STE WILLIAMS

Tor usage doubles in August. New privacy-seeking users or botnet?

The anonymising service Tor has seen a huge surge in use this month with the number of daily directly connecting users shooting up from a fairly consistent average of 550,000 over the last year to over 1,200,000 in August.

Directly connecting users year

The number beats the network’s previous peak in January 2012 by a long way, when it recorded around 975,000 daily users.

With privacy concerns growing in the US and UK, the Register reports that at the start of August around 90,000 Americans and 16,000 from the UK were connecting to Tor daily, but that the figure has now grown to around 150,000 daily users in the US and 35,000 in the UK.

India too saw a large increase in Tor usage as the average number of daily users leapt from 7,500 to 32,000 and China registered around 400 Tor users – significant given the country’s internet controls via what’s often referred to as the ‘Great Firewall of China’.

Even Tor’s Roger Dingledine is not sure what’s going on.

Dingledine said “It’s easy to speculate” as to what could be behind this surge in usage of Tor which anonymises internet traffic through a complicated network of connections and redistribution points around the world.

Recent revelations from Edward Snowden about the NSA’s PRISM program being used to track global internet activity is an obvious starting point when looking for causes.

TorOther significant events that may have led to an increase in Tor usage during August include the sudden and voluntary closing of secure email providers Lavabit, used by Snowden, and Silent Circle on 8 August.

Lavabit owner Ladar Levison closed his service down, saying that a government investigation would force him to “become complicit in crimes against the American people.”

In an interview with The Guardian Levison said, “We are entering a time of state-sponsored intrusion into our privacy that we haven’t seen since the McCarthy era. And it’s on a much broader scale.”

Then, on 10 August, the Pirate Bay file-sharing site released Pirate Browser – a web browser that uses Tor to aid users in circumventing government censorship of specific sites such as torrent networks and other file-sharing sites. (Note: readers concerned with their privacy and considering the Pirate Browser should understand that, unlike Tor, it does not anonymise its users.)

Later in the month the partner of Glenn Greenwald, the journalist who has broken a series of stories about Edward Snowden, was detained for nine hours at Heathrow airport. The upturn in Tor usage can be clearly seen a couple of days after David Miranda’s arrest on 18 August.

But there is something a bit odd about all of this. The chart is actually remarkable for how much it doesn’t change throughout these seismic events.

Usage is determinedly unchanging despite a multitude of reasons for it to increase and then suddenly, inexplicably, it doubles from a year-long plateau in the space of a week.

Directly connecting users AugustThe folk on the tor-talk mailing list are suspicious too. The last exchange on the subject reflects a feeling among some that the growth is unnatural:

grarpamp: Too big a double in under a week for me to believe it’s natural growth … I’d guess it got included in some app. A botnet fits perfect … Or its some sort of analysis/attack/flood against the dirs.

Paul Syverson: Or somebody’s research experiment gone awry, or behaving predictably but that they didn’t think a concern worth mentioning, or…

Malicious stuff happens, but most of the time these things are incompetence or similar rather than malicious intent.

Whether it’s a botnet, a research experiment or something else altogether, the jury is out on the cause of the increase in Tor usage.

What’s your theory? Let us know in the comments below.


Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/XoKZsXoK_uw/

Apple neglects OS X privilege escalation bug for six months, gets Metasploit on its case…

Six months ago, we wrote about a risky bug in the sudo command, the Unix equivalent of Run As… on Windows.

You use sudo to run an operating system command as a different user, usually root, the all-powerful Unix administrator account.

This means that bugs in sudo are not to be sniffed at, and we were happy, back in March, to be able to praise the curators of the Sudo project for their rapid response.

The bug revisited

Our comprehensive analysis of the bug, and why the sort of programming that caused it (in-band signalling) is probably best avoided, can be summarised as follows:

  • When you first use sudo, it creates a directory called /var/db/sudo/username to record when you last ran it.
  • If you run sudo again within five minutes of the timestamp on /var/db/sudo/username, by default sudo doesn’t ask for your password, as a convenience.
  • If you run sudo -k , it sets the timestamp back to 01 January 1970, which forces sudo to ask you for a password next time, no matter how soon you run it.

