Why does Chromecast clobber Wi-Fi connections?





Wi-Fi router vendors have started issuing patches to defend their products against Google Chromecast devices.

TP-Link and Linksys were first out of the blocks with firmware fixes, and TP-Link has posted this explanation of the issue.

The bug is not in the routers, but in Google’s “Cast” feature, used in Chromecast, Google Home, and other devices. Cast sends multicast DNS (MDNS) packets as a keep-alive for connections to products like Google Home, and it seems someone forgot to configure the feature to go quiet when Chromecast devices are sleeping.

That, at least, is how Vulture South reads the issue that TP-Link’s engineer described:

“These packets normally sent in a 20-second interval. However, we have discovered that the devices will sometimes broadcast a large amount of these packets at a very high speed in a short amount of time. This occurs when the device is awakened from the ‘sleep mode’, and could exceed more than 100,000 packets in a short amount of time.”

It continues: “The longer your device is in ‘sleep’, the larger this packet burst will be.”

If left alone long enough, TP-Link warned, the burst will fill up the router’s memory and leave a reboot the only option to restore connectivity.

As a poster to this Reddit thread noted, MDNS uses UDP – and UDP doesn’t have congestion control.

Linksys posted its firmware update here, while Netgear acknowledged the issue and put up a beta firmware release here.

ASUS users may also affected.

It should be noted that the router vendors’ fixes are mitigations while the world waits for Google to patch Cast. ®

By Richard Chirgwin 

Cyber risk is a business risk

 In the latest Modern Workplace episode, “Cyber Intelligence—The Human Element,” we look at how organizations not only need to look at their systems but also have to address the security threats that stem from the behavior of their own employees, who oftentimes are the source of cyber-attacks. Phil Ferraro, CISO of Nielson, explains how security is not a responsibility to be merely delegated to IT and how failures in security have a direct impact on the business.

In the past, organizations typically focused on ensuring their networks were secure. But today, so many attacks are a result of employee actions, taking advantage of human behavior because employees provide easier entry points for malicious attacks. For example, spear phishing emails are commonplace and becoming more sophisticated.

Ferraro and Dr. Jessica Barker, cyber intelligence advisor, give actionable recommendations on how to educate your employees to help prevent cyber-attacks. You’ll also see a demo of how Office 365 Advanced Threat Protectionhelps ensure that the links and attachments that employees open are safe. The Microsoft solution has been brilliantly designed to optimize security without the expense of decreased productivity.

Watch the Modern Workplace episode to learn more. And visit Modern Workplace to watch part one of the security series: “Cyber Intelligence: Help Prevent a Breach.”

A matter of productivity

 Top global law firm Eversheds Sutherland is using cloud-based DM that integrates transparently with their familiar Outlook environment to improve matter management operations and make fee-earners more productive

Eversheds Sutherland is one of the world’s leading international law firms. It brings together 2,300 legal professionals to provide legal services coordinated from 61 offices in 29 countries.

Continue reading

Cruise firm Carnival deploys Filestream EDMS

 Carnival UK has selected Filestream’s electronic document management software (EDMS) to manage all seafarer employment agreements (SEAs) for crew working on its two famous cruise brands – Cunard Line and P&O Cruises.

Lynn Cossey, Carnival UK’s senior manager of vetting and compliance, says, “In terms of the on-boarding function, it’s a legal requirement to have accurate and signed contracts for all our seafarers when they join a ship and for the duration of their employment. Filestream allows us to store all this information centrally so it’s available both at sea and onshore.”

Continue reading

US Government Bans Kaspersky Lab Products

 The US Department of Homeland Security (DHS) has taken the unusual step of banning the use of all products and services from Russian AV vendor Kaspersky Lab within federal government agencies, citing fears over alleged ties the company has with the Russian state.

Acting secretary of homeland security, Elaine Duke, issued a Binding Operational Directive(BOD) on Wednesday which mandates that all civilian agencies identify and remove all Kaspersky Lab products within 90 days.

Continue reading

Phishers Spread Malicious Links Via Hacked LinkedIn Accounts

Researchers are warning of a new phishing campaign using hijacked LinkedIn accounts to send malicious links in private messages and InMail.

Jérôme Segura, lead malware intelligence analyst at Malwarebytes, made the discovery, revealing that the fraudulent messages sometimes come from hacked Premium accounts.

“The fraudulent message includes a reference to a shared document and a link that redirects to a phishing site for Gmail and other email providers which require potential victims to log in,” he explained.  Continue reading

UK data protection laws to be overhauled

Britons could obtain more control over what happens to personal information under proposals outlined by the government.

Citizens will be able to ask for personal data, or information posted when they were children, to be deleted.

Firms that flout the law will face bigger fines, levied by the UK’s data protection watchdog.

Continue reading

Microsoft finally starts doing something with LinkedIn by integrating it into Office 365

 Last year, Microsoft bought LinkedIn for $26.2 billion, but even though the acquisition has long closed, Microsoft hasn’t yet done much with all of the data it gets from the social network. At its Ignite conference in Orlando, Florida, the company announced some first steps in integrating LinkedIn’s social graph with its Office products.

Now don’t get too excited yet. What we’re talking about here is the integration of LinkedIn data with Office 365 profile cards. So assuming you don’t know much about your professional contacts and colleagues yet, you can now see more information about them right in Office 365 without having to go to their LinkedIn profiles (and potentially showing up as that one person who looked at their LinkedIn profile that week, which will surely trigger yet another LinkedIn email for them). Continue reading

Filestream’s EDMS Enhances Administrative Efficiency at the University of Hull

Filestream announces that the University of Hull has selected its electronic document management software (EDMS) to efficiently and securely manage the vast amount of administrative paperwork generated from the running of a large educational institution.
Founded in 1927 & located on a 52.7 hectare main campus site, the University of Hull has an annual budget of £190 million and is home to 20,000 students and 2,500 staff.

Continue reading