Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Universities set world internet speed record, 96 Gbps disk to disk and 339 Gbps memory to memory

• Demonstrated live at this years SuperComputer conference in Salt Lake City
• A collaboration between the University of Victoria, California Institute of Technology (Caltech), the University of Michigan and others broke the record they set last year by almost double
• The disk to disk tests were done using:
• IBM x3650 M4 servers
• each server had a 40gbps Mellanox Connect-X3 ethernet card
• each server had 16x OCZ Vertex 4 SSDs connected 8 each to two 8 lane PCI-e RAID controllers
• The server NICs were connected to a Juniper MX 480 with QSFP+ optics
• The connection was then carried out of the MX 480 via 100G LR4 CFP Optic to an Ciena OME 6500 for Optical Transport over CANARIE and BCNet to Seattle
• From Seattle the circuit was transported over the Internet 2 100G SDN Infrastructure to the conference in Salt Lake City
• It only took 4 of the IBM x3650 servers to saturate the 100 Gbps link
• Caltech achieved an 80 Gbps memory-to-memory transfer from to a single server with two 40 Gbps interfaces at Salt Lake with nearly 100% use of the servers’ interfaces at both ends, using Remote Data Memory Access over Ethernet between Pasadena and Salt Lake that sustained 75 Gbps with a CPU load on the servers of only 5%
• Youtube Video
• Caltech Supercomputing website
• University of Michigan site
• The tests made use of high speed research networks such as: CANARIE more about CANARIE, BCNET, and Internet2
• Caltech Press release

---

Samsung printers contain hard coded admin account that cannot be disabled

• Many Samsung printers (and Dell printers manufactured by Samsung), contain a hard coded full read-write SNMP community, that is still active even when SNMP is disabled in the printer control panel
• US CERT
• The community string has been found in samsung firmware dating as far back as 2004
• A compromised printer could be used in an island-hopping attack, since many firewalls allow traffic back and forth to printers even from secure networks
• In previous attacks on HP printers, researchers were able to overheat the printers and cause them to smoke, or intercept documents that were being printed
• Additional coverage
• Proof of Concept

---

Piwik wordpress site compromised, malware injected into latest version

• Piwik is an open source website analytics software, a free self-hosted alternative to Google Analytics
• Piwik’s site was compromised by a vulnerability in a wordpress plugin
• If you downloaded Piwik 1.9.2 on November 26th, you should follow the instructions in the official security advisory

---

Researcher develops clever attack against users who dont change their router passwords

• The attack is based on the fact that many routers use very simple web interfaces, and accept parameters via either GET or POST parameters and use HTTP basic authentication
• The attack involves an email containing a number of 1×1 pixel images or iframes that load URLs that submit changes to your router
• The URLs contain common usernames and passwords and the URLs for common routers
• The attack changes the DNS servers on the router (usually propagated to all devices via DHCP)
• This allows the attacker to perform a man-in-the-middle attack, and with techniques such as sslstrip, any sites not protected by HSTS (see later in the show) could have all of their traffic sniffed
• Live demonstration
• The attack is especially effective against many Apple devices that automatically load remote images, unlike most email clients like Thunderbird or Outlook, or webmail like Gmail, that require the user to click to load the remote content
• This means that if the remote images are loaded automatically, or the user clicks to load the images (most users will do this) then the attack is executed
• The attack will be successful if you have one of the routers who’s URL string is included in the email, and you have not changed the default password or have used a very common password

---

Godaddy customers targetted by phishing attack

• Godaddy’s Director of Information Security Operations, Scott Gerlach talked to reporters about a rash of Godaddy customers who’s sites were hijacked
• The attackers placed malicious DNS records on the users’ domain names to redirect visitors to sites hosting the ‘Cool Exploit Kit’ and other ransomware
• Customers who were targeted have had their passwords reset to prevent further exploitation
• Godaddy recommends US and Canadian customers enable their new 2-factor authentication feature
• Additional Coverage

---

Feedback:

• CryptSync a tool from the creators of TortoiseSVN, automatically encrypts the contents of one directory on your computer into another directory. Allows you to automate the process of encrypting files before you send them to a cloud storage provider such as Dropbox. Files are encrypted using 7-zip, so they are recoverable even without the CryptSync tool, as long as you have the password you used to encrypt the files. CryptSync can also encrypt the file names of your files, since that can also give away sensitive information, however this makes manually accessing the files much more difficult.

• Some Age Old Disk Defrag Questions

• Ultimate Secure Banking Setup

• Sharing MythTV Securely?

• Can slow hashes break your box?

• Using our Affiliate Links

Round Up:

• EU parliament passes resolution to condemn ITU for attempting to assert control over the Internet
• Microsoft Windows Azure suffers outage
• City of Calgary, AB uses the publically broadcasted MAC addresses of Bluetooth devices to track travel times and estimate traffic Media Coverage
• US denies responsibility for malware attack on french government advisors
• IETF approves HSTS as standard in RFC6797
• Fake windows 8 key generators contain malware
• Windows 8 Store Cracked