You may wonder why sudo -k resets the timestamp to 01 January 1970 (the earliest date Unix cares about, represented as zero in numeric terms), rather than simply deleting the /var/db/sudo/username directory altogether, which would be a simpler and safer approach.

The reason is that if you have never run sudo before, it doesn’t just ask for your password, but gives you a little “pep talk for newbies” first.

On OS X, it’s terribly businesslike, and looks something like this:

Linux is a bit more community oriented, and wanders into social ethics:

Without the file /var/db/sudo/username, you get the pep talk every time.

Apparently, being confronted with a helpful warning when you are no longer a newbie is considered infra dignitatem, so anyone who deliberately gives up their five-minute sudo privilege window with the -k option is treated with kid gloves.

Thus the special meaning of 01 January 1970: it suppresses the mini-lecture, but still asks for your password.

Anyway, the risky bug, which existed until February 2013, was that if the clock ever actually did get set to 01 January 1970, anyone who had run sudo before would seem to have run it within the last five minutes.

As a result, they could run anything they wanted as root without entering a password.

A risky vulnerability indeed.

Six months on

If you’re an Apple OS X user:

  • Apple still hasn’t updated the version of sudo that is part of OS X.
  • The time and date can easily be changed on OS X, without entering an administrative password, using the systemsetup utility.
  • A module has recently been published for the do-it-yourself break-and-enter toolkit Metasploit to exploit these holes.

That’s a bad combination.

What can you do about it?

• Deauthenticate yourself with sudo -K rather than sudo -k.

Instead of setting your timestamp to the special value of 01 January 1970, this option removes the timestamp directory altogether, as if you had never run sudo before.

Next time you run sudo you’ll get the mini-lecture and be asked for your password.

Even if the 01 January 1970 bug isn’t patched, it can’t be exploited if the /var/db/sudo/username file doesn’t exist.

• Consider setting the timestamp_timeout value to zero in the sudo configuration file.

This means that there is no convenience period within which you can run sudo again without being asked for a password.

You will require a password every time.

• Reduce the number of users in the OS X admin group.

If you aren’t in admin then you aren’t allowed to use sudo, which reduces the overall attack surface area.

You can see the group members with the command:

duck@ret:~$ dseditgroup -o read admin
. . . 
dsAttrTypeStandard:GroupMembership -
                root
		duck
                another

You can remove unwanted users (but don’t delete yourself if you are the administrator!) like this:

duck@ret:~$ sudo dseditgroup -o edit -d another admin

• Consider installing the Macports version of sudo.

Macports is not an undertaking to be entered into lightly, but it does give your OS X computer access to a huge range of handy open source goodies that you’ll wonder how you ever managed without.

The Macports version of sudo isn’t bang up to date, but it is patched against the 01 January 1970 flaw.

How can you tell if you’re OK?

Run the command sudo -V to show you the version string.

You should have 1.7.10p7or later, if your version string starts with 1.7; or 1.8.6p7 or later if you’re on 1.8.

Should you say something to Apple?

Why on earth not?

You’re probably surprised to learn that the same company that excels at bringing completely new and funky products to market in just a couple of years can’t update within six months an open source tool that it chose to include with its operating system.

So, why not mention that to Apple?

Image of bullet through apple courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/vnU6BI84ZMA/

New York Times, Twitter domain hijackers ‘came in through front door’

Win a Samsung 40-inch LED HDTV with The Reg and HP!

Updated Hacktivist collective the Syrian Electronic Army (SEA) – or someone using its name – has claimed responsibility for hijacking the Twitter.co.uk, NYTimes.com and HuffingtonPost.co.uk web addresses.

At the time of writing, many of the domain names the SEA claimed to have seized were back under their owners’ control. In some cases, only the contact details for the domains were altered.

However, the records for nytimes.com and Twitter.co.uk pointed to addresses of nameservers operated by the SEA: effectively allowing the miscreants to redirect tweeters and NYT online readers to any site of the hackers’ choosing.

