New Epic Quickly Becoming Browser Of-Choice for Those Big on Privacy

4GHadmin | 19 January 2024
Reading Time: 4 minutes

Things change quickly in the digital world, and what was barely even on the radar can become a front and center issue overnight in some cases. Go back 10 years and the issue of privacy in web browsing wasn’t something the vast majority of people paid even the slightest bit of attention to. Nowadays, however, it’s definitely a hot-button topic given all the news that’s come out about web browsing histories and the like being tracked, monitored, and then made available to whoever doesn’t mind paying for information about what people like YOU search for online.

Some people don’t have a problem with that. Other people have quite a significant problem with that. If you’re part of the second group there then you may have already switched over to using a web browser like DuckDuckGo or something similar. It’s a fine privacy-promoting web browser in itself, but it’s a bit of a generalist in that it works suitably well across the board but not especially well for any one framework.

And that’s where and why Epic coming onto the scene is as noteworthy as it is. It is a Chromium-based browser designed to ensure privacy without giving up anything i speed or functionality. It blocks ads as well as prevents user tracking, and also includes built-in protection against a wide range of surveillance methods cryptocurrency mining scripts among them.

It promises to be just what the Doctor ordered for those who think these types of overwatch activities are unacceptable, and here at 4GoodHosting we’re like any other quality Canadian web hosting provider in that we agree with you wholeheartedly. Let’s take a look at what makes this new no-tracking web browser such a good fit and why it promises to be especially well received.

Surfers 1 / Watchers 0

It’s fair to say that it’s really a shame that the innocence and carefreeness of using the world wide web to gain information is gone now, and that government agencies, corporations, and malicious hackers lurking in the shadows and taking notes is entirely unacceptable. Even those who aren’t overly incensed at having their privacy violated will almost certainly choose to stay ‘incognito’ if the opportunity to do so exists.

Epic’s creator, Alok Bhardwaj, attributes much of his need to build such a resource on coming to understand that on average, there are some 10 or so trackers on pretty much every website you visit. For some still, there’s up to 30 or 40 companies that are logging your visit.

Fortunately, his new Epic browser includes built-in protection against a wide range of surveillance tactics, and without any of the BS like what was seen in 2015 in the States with AT&T’s policy where subscribers had to pay up to 50% more to secure a reasonable level of privacy.

The original version of Epic has been around since August of 2018, but the Chromium-based version of it is still new to the scene. It allows users to enjoy private browsing without sacrificing speed or functionality, and also blocks ultrasound signal tracking and cryptocurrency mining scripts. Plus, with a new mobile browser on the way, Epic continues to take actions that support the company’s belief in a free internet.

Sight for Sore Eyes: Privacy-Focused Web Browser

U.S. President Donald Trump’s 2017 decision to can internet privacy rules as passed by the Federal Communications Commission in the previous year put an effective end to internet users having more rights concerning what service providers can do with their data. Here in Canada we certainly haven’t been immune to the increasingly grey areas of what can and can’t be done as far as monitoring a web browser user’s history.

Likely no one needs convincing that relying on governmental agencies to solve data privacy issues will likely result in little if anything being done. So we’re left to take matters into our hands as much as we can. Good news on that front, as Epic is an exceptionally private browsing experience that’s also fast and intuitive and based on Google’s open-source Chromium project for long-term practicality in the bigger picture of things.

That perspective was very important in the development of this new browser, according to Bhardwaj. Microsoft announced that the company would build their next browser on Chromium, and so the decision was made to build a browsing experience that’s very private, but just as fast as using Google Chrome.

Mission Accomplished

We’d say it is – Epic is one of the most simple, private, and fast browsers on the market today, and it’s really raised the bar that was set by the original private browser, Tor. (which is still a great browser FWIW, still doing very well and also offers an extremely anonymous service)

One area where Epic meets a need that Tor can’t, however, is with malicious cryptocurrency activities. Hackers have used Tor to steal cryptocurrency from users, and fairly recently too.

Long story short, Epic is the only private browser out there that just works out of the box with a high level of privacy and speed, and it doesn’t have any of the issues where advanced security protocols render certain website undeliverable. In the event that one won’t, Epic lets you turn off the proxy and ad blocking feature for a particular website if needed.

Other appealing features:

  • Free VPN
  • 1-click encrypted proxy
  • Blocks fingerprinting and ultrasound signaling
  • Locally stored database of the top 10,000 websites in the world

Coming to Mobile Soon

Epic is expected to launch the company’s mobile browser before long. They expect their mobile browsers to be even more significant than the desktop browsers, given the scale that mobile’s going to operate on. With the extent to which most of us use our smartphones for internet search queries, there’s no doubt that this mobile browser release will put Epic even more in the spotlight in the near future.

