Awesome Fractals by

Awesome Fractals by Silvia Cordedda — For the ones not familiar with fractals, a fractal is an image built with math, a repetition of the same geometric module over and over, with different dimensions, according to a mathematical function.

Fun RC 4×4 Ready For Trail Play – HoBao DC1 4WD Trail Crawler Truck Review & Running | RC Driver

For those familiar with the HoBao name, you probably know them for their ⅛-scale offerings. They have a great selection of nitro and electric buggies, truggies, monster trucks and even on-road vehicles. But they didn’t have a trail truck in their mix… until now. The company has released their first 1/10-scale electric off-road ready to run 4wd trail truck; the Hobao DC1. We were among the first to…


Samsung Galaxy S9 review

The Samsung Galaxy S9 Plus and S9 are all new, but have familiar designs and familiar problems. Subscribe: Check out our full video catalog: Visit our playlists: Like The Verge on Facebook: Follow on Twitter: Follow on Instagram: Read More:…


Lenovo Yoga 730 and Flex 14 hands-on

Lenovo’s Yoga 730 has Alexa built in and a familiar design with some subtle but stylish changes. The Flex 14, also known as the Yoga 530, takes those changes down to an even cheaper price point with an option for a built-in GPU. Subscribe: Check out our full video catalog: Visit our playlists: Like The Verge on Facebook:…


Xboxer: Thoughts on the Sea of Thieves Beta

Martin Hehir of Xboxer writes: Despite being quite familiar with the terms for as long as I can remember, I’d never really understood the nautical trappings associated with ‘port and starboard’. I’d never needed to. To begin using them in a videogame would, I assume, surely represent the kind of overly fussy dedication reserved for the most stalwart of model train aficionados, beer drinkers who…


Samsung Galaxy S9 first look!

The new Samsung Galaxy S9 and S9 Plus look familiar, but there are a few new things that make them worth checking out. Top of the list is a brand new camera that lets you change the aperture of the lens, and Samsung has fixed the placement of the fingerprint sensor. Both phones will be available in March. Subscribe: Check out our full video catalog:…


Trump’s Middle East Strategy Is Totally Boring

There’s a very familiar method to the administration’s apparent regional madness. VISIT THE SOURCE ARTICLE Author: Steven A. Cook


Level Up Your Arduino Code: Timer Interrupts

If you’re not familiar with working directly with registers or how interrupts work, we recommend viewing the previous lessons on leveling up your Arduino code. Registers: External Interrupts: On this episode of Adventures in Science, we continue diving into what makes Arduino tick. We examine the inner workings…


Introducing Cloudflare Access: Like BeyondCorp, But You Don’t Have To Be A Google Employee To Use It | NETWORKFIGHTS.COM

Spread the love

Tell me if this sounds familiar: any connection from inside the corporate network is trusted and any connection from the outside is not. This is the security strategy used by most enterprises today. The problem is that once the firewall, or gateway, or VPN server creating this perimeter is breached, the attacker gets immediate, easy and trusted access to everything.

CC BY-SA 2.0 image by William WarbyCC BY-SA 2.0 image by William Warby

There’s a second problem with the traditional security perimeter model. It either requires employees to be on the corporate network (i.e. physically in the office) or using a VPN, which slows down work because every page load makes extra round trips to the VPN server. After all this hassle, users on the VPN are still highly susceptible to phishing, man-in-the-middle and SQL injection attacks.

A few years ago, Google pioneered a solution for their own employees called BeyondCorp. Instead of keeping their internal applications on the intranet, they made them accessible on the internet. There became no concept of in or outside the network. The network wasn’t some fortified citadel, everything was on the internet, and no connections were trusted. Everyone had to prove they are who they say they are.

Cloudflare’s mission has always been to democratize the tools of the internet giants. Today we are launching Cloudflare Access: a perimeter-less access control solution for cloud and on-premise applications. It’s like BeyondCorp, but you don’t have to be a Google employee to use it.


How does Cloudflare Access work ?

Access acts as an unified reverse proxy to enforce access control by making sure every request is:

Authenticated: Access integrates out of the box with most of the major identity providers like Google, Azure Active Directory and Okta meaning you can quickly connect your existing identity provider to Cloudflare and use the groups and users already created to gate access to your web applications. You can additionally use TLS with Client Authentication and limit connections only to devices with a unique client certificate. Cloudflare will ensure the connecting device has a valid client certificate signed by the corporate CA, then Cloudflare will authenticate user credentials to grant access to an internal application.

Authorized: The solution lets you easily protect application resources by configuring access policies for groups and individual users that you already created with your identity providers. For example, you could ensure with Access that only your company employees can get to your internal kanban board, or lock down the wp-admin of your wordpress site.

Encrypted: As Cloudflare makes all connections secure with HTTPS there is no need for a VPN.