The internet’s domain name system (DNS) works by converting human-readable addresses, such as www.theregister.co.uk, into network IP addresses that computers use to talk to each other. By altering the DNS records, attackers can cause havoc by ushering potentially sensitive web traffic to malicious systems (which is why using HTTPS is important).

Below are the hijacked DNS records for nytimes.com and twitter.co.uk last night:

NY Times domain record

Twitter domain record

The attack actually hit an Australian domain registrar of which both Twitter and the Times were clients: Melbourne IT.

The New York Times attributed an outage last night to malicious activity; its workaround made it clear that a domain redirect was the problem since it pointed readers at its IP address to get directly to its site, sidestepping the domain-name system.

Syrian Electronic Army threat tweet

Twitter users were quick to blame the problems to domain-name registrar MelbourneIT, which is common to many of the hijacked domains. HD Moore of Metasploit Framework fame told Mashable that “if the attackers have found a weakness in the MelbourneIT system”, then other domains would also be at risk.

The New York Times also attributed the attack to MelbourneIT:

“The New York Times website was unavailable to readers on Tuesday afternoon following an attack on the company’s domain name registrar, Melbourne IT. The attack also required employees of The Times to stop sending out sensitive emails”, it has told employees.

The Register has tried to contact MelbourneIT, so far without success. ®

Updated to add

While MelbourneIT has yet to return calls from Vulture South, it has apparently told Business Insider a reseller was responsible for the hijack blunder.

Theo Hnarakis, chief executive of the web hosting biz, told Australian Broadcasting Corp radio today that hackers had modified the New York Times‘ domain using a partner’s username and password.

“They came in through the front door,” AP reported Hnarakis as saying. “If you’ve got a valid user name and password … the assumption from our systems is that you are the authorised owner and user of that domain name.”

Its statement is below.

The credentials of a Melbourne IT reseller (username and password) were used to access a reseller account on Melbourne IT’s systems.

The DNS records of several domain names on that reseller account were changed – including nytimes.com.

Once Melbourne IT was notified, we:

  • changed the affected DNS records back to their previous values
  • locked the affected records from any further changes at the .com domain name registry
  • changed the reseller credentials so no further changes can be made

We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies.

We will also review additional layers of security that we can add to our reseller accounts.

For mission critical names we recommend that domain name owners take advantage of additional registry lock features available from domain name registries including .com – some of the domain names targeted on the reseller account had these lock features active and were thus not affected.

The Register will post further updates as required. There are more technical details about last night’s DNS hijack over on the CloudFlare blog. ®

Win a top of the range HP Spectre laptop

IBM lands spook data-sharing standard at Oz airports

Win a Samsung 40-inch LED HDTV with The Reg and HP!

The Australian Customs and Border Protection Service (ACBPS) has gone live with IBM-delivered passenger analytics which it says will help identify risky passengers before they enter Australia.

In a rather coy canned statement, Big Blue says the system will check Passenger Name Records (PNRs) against “other relevant material” to provide an on-the-spot risk assessment of individual arrivals. With around 30 million airline passenger arrivals annually, speeding up arrival assessments is a priority for the ACBPS.

“The solution eliminates the manual and time consuming process of pulling data from multiple host systems on an “as required” basis. Now ACBPS officials receive real-time data for all departures and arrivals, allowing them to more quickly and accurately zero in on potentially high risk passengers”, IBM claims.

The new system also brings ACBPS in line with the new global PNRGOV standard, used as the basis of information sharing between governments and airlines. While PNRGOV is a global standard, Australia is only the second country behind Canada to get its implementation live.

IBM emphasises that the system is compliant with Australia’s Privacy Act, as well as the Customs Act and “provisions of the European Union-Australia PNR Agreement”. ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/08/28/ibm_gives_oz_customs_real_time_passenger_checks/

Supercomputer hacker coughs to flogging DoE logins to FBI agent

Win a Samsung 40-inch LED HDTV with The Reg and HP!

The US hacker caught after trying to sell Department of Energy supercomputer logins to an undercover FBI agent has pleaded guilty in a deal that could see him go to jail for up to 18 months.

