Tag Archives: ssl

SurfEasy On-line Privacy Debuts at CES

Canadian firm SurfEasy will debut their eponymous USB key-based private Internet browser at CES, Las Vegas, next week. The portable USB key launches its own web browser which uses strong encryption to keep your surfing habits secret and holds all your personal information such as bookmarks, history and web passwords on the password-protected key itself. Nothing is left behind on the computer itself.

SurfEasy Secure Internet

When you stop and think about it, we use many different networks and computers to access our online lives. Whether it’s connecting from the office or using a Wi-Fi hotspot, we’re providing a lot of personal information to computers, networks and websites that are not designed with our personal privacy in mind,” said Chris Houston, founder and CEO of SurfEasy Inc. “SurfEasy lets people take control of protecting their online privacy and security by simply plugging in a USB key.

One of the biggest potential benefits is when using unsecured WiFi in places like coffee shops. As SurfEasy creates an encrypted tunnel from the SurfEasy USB key across the Internet, no-one can see any detail about your browsing. All they can see is the encrypted data and the volume of data. SurfEasy encrypts the web traffic using SSL and passes the traffic through its own servers, stripping the client IP from the data stream.  The proxy network is hosted in Canada and the US, with other international locations to come soon.

As the data stream passes through SurfEasy’s servers, SurfEasy publish a Customer Bill of Rights which is upfront about what you can expect from the company in terms of keeping your activities secret. Basically, unless you come to the attention of the legal authorities, no usage data is held.

The SurfEasy browser is powered by Mozilla and is compatible with Microsoft Windows XP, Vista and 7. Apple users needs to be on Mac OS X 10.5 or later. The SurfEasy USB key costs $60 and this includes 2 GB per month of encrypted traffic through the SurfEasy network. Additional data costs $5 per month for 25 GB and $10 for 75 GB. Product delivery is expected in February.

I can see this being very handy for backpackers and other travellers who have to use Internet cafes while travelling and are rightly concerned about security. Plug-in the SurfEasy USB key to a public computer and you’re instantly secure wherever you are.

Search Data and Browsing History Used As Evidence

Google Logo
The murder trial of Jo Yeates is front page news throughout the UK – a neighbour Vincent Tabak is accused of killing her. At the moment, the prosecution is presenting its case and a couple of interesting things have emerged as evidence.

In particular, the prosecution has alleged that the defendant:

  • looked at Wikipedia for the definitions of murder and manslaughter.
  • searched for the maximum penalty for manslaughter, i.e. how many years in jail.
  • looked up definitions for sexual assault and sexual conduct.
  • searched maps showing the area where the body was later found.
  • searched on CCTV cameras in street where both the defendent and victim lived.
  • use Google StreetView to view the same area.
  • researched criminal forensics, fingerprinting and DNA evidence.
  • read news stories on the investigation into the disappearance  of the victim.

Of course, it will be up to the jury to decide whether these are good indicators of guilt, but regardless it’s clear that if someone is accused of a crime then there’s a pretty thorough examination of one’s computers and on-line behaviour. Obviously this case is about a very serious crime but it’s almost a gift to the prosecution when put together like this: can you think of any good reason to access this material at the time of the disappearance? However, this is circumstantial evidence and needs to be weighed as such.

On a related note, Google has announced that if you are signed-in to Google when you search, you will automatically use https://www.google.com/, the secure version of Google Search. While this will prevent casual snooping on your search, Google will be keeping hold of your search information so that it can better serve you adverts. And how long does Google keep the search information? Indefinitely or until you remove it. So while on the face of it encrypted search is a good thing, it comes at the price of Google knowing yet more about you.

I suspect that in the current murder trial, all the computer forensics team had to do was look back through the defendant’s browser history. Easy if there’s only one computer, but more difficult if the person has a home computer, work laptop, smartphone and so on. If you’re tied into Google everywhere, all they’ll have to do is subpoena information from Google and get your search data in one tidy little bundle. Nice.