0

40+ Different Device Drivers Found to Have Malware Security Flaw

4GHadmin | 12 August 2019
Reading Time: 3 minutes

The scope and extensiveness of malware risks for computing devices is more pronounced than ever before, and that’s pretty much the story from one month to the next these days. At a recent security conference in Las Vegas, the Eclypsium security research team announced they had dug up some serious security flaws in at least 40 device drivers from 20 different vendors. These vulnerabilities could increase the likelihood of devices being infected by malware.

While this type of development in itself is nothing out of the ordinary, what makes it noteworthy is the sheer number of different drivers that may be affected. Here at 4GoodHosting, we’re like any other reputable Canadian web hosting provider in that we strive to make our customers aware of risks to their digital security when they arise. When one is as potentially far reaching as this one, we’re almost always going to make some sort of announcement regarding it.

The Latest

The research team’s report is stating that this malware targets system BIOS or system components for the purposes of updating firmware, running diagnostics, or customizing options on the component. By doing so what the attackers have done is take the same tools used to manage a system and then turn them into powerful threats that can escalate quickly on the host.

Once the driver is infected it then provides the attacker with optimized access for means of launching malicious actions within all versions of Windows, and Windows Kernel most notably.

Do note that all these affected drivers are ones certified by Microsoft:

  • American Megatrends International (AMI)
  • ASRock
  • ASUSTeK Computer
  • ATI Technologies (AMD)
  • Biostar
  • EVGA
  • Getac
  • GIGABYTE
  • Huawei
  • Insyde
  • Intel
  • Micro-Star International (MSI)
  • NVIDIA
  • Phoenix Technologies
  • Realtek Semiconductor
  • SuperMicro
  • Toshiba

The Why

All of this is related to a specific design flaw in Windows device drivers. They have a functionality that can be taken advantage of to perform a read/write of sensitive resources without being restricted by Microsoft. Some are suggesting that bad coding practices are to blame for this, and while that can’t be substantiated it is true that there is a more pressing need for better ones these days and older work can be suspect.

At present, the understanding is that Microsoft will be using its HVCI (Hypervisor-enforced Code Integrity) capability to create a blacklist of drivers that are reported to them. The only problem there is that the HVCI feature is only available with 7th gen Intel CPUs along with newer processors only. The situation for older operating systems would be the need for manual installation, and this would also be true for newer ones where HVCI can’t be enabled.

Microsoft is now recommending that its users work with Windows Defender Application Control or turn on memory integrity for supported devices in Windows Security. This should block malware in software and drivers.

The Motivation for Developing Malware

Many people ask what exactly is in it for these malware developers to spend as much time as they do creating this infections and releasing them onto the world. Not sure there’s a clear answer to that, but it’s a good question. After all, people will assume that there’s nothing really to be gained by creating malware other than perhaps an individual sense of deranged satisfaction in messing with people and businesses.

This would be an incorrect assumption, however. The truth is that these people go to the effort to make malware because there’s money in it. For example, a botnet; a network of thousands – or even hundreds of thousands – of computers belonging to everyday people that have been infected with software that usually work to send out LOTS of spam.

Once a botnet network is established then it can be rented by individuals and organizations who want to send out spam promoting whatever it is they want promoted. Botnet owners make money, and same goes for keyloggers – they capture usernames and passwords and sell this information to whoever would like it and for whatever purpose.

These are just 2 examples of many. Long story short, the reason there’s people working to make malware is because – strangely enough – it’s profitable in one way or another.

0

Protecting a VPN From Data Leaks

4GHadmin | 01 April 2019
Reading Time: 5 minutes

One thing that certainly hasn’t changed from previous years as we move towards the quarter pole for 2019 is that hackers are keeping IT security teams on their toes as much as ever. That shouldn’t come as much of a surprise given the cat and mouse game that’s been going on in cyberspace between the two sides for a long time now. Cyber threats are as sophisticated as ever now, and for everyday individuals they biggest concern is always that the privacy of sensitive data will be compromised.

One of the most common responses to enhanced and more enabled threats is to go with a Virtual Private Network and all the enhanced security features that come with them. Here at 4GoodHosting, we’ve been promoting them for our customers very actively in likely what same way every other Canadian web hosting provider has. There’s merit to the suggestion, as VPN connections protect online privacy by creating a secure tunnel between the client – who is typically uses a personal computing device to connect to the internet – and the Internet.