The 24-year-old hacker, Pennsylvania man Andrew James Miller, pleaded guilty to charges of conspiracy and computer fraud to cut his potential sentence down from 15 years in prison.


According to court filings, Miller said he had accessed a number of corporate and government systems, including ones at American Express and Google, by hacking employee computers and stealing their logins.

He started out peddling lists of usernames and passwords to the undercover agent for payments of between $500 and $1,000 and then tried to get $50,000 for access to a supercomputer at the DoE’s National Energy Research Scientific Computing Centre, according to court transcripts.

Miller, whose handle was “Green”, was part of the hacker group Underground Intelligence Agency (UIA). According to the unsealed indictment, he was set up with the undercover Fed after the FBI turned fellow member Robert “Intel” Burns into a witness in 2010.

Following his jail time, Miller will be on supervised release for three years and is also required to pay a fine and restitution to victims, which has yet to be calculated by the court. His sentencing is scheduled for 19 November. ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/08/28/hacker_plea_deal/

Tor usage up by more than 100% in August

Win a Samsung 40-inch LED HDTV with The Reg and HP!

The privacy-enhancing Tor network has seen its total number of users per day more than double in the last month, reaching the highest levels since the project first began compiling usage statistics.

Graph of Tor users for August 2013

Tor traffic was up all over the globe in August 2013 – and we do mean up (Source: Tor Project)


The network, which anonymizes internet traffic by routing it through a series of encrypted relays, had been humming along with an average base of around 500,000 directly connected users for most of the year.

But that started to change around mid-August, and the results were both sudden and dramatic. As of Wednesday, the Tor network was seeing more than 1,200,000 users connecting daily, a figure that topped the previous record of around 950,000 global daily users in January 2012.

The reasons for the usage spike are not clear, but you can pretty much take your pick. The figures come on the heels of a seemingly never-ending series of revelations about security agencies in the US and UK and their roles in spying on internet traffic, both at home and abroad.

In early August, Lavabit and Silent Circle both shut down their secure email services, citing government pressure and the difficulty involved in plugging all the leaks inherent in the internet email protocols.

Then, as the month rolled on, the US National Security Agency’s surveillance activities were revealed to have far surpassed the agency’s mandate to keep an eye on foreign agitators. We learned that NSA agents secretly yet routinely shared intelligence with the Drug Enforcement Administration, spied on thousands of US citizens who had no relationship to ongoing terror investigations, and even allegedly bugged the United Nations.

Across the pond, Blighty’s Government Communications Headquarters stormed the offices of The Guardian newspaper and smashed some of its computer equipment in an apparent attempt to intimidate it into not reporting on the GCHQ’s surveillance activities at home.

Sure enough, Tor users in the US and the UK made up a large portion of the total in August. Around 90,000 Americans were connecting to Tor daily at the start of the month, but that figure grew to around 150,000 daily users by the end. UK daily users grew from around 16,000 to more than 35,000.

But other countries saw similar increases, too. India’s Tor usage skyrocketed from just 7,500 daily users to over 32,000. In Brazil, usage climbed from around 15,000 to more than 85,000 users. Even China’s Tor usage was on the rise – though, given the PRC government’s tight control over internet access, there remain fewer than 400 confirmed Chinese Tor users per day, on average.

Mind you, there have been similar spikes in Tor usage before, and they have generally been short lived. It’s entirely possible that this latest increase may have nothing to do with public concern over domestic spying, but stems from some other cause.

For example, in early August the Tor Project admitted that the network had come under attack by a previously unknown malware exploit. A similar assault could potentially be possible for late August’s sudden surge in Tor usage.

The Reg will keep you posted if we learn anything new. But whatever the cause, as the Tor Project’s Roger Dingledine observed on Tuesday, “It’s not just a fluke in the metrics data – it appears that there really are twice as many Tor clients running as before.”

“Anybody know details?” Dingledine wrote. “It’s easy to speculate … but some good solid facts would sure be useful.” Indeed. ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/08/29/tor_usage_up_by_more_than_100_in_august/

Python regurgitates Dropbox secrets to boffins

Win a Samsung 40-inch LED HDTV with The Reg and HP!