GNC-2009-11-07 #525 New Studio Lights

New Studio lights are installed and it makes a big difference to the video quality. Baby Steps but this was like learning to walk. Story on the show.. Big huge thank you to Pat over at LitePanels.com and his expertise in the placement of the LED LitePanels. Lots of tech to chat about tonight as always and for those of you Comcast subscribers you will want to tune in for sure.

Ongoing support by these fine sponsors keep the lights on your support is appreciated!
[Save 15% on orders $20.00 or more at >GoDaddy.com!] use Code Geek5
[GotoMeeting Hold your meetings online for just $49/mo. Try GoToMeeting FREE for 30 days]
Check out our Free Magazine Offers!
Complete List of GoDaddy Promo Codes for huge Savings!

Follow @geeknews on Twitter http://www.twitter.com/geeknews
My Personal Facebook Profile
Join the Geek News Central Podcast Facebook Page
Video of Show at geeknews.blip.tv
Video of Show at www.youtube.com/user/geeknews
Show Comments please call 1-619-342-7365 or e-mail geeknews@gmail.com

Listener Links:
National Listener Survey
Thanks Timothy: Green Fuels
Knock Detecting Door Lock!
Anti-Gravity could change anything!
Listener Broken Arm Story!

Show Notes:
Computer Failure Chaos in MD
Don’t answer text book questions online!
FCC to let MPAA break your TV and DVR
File Sharing goes Underground!
ISP Safe Harbor Provisions in Jeopardy!
RIAA Penalty payment strategy!
Smart Eye Glasses.
Stream Live Birth of Child?
RoboForm for iPhone!
Data Breach Legislation in work!
Critical Windows Security Patches!
Ford Announces rear airbags!
Windows 7 lets Malware bypass UAC!
Six iPhones Disasters!
Hackintosh users catch a break!
Adobe may cause your machine to become infected!
100,000 iPhone Applications!
I have a bridge I want to sell you!
Comcast to throttle users that use to much of their alloted bandwidth!
Windows 7 Sales Exploding!
Twitter Phone (I don’t get it)?
Vudu Labs rolling out some cool features!
Toshiba HD of 1.8 inches holds 320 gigs!
Verizon to penalize you big time for canceling your phone!
Sourceforge is now GeekNet?
Space Elevator challenge Achieved!
HD Media Player battle!
Facebook integrating AIM, Yahoo, MSN IM chat?
Congratulations Geeks we are not Hermits as Accused!
Microsoft Courier want one!
WordPress now RSSCloud capable.
New Twitter ReTweet Feature!
SSL can be Hacked Emergence meeting to fix!

Send in your stories to geeknews@gmail.com and be sure to provide a link to your websites!

Video Produced by Jack Ellis

SSL No Longer Secure in the Face of Marketscore Spyware

Secure Sockets Layer, the fundamental security service for the world’s websites and many networks is at risk in the face of a new spyware application, Marketscore, an application that promises to speed up web browsing. The software is bundled with iMesh P2P (peer-to-peer) software and is popular with university students.

Marketscore is a descendent of the Netsetter spyware application. The application forces requests for web pages to be passed through proxy servers, allowing cached (previously downloaded) copies of pages to be served, rather than the most current, copies. Because Marketscore creates a trusted certificate authority on computers running the application, it’s possible for Marketscore’s proxy servers to extract sensitive data by using the certificate authority to unencrypt the data during it’s transmission from the website to the user’s computer. Credit card, banking, and online purchase data are just some of the data users routinely encrypt using SSL (Secure Sockets Layer), a service that normally operates in the background, away from most users’ eyes.

Dave’s Opinion
There is a fundamental rule that we should all remember: if it sounds too good to be true, it probably is (too good to be true). The online corollary to this rule is: there’s no way to improve download speed, except to connect to a line with greater bandwidth; proxy server caching doesn’t really work.

Call for Comments
What do you think? Leave your comments below.