Month: May 2018

Nach einigen Monaten Analyse und Optimierungen zeigt sich, dass der Leistungsverlust durch die Patches gegen Spectre und Meltdown deutlich geringer ausfällt, als anfangs befürchtet. Und den Entwicklern bleibt immer noch Spielraum für Verbesserungen - ein Überblick. Eine Analyse von Sebastian Grüner (Meltdown, Dateisystem)

Die Telekom schaltet in Berlin 5G-Technik in ihrem Netzwerk ein, das bereits mit LTE zusammenarbeitet. Gesendet werde unter realen Bedingungen. (Telekom, Long Term Evolution)

Essen, Schlafen, Arbeiten: Wenn Autofahrer nicht mehr selbst ihr Auto lenken müssen, haben sie Zeit für andere Tätigkeiten. Forscher des Fraunhofer IAO haben Fahrer der fünf wichtigsten Autonationen gefragt, welche Funktionen sie sich in einem autonom fahrenden Auto wünschen und ob sie bereit sind, dafür einen Aufpreis zu bezahlen. (Autonomes Fahren, Studie)

Welche Regelungen gelten nach Inkrafttreten der Datenschutzgrundverordnung? Nach Ansicht der Datenschutzkonferenz sind die bisherigen Bestimmungen für Tracking und Cookies nicht mehr gültig. (EU, Datenschutz)

Schlechte Nachrichten für Intel-Nutzer: Medienberichten zufolge gibt es mindestens acht weitere Spectre-Schwachstellen. Eine davon soll Angriffe über Systemgrenzen hinweg stark vereinfachen und dürfte vor allem bei Cloudanbietern für Probleme sorgen. (Spectre, Intel)

Das erst kürzlich erschienene April 2018 Update bringt in Verbindung mit den Browsern Chrome und Firefox anscheinend das komplette System zum Absturz. Das Problem ist wahrscheinlich eine fehlerhafte Hardwarebeschleunigung. Eine permanente Lösung gibt es noch nicht. (Windows 10, Firefox)

Laut dem Technikchef der Telefónica Deutschland braucht der Netzbetreiber noch fünf Jahre, um all seine Mobilfunkantennen mit Glasfaser anzubinden. Ohne diesen Backbone sei 5G nicht möglich. (Telefónica, Glasfaser)

Sci-Hub is often referred to as the “Pirate Bay of Science”. Like its namesake, it offers masses of unlicensed content for free, mostly against the wishes of copyright holders.

While The Pirate Bay will index almost anything, Sci-Hub is dedicated to distributing tens of millions of academic papers and articles, something which has turned itself into a target for publishing giants like Elsevier.

Sci-Hub and its Kazakhstan-born founder Alexandra Elbakyan have been under sustained attack for several years but more recently have been fending off an unprecedented barrage of legal action initiated by the American Chemical Society (ACS), a leading source of academic publications in the field of chemistry.

After winning a default judgment for $4.8 million in copyright infringement damages last year, ACS was further granted a broad injunction.

It required various third-party services (including domain registries, hosting companies and search engines) to stop facilitating access to the site. This plunged Sci-Hub into a game of domain whac-a-mole, one that continues to this day.

Determined to head Sci-Hub off at the pass, ACS obtained additional authority to tackle the evasive site and any new domains it may register in the future.

While Sci-Hub has been hopping around domains for a while, this week a new development appeared on the horizon. Visitors to some of the site’s domains were greeted with errors indicating that the domains’ security certificates had been revoked.

Tests conducted by TorrentFreak revealed clear revocations on Sci-Hub.hk and Sci-Hub.nz, both of which returned the error ‘NET::ERR_CERT_REVOKED’.

Certificate revoked

These certificates were first issued and then revoked by Comodo CA, the world’s largest certification authority. TF contacted the company who confirmed that it had been forced to take action against Sci-Hub.

“In response to a court order against Sci-Hub, Comodo CA has revoked four certificates for the site,” Jonathan Skinner, Director, Global Channel Programs at Comodo CA informed TorrentFreak.

“By policy Comodo CA obeys court orders and the law to the full extent of its ability.”

Comodo refused to confirm any additional details, including whether these revocations were anything to do with the current ACS injunction. However, Susan R. Morrissey, Assistant Managing Editor at ACS, told TorrentFreak that the revocations were indeed part of ACS’ legal action against Sci-Hub.

“[T]he action is related to our continuing efforts to protect ACS’ intellectual property,” Morrissey confirmed.

Sci-Hub operates multiple domains (an up-to-date list is usually available on Wikipedia) that can be switched at any time. At the time of writing the domain sci-hub.ga currently returns ‘ERR_SSL_VERSION_OR_CIPHER_MISMATCH’ while .CN and .GS variants both have Comodo certificates that expired last year.

When TF first approached Comodo earlier this week, Sci-Hub’s certificates with the company hadn’t been completely wiped out. For example, the domain https://sci-hub.tw operated perfectly, with an active and non-revoked Comodo certificate.

Still in the game…but not for long

By Wednesday, however, the domain was returning the now-familiar “revoked” message.

These domain issues are the latest technical problems to hit Sci-Hub as a result of the ACS injunction. In February, Cloudflare terminated service to several of the site’s domains.

“Cloudflare will terminate your service for the following domains sci-hub.la, sci-hub.tv, and sci-hub.tw by disabling our authoritative DNS in 24 hours,” Cloudflare told Sci-Hub.

While ACS has certainly caused problems for Sci-Hub, the platform is extremely resilient and remains online.

The domains https://sci-hub.is and https://sci-hub.nu are fully operational with certificates issued by Let’s Encrypt, a free and open certificate authority supported by the likes of Mozilla, EFF, Chrome, Private Internet Access, and other prominent tech companies.

It’s unclear whether these certificates will be targeted in the future but Sci-Hub doesn’t appear to be in the mood to back down.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Read 10 remaining paragraphs | Comments

Du kennst dich in IT-Sicherheitsfragen aus und willst viele Leser über Lücken, Hacks und den Schutz davor informieren? Dann bist du hier genau richtig. Golem.de sucht in Berlin eine Vollzeit-Verstärkung für die Redaktion, die das Thema Security betreut. (Golem.de)