A couple of security researchers have set spines shivering in the cloud world by demonstrating that Dropbox’s obfuscated code can be reverse-engineered, along the way capturing SSL data from the service’s cloud and bypassing the two-factor authentication used to secure user data.

However, as is clear from the Usenix research paper and has been confirmed by Dropbox, their work doesn’t create a generic attack vector. The attacks only work if the attacker already has unfettered access to the target machine.


As Dropbox puts it: “In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.” (More on this in a minute.)

Perhaps the most interesting aspect of the work by Openwall’s Dhiro Kholia and CodePainters’ Przemyslaw Wegrzyn is that they were able to reverse-engineer the heavily protected Dropbox Python code.

“Our work reveals the internal API used by Dropbox client and makes it straightforward to write a portable open-source Dropbox client,” they write. As a result, they say, it should be possible for researchers to subject Dropbox to more rigorous security analysis.

The researchers also observe that Dropbox’s two-factor authentication, used for accessing its Website, is not supported in the client software. “This implies that it is sufficient to have only the host_id value to gain access to the target’s data stored in Dropbox.”

However, the host_id value is stored on the local machine in an encrypted SQLite database – meaning it can only be recovered by someone with access to that machine. ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/08/28/python_regurgitates_dropbox_secrets_to_boffins/

Quantum crypto nearly ready to go mobile

Win a Samsung 40-inch LED HDTV with The Reg and HP!

While the world is still waiting for a full-blown quantum communications setup, quantum key distribution – QKD – is already a contested product market. Now, an international collaboration has shown that QKD can be brought to the smartphone.

The project, carried out by the University of Bristol, Cambridge, Griffith University in Queensland and , Xi’an Jiaotong University in China, has published a paper on Arxiv outlining its work.


The researchers have, essentially, split the QKD problem into a client-server architecture, allowing most of the “heavy lifting” to be carried out server-side so that a resource-constrained client like a smartphone. It wouldn’t work on any of today’s smartphones, since there’s still one somewhat exotic component needed at the client end, an on-chip polarisation rotator.

And the client device wouldn’t be able to use QKD over the air, since it would need to tether to a fibre to receive the quanta from the far end.

Whereas most QKD kit on the market today has quantum optics equipment at both ends, the scheme proposed in the Arxiv paper would do most of the quantum work at one end only. “Alice” creates the photons and sends them down the fibre to “Bob”, who only needs the capability to change the photons’ polarisation and send them back.

The protocol devised to make this work is called rfiQKD, “reference frame independent quantum key distribution”, and it works without needing to align Alice and Bob’s equipment. As it’s described at MIT’s Arxiv Blog:

“Instead Alice and Bob make measurements in random directions and then publish the list of directions for anyone to see. Only those measurements that happened to be aligned contribute to the code.”

As the researchers note in their paper, “the results significantly broaden the operating potential for QKD outside of the laboratory and pave the way for quantum enhanced security for the general public with handheld mobile devices.”

And before readers poke fun at the idea of a smartphone containing quantum polarisers on-board, think of this: how many of us carried around accelerometers ten years ago? ®

Win a top of the range HP Spectre laptop

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/08/29/quantum_crypto_nearly_ready_to_go_mobile/

Centrify Delivers Unified Identity Solution For Workplace Mac Users And Their Mobile Devices

SUNNYVALE, Calif. — Aug. 27, 2013 — Centrify Corporation, the leader in Unified Identity Services across data center, cloud and mobile, today announced the availability of the Centrify User Suite, Mac Edition — the industry’s first solution to provide robust Active Directory-based authentication, policy management, single sign-on (SSO) and user self-service for connected and remote Mac OS X systems. With Centrify User Suite, Mac Edition (“Centrify for Mac”), on-premise and remote Macs and mobile devices are seamlessly integrated into Microsoft Active Directory (AD), leveraging organizations’ existing AD infrastructures, processes and skill sets to deliver enhanced security and easy management for IT, and simplified, secure access for Mac users at work.