To all the IT administrators who’ve been chastised by a globetrotting executive about how slow the VPN makes the Internet, Access is the perfect solution. It enables you to control and monitor access to applications by providing the following features via the dashboard and APIs:

  • Easily change access policies
  • Modify session durations
  • Revoke existing user sessions
  • Centralized logging for audit and change logs

Want an even faster connection to replace your VPN? Try pairing Access with Argo. If you want to use Access in front of an internal application but don’t want to open up that application to the whole internet, you can combine Access with Warp. Warp will make Cloudflare your application’s internet connection so you don’t even need a public IP. If you want to use Access in front of a legacy application and protect that application from unpatched vulnerabilities in legacy software, you can just click to enable the Web Application Firewall and Cloudflare will inspect packets and block those with exploits.

Cloudflare Access allows employees to connect to corporate applications from any device, any place and on any kind of network. Access is powered by Cloudflare’s global network of 120+ data centers offering adequate redundancy and DDoS protection and proximity to wherever your employees or corporate office might be.

Get Started:

Access takes 5-10 minutes to setup and is free to try for up to one user (beyond that it’s $3 per seat per month, and you can contact sales for bulk discounts). Cloudflare Access is fully available for our enterprise customers today and in open beta for our Free, Pro and Business plan customers. To get started, go to the Access tab of the Cloudflare dashboard.

Author: Venkat Viswanathan || CloudFlare

New Intel flaw allows hackers full remote access to network computers | NETWORKFIGHTS.COM

Spread the love

Whew, what a month in computer security. You’re likely familiar with the massive computer chip flaws that can impact chips from every major manufacturer – ARM, AMD and Intel. This puts almost every computer, smartphone and tablet at risk of these attacks.

Click here to read more about these massive chip security issues.

However, a new security issue has been revealed in Intel computers and it can give an attacker full remote access to your machine without even the need for special skills nor malware tools. All it takes is a simple reboot of your machine.

The weakness was discovered by F-Secure senior security consultant Harry Sintonen back in July 2017 and it was publicly disclosed on January 12.

This is a totally different issue apart from the massive Meltdown and Spectre chip flaws and the similar AMT hack discovered back in May.

What is this deceptively simple hacking technique and what can you do to protect your computer against it?

Evil Maid

This new attack is dubbed “Evil Maid” and it can reportedly give an attacker complete remote control over your Intel-based computer with just a few seconds of physical access to a laptop or workstation.

A would-be hacker won’t even need special tools or software to execute the attack. All it takes is a simple exploit of management tools built into most Intel-based computers.

Here’s how it can be set up and it’s bafflingly unsophisticated. An attacker can simply walk to a target machine, shut it down and reboot it, enter the computer’s boot menu then simply enter Intel’s Active Management Technology (AMT) feature by logging in with the default password “admin.”

Note: AMT is commonly used by IT administrators to remotely access Intel-based computers for support, maintenance and software updates. Additionally, AMT allows for remote control of a computer’s mouse and keyboard even when it’s off.

Normally, a BIOS password will protect a computer from harmful local attacks but according to Sintonen, most users are not aware that setting a BIOS password does not protect Intel’s AMT feature. Oftentimes, users and even IT administrators neglect to change the AMT password from the factory default since it’s not readily apparent.

All an attacker needs now to remotely control the machine is to set his or her own password, enable remote access and set AMT’s user opt-in to “None.”

This means as long as an attacker is on the same network as the target computer they can effectively have full control over the machine.

You may think that this attack may not have real-world consequences but think about it – in publicly shared Wi-Fi networks like the ones in airports, hotels, coffee shops or restaurants, an attacker can simply walk to your laptop, reboot it, change the AMT settings and have complete remote control over it. (Hence the name “Evil Maid”).

“Attackers have identified and located a target they wish to exploit. They approach the target in a public place – an airport, a café or a hotel lobby – and engage in an ‘evil maid’ scenario. Essentially, one attacker distracts the mark, while the other briefly gains access to his or her laptop. The attack doesn’t require a lot of time – the whole operation can take well under a minute to complete,” Sintonen explained.

How to protect your computers

First, check if your computer is AMT enabled. These are typically the Intel vPro based machines with Intel Centrino and Intel Core 2 processors. Not sure? Check for the vPro badge on your computer’s “Intel Inside” stickers.

Now, since a hacker will still need physical access to a computer to execute this attack, it is advised that you not leave your affected laptop unattended in an unsecured location, especially in public spaces, not even for a few minutes.

Also, avoid leaving your laptops unattended in hotel rooms, too, since anyone with rudimentary computer skills can simply turn it on and change the AMT settings.

For real protection, set a strong password for AMT or disable it completely. Intel has a number of recommendations for network administrators for securing AMT so if you’re managing multiple network computers, please check this page for your options.

However, for small to large businesses with a sizeable number of workstations, these mitigations may require mass-scale network reconfigurations since they can’t be done remotely.

Windows chip flaw patch is crashing some PCs, making them unbootable

Here’s another computer problem that you need to know about. It appears that Microsoft’s Windows patch against the recently discovered Meltdown chip flaw is crashing certain PCs. Click here to learn why.

Next Story