Tuesday afternoon out of concern that federal agencies could be vulnerable to cyberattacks intended to gain access to the platforms used to manage domain name system (DNS) records. “
CNET: Google tested this security app with activists in Venezuela. Now you can use it too. “The app takes on DNS (Domain Name System) manipulation, one of the most common techniques used for political manipulation and spreading malware. Intra creates an encrypted connection between your phone and DNS servers, which makes it much harder for governments and hackers to intercept that traffic.”
Ars Technica: In-the-wild router exploit sends unwitting users to fake banking site. “Hackers have been exploiting a vulnerability in DLink modem routers to send people to a fake banking website that attempts to steal their login credentials, a security researcher said Friday. The vulnerability works against DLink DSL-2740R, DSL-2640B, DSL-2780B, DSL-2730B, and DSL-526B models that haven’t been patched in the past two years.”
Wired: Millions Of Streaming Devices Are Vulnerable To A Retro Web Attack. “IN MARCH, ARTIST and programmer Brannon Dorsey became interested in a retro web attack called DNS rebinding, teaching himself how to illicitly access controls and data by exploiting known browser weaknesses. It’s a vulnerability that researchers have poked at on and off for years—which is one reason Dorsey couldn’t believe what he found.”
Make Tech Easier: How to Find the Best Alternative DNS Server. “Changing your DNS server is a good idea. You will get better security, privacy, accuracy, and speed by switching away from your ISP’s default. You can change your DNS by just entering a few numbers into your computer or router, but figuring out what those numbers can be is a little more confusing. Google and OpenDNS, the popular choices, may not actually be the best, but luckily, they are far from the only options.”
CryptoAustraliaBlog: Introduction to Malware-blocking DNS Services. “How can you protect your family from malware and phishing with just a little effort? Various alternative DNS services with built-in threat blocking capabilities are now available to the public. This article introduces these public DNS services and helps you pick the right one for keeping your devices safe and secure.”
The Register: DNS resolver 184.108.40.206 will check requests against IBM threat database . “The Global Cyber Alliance has given the world a new free Domain Name Service resolver, and advanced it as offering unusually strong security and privacy features. The Quad9 DNS service, at 220.127.116.11, not only turns URIs into IP addresses, but also checks them against IBM X-Force’s threat intelligence database. Those checks protect agains landing on any of the 40 billion evil sites and images X-Force has found to be dangerous.”
ZDNet: GitHub open sources OctoDNS, new tool for managing DNS records. “The frailty of the DNS system became all too evident last year, when DNS host Dyn was hit by a major Distributed Denial of Service (DDoS) attack that brought down large swaths of the internet. With the threat of DDoS attacks only expected to grow, experts urge organizations to build redundancy into their DNS services. GitHub, the online code-sharing and development platform, is introducing a new open source tool to make it easier to create that redundancy.”
If worrying about security for your computer wasn’t enough, you now have to worry about your router. “Proofpoint has identified a new version of DNSChanger EK, a strain of malware that changes your DNS settings so that the ads on the websites you browse are replaced with other ads that benefit the attackers — and which can also be used for more nefarious ends, because controlling your DNS means controlling things like where your computer gets software updates.”
A DDOS attack on a major DNS host is causing some chaos this morning. “Internet users around the world, but mostly in the United States, reported that top websites are not loading on Friday morning. The affected sites include Amazon, Twitter, Etsy, Github, Spotify, and others.”
Quick and simple tips to get your IP address. I didn’t know you could use Siri!