Centrify is adding significant capabilities to Centrify for Mac. As a complement to its historic agent-based approach for providing Active Directory-based authentication and Group Policy management, Centrify has now added a cloud-based option for managing Macs. By extending the Centrify Cloud Service to manage remote Macs and providing administrators and users with self-service capabilities such as remote lock and remote wipe of a Mac, IT staff for the first time have the flexibility to use a single solution to manage Macs using a combination of both on-premise software and/or a cloud-based offering.

Also, Centrify is combining its Centrify for Mobile offering as part of the Centrify for Mac solution to deliver a new combined solution based on a per-user subscription pricing, allowing IT staff to manage their employees’ multiple devices — including Macs, iOS and Android devices — under an economical single per-user license, making Centrify unique in the market. In addition, data on Mac systems is now secured through centrally managed File Vault 2 full-disk encryption security policies and institution encryption keys to ensure protection of data at rest on these highly portable systems.

“With more than 10,000 students, faculty and staff across 23 facilities, we had to standardize on a unified identity approach for authentication and access rights that would enhance our security for all our public records and to ensure confidentiality for our user base,” said Cory Gearhart, executive director of Information Technology at Grand Island Public Schools. “Centrify was the unique vendor that was able to meet our IT needs for centralized access management of our Mac environment while also satisfying our users by providing a single set of login credentials for any computer or device to access a range of new applications and educational resources.”

“The Bring Your Own” trend involving Macs, mobile devices and new mobile applications means that IT organizations increasingly don’t own the endpoint devices or back-end application resources on their networks. At the same time, end users are increasingly challenged to deal with the password sprawl associated with the on-premise and cloud-based services they need to access in order to perform their jobs. Centrify provides a unified approach to managing an employee’s digital identity that spans their applications, Macs and mobile devices, providing the visibility and control required for IT organizations to achieve compliance, reduce costs and mitigate risks, while also increasing productivity and securing access for their user centric, mobile workforce.

One Directory to Manage “Bring Your Own Mac” and BYOD Environments

In many organizations, Macs are becoming more prevalent and disconnected from the corporate network, requiring a hybrid on-premise and cloud-based approach to comprehensively manage authentication, configure security policies, and enable user self-service features regardless of device location. At the same time, Apple is increasingly enabling Bring Your Own Mac with remote management and policy configuration for Macs based on technology similar to how Apple iPhones and iPads are managed today.

Centrify for Mac provides organizations with centralized administration, strengthened security, and simplified user experience through SSO across their users’ multiple mobile (iOS and Android) and computing devices. New capabilities in the solution include:

• Optional Enrollment of Macs in the Centrify Cloud Service Platform — for management of disconnected or remote Macs, user self-service, and support for new OS X Profiles being introduced by Apple. This allows IT administrators to extend self-service features to remote users, such as data protection via remote wipe or lock of stolen or misplaced Macs, and enables IT to apply new MDM profiles for Macs and mobile devices for auto configuration of VPN and Wi-Fi, including automated PKI certificate management for strong authentication.

• Integrated BYOD and Mac Offering — Centrify is combining its Mac management with its Centrify for Mobile offering to deliver a new combined solution based on a more economical per-user subscription pricing. Centrify’s pricing has changed from a per-device, perpetual license to a per-user subscription model, with support for up to five devices, in order to support users’ increasing use of Macs, smartphones and tablets as a natural extension of their work environment. Ideal for “Bring Your Own Mac” and BYOD environments, organizations get more functionality with support for a greater number of devices at a more economical price.

• Enhanced Mac Security Management Features — Centrify has added File Vault 2 full-disk encryption security policies. And as part of its smart card support for the Mac platform, Centrify has also added smart card name mapping, also known as the Alternate Identity Smart. Centrify for Mac ensures trusted security functions with FIPS-certified cryptographic services to meet the highest levels of security requirements, and supports Mac smart cards including Common Access Card (CAC) and (Personal Identity Verification) PIV.

