Categories
Security

WireGuard already outperforms OpenVPN

Today I did a short test of running WireGuard on my ASUS RT-AC86U test router, following the instructions I found in the Smallnetbuilder forum. After 2 hours it finally worked with small changes which I made to the config. After I was finished with playing around I did some speed tests to compare it’s current state with OpenVPN. The result is already amazing, and this for something which isn’t even in his final form! Whoho like a Dragon which is waiting to get unleashed!

Wireguard Test

Categories
AMD Security

AMD’s virtual machine encryption bypassed – NOPE!

AMD’s Epyc server chips utilize Secure Encrypted Virtualization (SEV) to automatically encrypt virtual machines on the fly while stored in memory, but researchers now say that they can get around it with a technique dubbed SEVer: “miscreants at the host level can alter a guest’s physical memory mappings, using standard page tables, so that the SEV mechanism fails to properly isolate and scramble parts of the VM in RAM“.

AMD Epyc
AMD Epyc CPU: Picture Source: AMD Press Conference
Categories
Security

Reasons to use OpenVPN Client instead of your providers VPN Client

I got an interesting email today, someone asked me why I often speak about OpenVPN and what’s wrong with the VPN software your VPN Service has to offer. First of all, the software which your VPN service might offer is already based on OpenVPN or it’s tap driver in order to create a tunnel interface. Second, most if not all external software logs and collects debug logs which are often hard to disable, some providers send this back in order to see some things, like which server you prefer and more.

About OpenVPN

Categories
Security Software

DiscordCrypt: Unofficial End-to-End Encryption for Discord has arrived

Riot (Matrix) is my favorite chat program but it suffers from one major issue, it’s slow and the user Interface is – I wouldn’t say horrible – but has ‘room for improvements’. So, overall most users using Discord instead wish is still not a bad client it has HTTPS but the server owner might see and sell your content (such as news links, ideas etc). The E2E idea and the ticket (feature request) in the meantime was already closed and the developers explained in their answer that this will not be implemented.

Discord Logo

Categories
Intel Security

Intel’s upcoming CPU’s aren’t (fully) patched against Spectre Variant 4

Intel introduced hardware-based “safeguards” and ‘additional’ protections to its new chips to protect against the Spectre and Meltdown flaws that shocked the silicon industry when the vulnerabilities were made public earlier this year. However, those protections are specific to V2 and V3, and will not impact the newly-discovered Variant 4 as well as other potential speculative execution side channel-related flaws in the future – in other words, it just the beginning.

spectre-intel-patch-update
Spectre Inside. Picture Source: TheHacker News
Categories
Security

What is GDPR?

GDPR here and GDPR there, but what is it? Well, in short, it’s the General Data Protection Regulation a new European regulation on personal data protection which goes into effect on 25 May 2018. In this FAQ I show what are the important points and what do you need to know about the GDPR.

GDPR

Categories
Security Tutorials

How To secure your OpenVPN configuration

There many traps when it comes to the OpenVPN configuration which your VPN provider has to offer, in this short tutorial I will show you what you need to know and which points are really important to look at.

OpenVPN configuration hardening

Categories
Hardware Security

What is the best ASUS VPN Router Firmware – here is the answer!

I often get requests via EMail, sadly I can’t answer them all but I try to pick some interesting stuff which I can explain here in detail. In general, if you’re looking for a good and solid VPN router, you can’t go wrong with Asus because they offer a great lineup of VPN-ready routers – from cheap to very high-end prices.

Asus VPn Router
Asus RT-AC86U is one good pick.
Categories
Security

Bypassing Two-Factor Authentication – What you need to know!

Hacker Kevin Mitnick and several other hackers already demonstrated that Two-Factor Authentication can be bypasses via pishing and other techniques. Before you going to panic here are the important information what you should do.

Two-factor
Picture Source: GBhackers