Nowadays, however, VPN networks aren’t as automatic as they were when it comes to trusting in secure connections and understanding that there won’t be data leaks. The good news is that even people with the most average levels of digital understanding can be proactive in protecting their VPN from data leaks. Let’s look at how that’d done here today.

Workings of VPN

A reliable VPN connection disguises the user’s geographical location by giving it a different IP address. There is also architecture in place to encrypt data transmitted during sessions and provide a form of anonymous browsing. As it is with almost all internet tools, however, VPN connections can also face certain vulnerabilities that weaken their reliability. Data leaks are a concern amongst information security researchers who focus on VPN technology, and it’s these issues that are most commonly front and centre among them:

  1. WebRTC Leaks

Web Real-Time Communication (WebRTC) is an evolution of the VOIP (Voice over Internet Protocol) for online communications. VoIP is the technology behind popular mobile apps such as Skype and WhatsAppp, and it’s been the leading force behind making legacy PBX telephone systems at many businesses entirely obsolete now.

WebRTC is also extremely valuable with the way that it allows companies to hire the best personnel. Applicants can be directed to a website for online job interviews with no need for Skype or anything similar installed.

Everything would be perfect, except for the fact that the IP addresses of users can be leaked, and even through a VPN connection.

  1. DNS Hijacking

It’s fair to say that hijacking domain name system (DNS) servers is one of the most tried-and-true hacking strategies, and interestingly a large portion of that has been made possible by well-intentioned efforts to enact internet censorship. The biggest DNS hijacking operation on the planet is conducted by Chinese telecom regulators through the Great Firewall, put in place with the aim of restricting access to certain websites and internet services.

DNS hijacking encompasses a series of attacks on DNS servers, but arguably the most common one involves taking over a router, server or even an internet connection with the aim of redirecting traffic. By doing so hackers are able to impersonate websites; your intention was to check CBC News, but instead you’ll be directed to a page that may resemble it but actual uses code to steal passwords, compromise your identity, or leave you with malware on your device.

Often times WebRTC and DNS hijacking are working in conjunction with each other: a malware attack known as DNS changer that can be injected into a system by means of JavaScript execution followed by a WebRTC call that you’re unaware of. Done successfully, it can gain your IP address.

Other lesser-known vulnerabilities associated with VPN networks are Public IP address, torrents, and geolocation

How to Test for Leaks

It might be best to cut right to chase here sort of – The easiest way to determine if you’ve got a leak is to visit IPLeak.net, and do it with your VPN turned off. This site is a very nice resource. Once you’ve visited, then leave seat and turn your VPN back on before repeating the test.

Then, you compare results.

The torrents and geolocation tests available are fairly worthwhile themselves, but probably not as much of a factor indicator as the DNS. Navigating the internet is done by your device communicating with DNS servers that translate web URLs into numeric IP addresses. In the bulk of those instances, you’ll have defaulted through your ISP servers, and unfortunately these servers tend to be very leaky on their own to begin with.

Leakage through your local servers can serve up your physical location to those with bad intentions, even with a VPN set up and utilized. VPN services route their customers through servers separate from their ISP in an effort to counter these actions.

Once you determine your data is leaking, what is there you can do to stop it? Read on.

Preventing Leaks and Choosing the Right VPN

A good suggestion is to disable WebRTC in your browser, and doing so even before installing a VPN solution. Some developers have set this to be a default configuration, while most better ones will have this is an enabled option.

Search ‘WebRTC’ in the help file of your browser and you may be able to find instructions on how to modify the flags or .config file. Do so with caution, however, and don’t take actions until you’re 100% certain they’re the correct ones or you may risk creating quite a mess for yourself.

Other good preventative measures include:

  • Going with the servers suggested when configuring your VPN – typically not those of your Internet service provider (ISP) but ones maintained by the VPN provider. Not all of them have them, though
  • Aiming to have a VPN that has upgraded protocols making it compatible with the new IPv6 address naming system. Without one, you’ll have a much greater risk of leaks. If you’re about to move to a VPN, this should be one of your primary determinations
  • Making sure your VPN uses the newest version of the OpenVPN protocol, and especially if you’re on a Windows 10 OS device (it has a very problematic default setting where the fastest DNS servers is chosen automatically. OpenVPN prevents this)

Overall, the security of tunneled connections is going to be compromised big time by a leaky VPN. If the security of your data is a priority for you, then you should be evaluating VPN products, reading their guides and learning about best ways to secure your system against accidental leaks.

Keep in mind as well this isn’t a ‘set it and forget it’ scenario either. You need to check for leakage from time to time to ensure nothing has changed with your system. Last but not least, make sure the VPN you use has a kill-switch feature that will cut off your connection immediately if a data leak is detected.

0