• Enhanced Mobile Features — New Apple iOS features include support for volume purchase programs and MyCentrify app optimized for iPads. New Android features include support for more than one hundred security policies for Samsung SAFE devices for controlling passwords, Exchange email, Wi-Fi, Bluetooth, firewall settings, roaming policies and much more.

“Increasingly we find that knowledge workers and other end users have anywhere from two to four computing devices each as users continue to work while they are mobile,” said David McNeely, Centrify senior director of product management. “With Centrify, organizations can easily secure and manage access and authentication for all the devices users need. The bottom line is that users get single sign-on from any device to any app to help them be more productive at work, while enterprise IT centrally manages and secures all applications and devices these users need for their work.”

Pricing and Availability

The new Centrify User Suite, Mac Edition is available today from Centrify and authorized partners worldwide. Pricing is $48 per user/year for up to five devices (any combination of Mac and/or Mobile devices per user) and includes standard support. Centrify User Suite, Premium Edition is also available and combines Centrify for SaaS with Centrify for Mac to provide users with single sign-on to an unlimited number of web and SaaS applications, as well as Mac and mobile management, and is priced at $72 per user/year for use on up to five devices and unlimited SaaS apps. To learn more, or to obtain a free trial, visit http://www.centrify.com/mac.

About Centrify

Centrify provides Unified Identity Services across the data center, cloud and mobile that results in one single login for users and one unified identity infrastructure for IT. Centrify’s solutions reduce costs and increase agility and security by leveraging an organization’s existing identity infrastructure to enable centralized authentication, access control, privilege management, policy enforcement and compliance. Centrify customers typically reduce their costs associated with identity lifecycle management and compliance by more than 50%. With more than 5,000 customers worldwide, including 40% of the Fortune 50 and more than 60 Federal agencies, Centrify is deployed on more than one million server, application and mobile device resources on-premise and in the cloud. For more information about Centrify and its solutions, call (408) 542-7500, or visit http://www.centrify.com/.

Article source: http://www.darkreading.com/end-user/centrify-delivers-unified-identity-solut/240160477

Bloxx Announces Secure Sockets Layer Intercept (SSLI) Software Development Kit For Security Solution Providers

Boston, Mass., (August 27, 2013) – With an increasing level of Web traffic rapidly moving to the encrypted Hypertext Transfer Protocol Secure (HTTPS) protocol, Bloxx is now offering its Secure Sockets Layer Intercept (SSLI) Software Development Kit (SDK) for security solution providers and security application developers seeking to add SSL traffic intercept capabilities to their Web content filtering, firewall or Unified Threat Management (UTM) solutions.

Using the Bloxx SSLI SDK, developers can quickly and easily create a robust SSL content proxy application that intercepts and decrypts SSL traffic, so they can offer new solutions to customers that effectively address the increased content and security risks from HTTPS Web traffic.

“Intercepting SSL is complex and development time can be extensive. The Bloxx SSLI SDK, which has already been proven in our own products, will minimize development complexity and costs and reduce the time to market for security vendors,” says Charles Sweeney, CEO of Bloxx a leader in Web content filtering and email security.

One of the typical applications solution providers can create using the Bloxx SSLI SDK is a SSL content proxy for integration with a Web content filter or Secure Web Gateway. Bloxx SSLI intercepts and decrypts the SSL traffic which can then be passed to content analysis or malware detection engines for inspection. This enables solutions that allow managed access to Web sites that use SSL by examining the content on the page while also helping to protect an organization’s network and end point devices from HTTPS security threats.

Availability and Pricing

Available now, the price for the Bloxx SSLI Software Development Kit is based on individual licensing terms.

# # #

About Bloxx

Headquartered in Boston, Bloxx Inc. offers Web and email filtering and security for medium and large organizations in both the business and public sectors. Bloxx has achieved unrivalled sales growth year-on-year to become a leading Web filtering provider with an estimated 5 million+ users worldwide. To find out more about Bloxx Web filtering, call 617-924-1500, email [email protected] or visit www.bloxx.com to book an online demonstration.

Article source: http://www.darkreading.com/privacy/bloxx-announces-secure-sockets-layer-int/240160498